Hello ,  I am trying to setup LDAP on my Nifi Registry and I am getting the below errror :   nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut Caused by: java.lang.Exception: Unable to load the login identity provider configuration file at: /opt/nifi-registry/nifi-registry-current/conf/login-identity-providers.xml nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.apache.nifi.registry.security.authentication.IdentityProviderFactory.loadLoginIdentityProvidersConfiguration(IdentityProviderFactory.java:160) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.apache.nifi.registry.security.authentication.IdentityProviderFactory.getIdentityProvider(IdentityProviderFactory.java:110) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.apache.nifi.registry.security.authentication.IdentityProviderFactory$$EnhancerBySpringCGLIB$$adc959c5.CGLIB$getIdentityProvider$0(<generated>) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.apache.nifi.registry.security.authentication.IdentityProviderFactory$$EnhancerBySpringCGLIB$$adc959c5$$FastClassBySpringCGLIB$$53c655ec.invoke(<generated>) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.springframework.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:244) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.springframework.context.annotation.ConfigurationClassEnhancer$BeanMethodInterceptor.intercept(ConfigurationClassEnhancer.java:331) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.apache.nifi.registry.security.authentication.IdentityProviderFactory$$EnhancerBySpringCGLIB$$adc959c5.getIdentityProvider(<generated>) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at java.lang.reflect.Method.invoke(Method.java:498) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154) nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut ... 58 common frames omitted nifi-registry 2024-09-27 09:25:06,919 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut 2024-09-27 09:25:06,919 INFO [Thread-1] org.apache.nifi.registry.NiFiRegistry Initiating shutdown of Jetty web server... nifi-registry 2024-09-27 09:25:06,922 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut 2024-09-27 09:25:06,922 INFO [Thread-1] o.eclipse.jetty.server.AbstractConnector Stopped ServerConnector@7a1ebcd8{HTTP/1.1,[http/1.1]}{0.0.0.0:18080} nifi-registry 2024-09-27 09:25:06,922 INFO [NiFi logging handler] org.apache.nifi.registry.StdOut 2024-09-27 09:25:06,922 INFO [Thread-1] org.eclipse.jetty.server.session node0 Stopped scavenging nifi-registry 2024-09-27 09:25:07,787 INFO [main] o.a.n.registry.bootstrap.RunNiFiRegistry NiFi Registry never started. Will not restart NiFi Registry   I am using helm chart to deploy this and the above pasted logs are my pod logs ..  While debugging I do see that the file is present inside the pod :   nifi@nifi-registry-custom-0:/opt/nifi-registry/nifi-registry-current/conf$ ls -lrth total 112K -rw-r--r-- 1 nifi nifi 1020 Dec 19 2019 registry-aliases.xml -rw-r--r-- 1 nifi nifi 6.0K Dec 19 2019 identity-providers.xml -rw-r--r-- 1 nifi nifi 2.1K Dec 19 2019 bootstrap.conf -rw-r--r-- 1 nifi nifi 5.0K Aug 19 2020 providers.xml -rw-r--r-- 1 root root 5.3K Sep 27 09:14 nifi-registry.temp -rw-r--r-- 1 root root 6.7K Sep 27 09:14 login-identity-providers-ldap.xml -rw-r--r-- 1 root root 21K Sep 27 09:14 authorizers.temp -rw-r--r-- 1 nifi nifi 4.9K Sep 27 09:14 nifi-registry.properties -rw-r--r-- 1 nifi nifi 6.7K Sep 27 09:14 login-identity-providers.xml   and my login-indentity-providers.xml file contents are as below :   <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <!-- ~ Licensed to the Apache Software Foundation (ASF) under one or more ~ contributor license agreements. See the NOTICE file distributed with ~ this work for additional information regarding copyright ownership. ~ The ASF licenses this file to You under the Apache License, Version 2.0 ~ (the "License"); you may not use this file except in compliance with ~ the License. You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, software ~ distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for the specific language governing permissions and ~ limitations under the License. --> <!-- This file lists the identity providers to use when running securely. In order to use a specific provider it must be configured here and its identifier must be specified in the nifi-registry.properties file. --> <identityProviders> <!-- Identity Provider for users logging in with username/password against an LDAP server. 'Authentication Strategy' - How the connection to the LDAP server is authenticated. Possible values are ANONYMOUS, SIMPLE, LDAPS, or START_TLS. 'Manager DN' - The DN of the manager that is used to bind to the LDAP server to search for users. 'Manager Password' - The password of the manager that is used to bind to the LDAP server to search for users. 'TLS - Keystore' - Path to the Keystore that is used when connecting to LDAP using LDAPS or START_TLS. 'TLS - Keystore Password' - Password for the Keystore that is used when connecting to LDAP using LDAPS or START_TLS. 'TLS - Keystore Type' - Type of the Keystore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. JKS or PKCS12). 'TLS - Truststore' - Path to the Truststore that is used when connecting to LDAP using LDAPS or START_TLS. 