Member since
05-16-2017
11
Posts
0
Kudos Received
0
Solutions
05-26-2017
12:04 PM
@Bhushan Babar I am not a NiFi developer, so if you are looking for way to modify the existing NiFi code to programmatically create new users in NiFi's authorizer and grant them access, I am not going to be able to help there. NiFi's default file-based authorizer supports groups. You can create 1 or more groups and assign those groups all the global access policies and all the root process group component level policies. Then whenever you create a new user, simply add them to those groups during user creation and they will have access to those resources. The typical process here is to create an admin group (has most policies), Dataflow Manger group (has policies that give these users the ability to add to and modify dataflows, access the data and access provenance), Dataflow viewers (has polices that only give view access to the dataflows), Site-to-site group (has policies related to Site-to-site Components), and Proxy group (has proxy policy granted to Nifi nodes and any external proxy server). Programmatically i would think what you are looking to do would be difficult to implement. NiFi authenticates user via certificates and/or multiple other methods (LDAP or kerberos). This means that servers that connect to your NiFi with a valid certificate would be automatically given admin level access (all policies)? Some policies are very specific to servers and not users (proxy and site-to-site policies for example). Some policies are not even available until an associated component that uses that policy is added to the canvas (Site-to-Site remote input or output ports). Thanks, Matt
... View more
05-24-2017
01:52 PM
@Bhushan Babar Glad i was able to help resolve your issue. Could you please click "accept" the answer i provided to close out this question in the community? Thank you,
Matt
... View more