Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

how to integrate NIFI and LDAP?

how to integrate NIFI and LDAP?

kindly provide me the steps for nifi and ldap integration.

11 REPLIES 11
Highlighted

Re: how to integrate NIFI and LDAP?

Highlighted

Re: how to integrate NIFI and LDAP?

Hi @pierre Bullard,

I tried to integrate LDAP and nifi but I'm facing issue so that's why I posted. Thanks for ur update.

Highlighted

Re: how to integrate NIFI and LDAP?

Expert Contributor

@kishore sanchina - how did you download nifi? did you download from apache website? -- the ranger integration of nifi is available as part of HDF.. you can download HDF from http://hortonworks.com/downloads/#dataflow

Highlighted

Re: how to integrate NIFI and LDAP?

@hduraiswamy i downloaded HDF form hortonworks portal and installed successfully. for nifi and ldap integration what are the config files i want to modify/change.

Highlighted

Re: how to integrate NIFI and LDAP?

Master Guru

@kishore sanchina

If you installed NIFi via HDF Ambari, you will want to edit the ldap-provider settings in in the following section:

12404-screen-shot-2017-02-13-at-80113-am.png

Of course you will need to obtain the proper values for your particular LDAP installation.

**** Make sure you remove the two comment lines that wrap this ldap-provider section.

You will also need to set the nifi.security.user.login.identity.provider to "ldap-provider" to match the provider name above:

12405-screen-shot-2017-02-13-at-80447-am.png

------------

If you are not using Ambari do install your NiFi, the same configurations needed to be done, but will be performed by manually editing the following files:

1. login-identity-providers.xml

2. nifi.properties

------------

Documentation on NIFi LDAP configuration can be found in the NiFi admin guide also:

http://docs.hortonworks.com/HDPDocuments/HDF2/HDF-2.1.1/bk_dataflow-administration/content/lightweig...

-------------

A restart of your NiFi will need to occur before these changes will take affect.

Also keep in mind that this does not disable the default user certificate authentication method. Users will only see the login screen if they do not present a user certificate.

------------

Thanks,

Matt

Highlighted

Re: how to integrate NIFI and LDAP?

Contributor

@Matt Clarke

I did perform the steps as mentioned above but nifi login did not prompt for any password and direct login is observed.

May I know what do you mean by:

"Also keep in mind that this does not disable the default user certificate authentication method. Users will only see the login screen if they do not present a user certificate."

I believe I am not providing any user certificate and I am logging in to nifi using URL:

http://xx.yy.xx.yy:8086/nifi/

In our case 8086 is the used port.

Highlighted

Re: how to integrate NIFI and LDAP?

Master Guru
@Sriram

The URL you just shared is http. NiFi must be secured over https before any user authentication can be enabled. You can not perform user authentication over http.

-

Thank you,

Matt

Highlighted

Re: how to integrate NIFI and LDAP?

New Contributor

I do not understand why this is so. I also want to add LDAP authentication to my NiFi setup but everything is behind a proxy that's in charge of encryption. The proxy decrypts all the information and sends it as an HTTP request to NiFi. Does this mean that I cannot use LDAP until I can defer the encryption onto the NiFi service?

Highlighted

Re: how to integrate NIFI and LDAP?

Master Guru

@bilbolord2001 

 

You are correct, NiFi will not support any form of user/client authentication and authorization until NiFi itself has been secured.

 

Matt

Don't have an account?
Coming from Hortonworks? Activate your account here