'TLS - Truststore Password' - Password for the Truststore that is used when connecting to LDAP using LDAPS or START_TLS. 'TLS - Truststore Type' - Type of the Truststore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. JKS or PKCS12). 'TLS - Client Auth' - Client authentication policy when connecting to LDAP using LDAPS or START_TLS. Possible values are REQUIRED, WANT, NONE. 'TLS - Protocol' - Protocol to use when connecting to LDAP using LDAPS or START_TLS. (i.e. TLS, TLSv1.1, TLSv1.2, etc). 'TLS - Shutdown Gracefully' - Specifies whether the TLS should be shut down gracefully before the target context is closed. Defaults to false. 'Referral Strategy' - Strategy for handling referrals. Possible values are FOLLOW, IGNORE, THROW. 'Connect Timeout' - Duration of connect timeout. (i.e. 10 secs). 'Read Timeout' - Duration of read timeout. (i.e. 10 secs). 'Url' - Space-separated list of URLs of the LDAP servers (i.e. ldap://<hostname>:<port>). 'User Search Base' - Base DN for searching for users (i.e. CN=Users,DC=example,DC=com). 'User Search Filter' - Filter for searching for users against the 'User Search Base'. (i.e. sAMAccountName={0}). The user specified name is inserted into '{0}'. 'Identity Strategy' - Strategy to identify users. Possible values are USE_DN and USE_USERNAME. The default functionality if this property is missing is USE_DN in order to retain backward compatibility. USE_DN will use the full DN of the user entry if possible. USE_USERNAME will use the username the user logged in with. 'Authentication Expiration' - The duration of how long the user authentication is valid for. If the user never logs out, they will be required to log back in following this duration. --> <provider> <identifier>ldap-identity-provider</identifier> <class>org.apache.nifi.registry.security.ldap.LdapIdentityProvider</class> <property name="Authentication Strategy">SIMPLE</property> <property name="Manager DN"></property> <property name="Manager Password"></property> <property name="TLS - Keystore">/opt/nifi-registry/nifi-registry-current/conf/nifi-registry-custom-nifi-registry-0.nifi-registry-custom-nifi-registry-headless.local.svc.cluster.local/keystore.jks</property> <property name="TLS - Keystore Password">xxx</property> <property name="TLS - Keystore Type">jks</property> <property name="TLS - Truststore">/opt/nifi-registry/nifi-registry-current/conf/nifi-registry-custom-nifi-registry-0.nifi-registry-custom-nifi-registry-headless.local.svc.cluster.local/truststore.jks</property> <property name="TLS - Truststore Password">xxx</property> <property name="TLS - Truststore Type">JKS</property> <property name="TLS - Client Auth">NONE</property> <property name="TLS - Protocol">TLS</property> <property name="TLS - Shutdown Gracefully">false</property> <property name="Referral Strategy">FOLLOW</property> <property name="Connect Timeout">10 secs</property> <property name="Read Timeout">10 secs</property> <property name="Url"></property> <property name="User Search Base"></property> <property name="User Search Filter">(cn={0})</property> <property name="Identity Strategy">USE_DN</property> <property name="Authentication Expiration">12 hours</property> </provider> <!-- Identity Provider for users logging in with username/password against a Kerberos KDC server. 'Default Realm' - Default realm to provide when user enters incomplete user principal (i.e. NIFI.APACHE.ORG). 'Authentication Expiration' - The duration of how long the user authentication is valid for. If the user never logs out, they will be required to log back in following this duration. --> <!-- To enable the kerberos-identity-provider remove 2 lines. This is 1 of 2. <provider> <identifier>kerberos-identity-provider</identifier> <class>org.apache.nifi.registry.web.security.authentication.kerberos.KerberosIdentityProvider</class> <property name="Default Realm">NIFI.APACHE.ORG</property> <property name="Authentication Expiration">12 hours</property> <property name="Enable Debug">false</property> </provider> To enable the kerberos-provider remove 2 lines. This is 2 of 2. --> </identityProviders>   My properties file contents are :   # security properties # nifi.registry.security.keystore=/opt/nifi-registry/nifi-registry-current/conf/nifi-registry-custom-nifi-registry-0.nifi-registry-custom-nifi-registry-headless.default.svc.cluster.local/keystore.jks nifi.registry.security.keystoreType=jks nifi.registry.security.keystorePasswd=xxx nifi.registry.security.keyPasswd=xxx nifi.registry.security.truststore=/opt/nifi-registry/nifi-registry-current/conf/nifi-registry-custom-nifi-registry-0.nifi-registry-custom-nifi-registry-headless.default.svc.cluster.local/truststore.jks nifi.registry.security.truststoreType=jks nifi.registry.security.truststorePasswd=changeMe nifi.registry.security.needClientAuth= nifi.registry.security.authorizers.configuration.file=/opt/nifi-registry/nifi-registry-current/conf/authorizers.xml nifi.registry.security.authorizer=file-provider nifi.registry.security.identity.providers.configuration.file=/opt/nifi-registry/nifi-registry-current/conf/login-identity-providers.xml nifi.registry.security.identity.provider=ldap-identity-provider   However , I am not sure what the issue is .  Could someone please help ? ... View more