Support Questions
Find answers, ask questions, and share your expertise

how to integrate NIFI and LDAP?

how to integrate NIFI and LDAP?

kindly provide me the steps for nifi and ldap integration.

11 REPLIES 11

Re: how to integrate NIFI and LDAP?

Re: how to integrate NIFI and LDAP?

Hi @pierre Bullard,

I tried to integrate LDAP and nifi but I'm facing issue so that's why I posted. Thanks for ur update.

Re: how to integrate NIFI and LDAP?

Expert Contributor

@kishore sanchina - how did you download nifi? did you download from apache website? -- the ranger integration of nifi is available as part of HDF.. you can download HDF from http://hortonworks.com/downloads/#dataflow

Re: how to integrate NIFI and LDAP?

@hduraiswamy i downloaded HDF form hortonworks portal and installed successfully. for nifi and ldap integration what are the config files i want to modify/change.

Re: how to integrate NIFI and LDAP?

Master Guru

@kishore sanchina

If you installed NIFi via HDF Ambari, you will want to edit the ldap-provider settings in in the following section:

12404-screen-shot-2017-02-13-at-80113-am.png

Of course you will need to obtain the proper values for your particular LDAP installation.

**** Make sure you remove the two comment lines that wrap this ldap-provider section.

You will also need to set the nifi.security.user.login.identity.provider to "ldap-provider" to match the provider name above:

12405-screen-shot-2017-02-13-at-80447-am.png

------------

If you are not using Ambari do install your NiFi, the same configurations needed to be done, but will be performed by manually editing the following files:

1. login-identity-providers.xml

2. nifi.properties

------------

Documentation on NIFi LDAP configuration can be found in the NiFi admin guide also:

http://docs.hortonworks.com/HDPDocuments/HDF2/HDF-2.1.1/bk_dataflow-administration/content/lightweig...

-------------

A restart of your NiFi will need to occur before these changes will take affect.

Also keep in mind that this does not disable the default user certificate authentication method. Users will only see the login screen if they do not present a user certificate.

------------

Thanks,

Matt

Re: how to integrate NIFI and LDAP?

Contributor

@Matt Clarke

I did perform the steps as mentioned above but nifi login did not prompt for any password and direct login is observed.

May I know what do you mean by:

"Also keep in mind that this does not disable the default user certificate authentication method. Users will only see the login screen if they do not present a user certificate."

I believe I am not providing any user certificate and I am logging in to nifi using URL:

http://xx.yy.xx.yy:8086/nifi/

In our case 8086 is the used port.

Re: how to integrate NIFI and LDAP?

Master Guru
@Sriram

The URL you just shared is http. NiFi must be secured over https before any user authentication can be enabled. You can not perform user authentication over http.

-

Thank you,

Matt

Re: how to integrate NIFI and LDAP?

New Contributor

I do not understand why this is so. I also want to add LDAP authentication to my NiFi setup but everything is behind a proxy that's in charge of encryption. The proxy decrypts all the information and sends it as an HTTP request to NiFi. Does this mean that I cannot use LDAP until I can defer the encryption onto the NiFi service?

Re: how to integrate NIFI and LDAP?

Master Guru

@bilbolord2001 

 

You are correct, NiFi will not support any form of user/client authentication and authorization until NiFi itself has been secured.

 

Matt