Support Questions

Find answers, ask questions, and share your expertise

User authentication without LDAP or Kerberos

avatar
Expert Contributor

Hello,

Is there a way to setup NiFi (HDF 0.x) to do user authentication through a local authentication? In the documentation the only examples that can be provided for the property:

nifi.security.user.login.identity.provider are ldap-provider and kerberos (both are not configured atm)

1 ACCEPTED SOLUTION

avatar
Master Guru

There is no local authentication. NiFi provides authentication with 2-way SSL (certificates), Kerberos, or LDAP.

You can also implement your own identity provider to authenticate users however you like:

https://github.com/apache/nifi/blob/d1129706e235548daaf4eecf7001b244300761e9/nifi-framework-api/src/...

You would create a NAR with your implementation and put it in NiFI lib.

View solution in original post

3 REPLIES 3

avatar
Master Guru

There is no local authentication. NiFi provides authentication with 2-way SSL (certificates), Kerberos, or LDAP.

You can also implement your own identity provider to authenticate users however you like:

https://github.com/apache/nifi/blob/d1129706e235548daaf4eecf7001b244300761e9/nifi-framework-api/src/...

You would create a NAR with your implementation and put it in NiFI lib.

avatar
Expert Contributor

Great, thanks for the quick response

avatar
Rising Star

What do you mean by local authentication? Using Kerberos authentication, Apache NiFi supports using a local ticket via SPNEGO.

Apache NiFi 0.x (which maps to HDF 1.x) supports authentication using client certificates, LDAP, and Kerberos. This also applies to Apache NiFi 1.x.