Cloudera Community
martin_keller
user rank
Explorer
My Accepted Solutions
Show All

Re: Secure Nifi Registry Errors

by Explorer in Support Questions
‎02-20-2018 03:03 PM
‎02-20-2018 03:03 PM
Solved. It was probably an issue with the installed Java Version. After updating to jdk1.8.0_162 it worked. ... View more

Secure Nifi Registry Errors

by Explorer in Support Questions
‎02-19-2018 04:33 PM
‎02-19-2018 04:33 PM
Following the tutorials Setting Up a Secure Nifi Registry and Secure Nifi to integrate with secure Nifi Registry, I'm not able to start nifi registry. I tried a lot of different configuration, also those I used to secure nifi. We don't use ldap or kerberos. Every constellation ends up with an error messages like 'Caused by: org.apache.nifi.registry.security.authorization.AuthorizerFactoryException: When running securely, the authorizer identifier must be specified in the nifi properties file' We work with windows / windows server, nifi 1.5.0 and nifi registry 0.1.0. Nifi registry runs (unsecured), and nifi runs secured, after using some tricks (I have to go through 2 phases to get it running, but it is repeatable, so I can go with this..) Any suggestions ? ... View more
Labels:

Re: Nifi Server dont starts after going secure.

by Explorer in Support Questions
‎02-08-2018 09:49 AM
‎02-08-2018 09:49 AM
thanks for your detailed answer. It looks better know, users.xml and authorizations.xml seems to be correct (what they did not before). Actually I have to go through 2 steps: First I replace in nifi.properties then line "nifi.security.user.authorizer=managed-authorizer" wicth "nifi.security.user.authorizer=file-provider" and clean authorizers.xml, leaving only file-provider and userGroupProvider. After 'cleaning' Nifi (deleting then(empty) users.xml and authorizations.xml and keystore etc.) and rebuilding with nifi-toolkit, Nifi starts and populates users.xml and authorizations.xml with reasonable entries, but stops again. Second, I undo the changes in nifi.properties and authorizers.xml and restart Nifi. It runs now stable. puh. ... View more

Re: Nifi Server dont starts after going secure.

by Explorer in Support Questions
‎02-07-2018 08:29 PM
‎02-07-2018 08:29 PM
Thanks for replying. I tested different strings; I found a lot of issues about different writings; but it didnt solved our problems. Other Hints? ... View more

Nifi Server dont starts after going secure.

by Explorer in Support Questions
‎02-07-2018 06:07 PM
‎02-07-2018 06:07 PM
We use Nifi 1.5.0 with 'nifi-toolkit-1.5.0.3.1.0.0-564' on Windows, standalone (no cluster, we are at the beginning of the nifi-way) After reconfiguring for SSL, following div. instruction, an testing a lot of different configs, restarting with 'clean' installation etc.; I am stalled: Certs etc. are made with nifi toolkit, standalone: tls-toolkit.bat standalone -n localhost -C "CN=admin,OU=NIFI" authorizers.xml is like this (only change): ... <property name="Initial Admin Identity">CN=admin, OU=NIFI</property> ... keystore and truststore are in ./conf (I also tested with absolute path) client cert is imported Any Configuration like this start up and stops with some exceptions. Without "Initial Admin Identity" attribute in authorizers.xml the server starts normaly, but no one can login due to permission issues. The nifi-user.log and nifi-bootstrap.log looks ok, but not nifi-app.log: more or less all exceptions ends up with something like: 2018-02-07 17:06:28,110 INFO [main] o.eclipse.jetty.server.AbstractConnector Started ServerConnector@776a7ec6{SSL,[ssl, http/1.1]}{localhost:9443} 2018-02-07 17:06:28,110 INFO [main] org.eclipse.jetty.server.Server Started @31471ms 2018-02-07 17:06:28,111 WARN [main] org.apache.nifi.web.server.JettyServer Failed to start web server... shutting down. org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Unsatisfied dependency expressed through method 'setFilterChainProxySecurityConfigurer' parameter 1; nested exception is org.springframework.beans.factory.BeanExpressionException: Expression parsing failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.apache.nifi.web.NiFiWebApiSecurityConfiguration': Unsatisfied dependency expressed through method 'setX509AuthenticationProvider' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'x509AuthenticationProvider' defined in class path resource [nifi-web-security-context.xml]: Cannot resolve reference to bean 'authorizer' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authorizer': FactoryBean threw exception on object creation; nested exception is org.apache.nifi.authorization.exception.AuthorizerCreationException: org.apache.nifi.authorization.exception.AuthorizerCreationException: Unable to locate initial admin CN=admin, OU=NIFI to seed policies at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:667) at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88) at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366) .... Caused by: ... AuthorizerCreationException: Unable to locate initial admin CN=admin, OU=NIFI to seed policies .... .... 2018-02-07 17:06:28,122 INFO [Thread-1] org.eclipse.jetty.server.session Stopped scavenging Any hints? Thanks a lot; .m. ... View more
Labels:
Contact Me
Online
Offline
Last Visited
‎08-13-2018 10:36 AM
Community Statistics
Member Since ‎02-07-2018 01:43 PM
Last Visited ‎08-13-2018 10:36 AM
Posts 5