Member since
09-30-2020
15
Posts
0
Kudos Received
0
Solutions
08-07-2023
04:01 AM
Thanks MattWho, Yeah We figure out that the causing of issue the special character. Thank you Very Much
... View more
02-02-2023
11:30 AM
@ajignacio In the stack trace yoou'll see below: Caused by: org.apache.lucene.store.AlreadyClosedException: Underlying file changed by an external force This indicates that something external to your NiFi is changing the provenance files. When we see this it is most commonly the result of some virus software scanning the NiFi repositories and during that modifying the the files. You should make sure that any external service exclude the NiFi repositories from scanning and modification. If you found that the provided solution(s) assisted you with your query, please take a moment to login and click Accept as Solution below each response that helped. Thank you, Matt
... View more
09-12-2022
01:52 PM
@ajignacio User and group identity strings much match identically. Your ldap-user-group-provider is syncing users and groups by the identity string found in the CN AD attribute. This is why you are seeing only the CN username and CN groupname strings in the users UI within NiFi. However, when you are logging in to NiFi to authenticate you user via the ldap-provider, the resulting user identity sting is the users full AD Distinguished Name (DN). NiFi treats different strings as different users. The ldap-provider can be changed to use the user identity string typed in the username field instead of using the full DN. This is done by changing the following property: <property name="Identity Strategy">USE_DN</property> change it to : <property name="Identity Strategy">USE_USERNAME</property> Upon successful authentication the resulting user identity is evaluated against any identity mapping patterns that may be configured in the nifi.properties file. The resulting mapped value is then passed to the configured authorizer (managed-authorizer in your setup). There the authorizers is looking up that user identity string (case sensitive) against the user strings synced by your configured users group providers. If an exact match is found both the user string and the now learned group string(s) are checked against the configured NiFi policies to determine authorization. If you found that the provided solution(s) assisted you with your query, please take a moment to login and click Accept as Solution below each response that helped. Thank you, Matt
... View more
09-02-2022
09:27 AM
Thanks André. Our Application is running as http not https. See the result below. [nifi1 ~]$ openssl s_client -connect ldap.dev.abcde:389 CONNECTED(00000003) write:errno=104 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 289 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1662113057 Timeout : 300 (sec) Verify return code: 0 (ok) --- Please advise if there something we need to install/configure in our application Thanks, Alvin
... View more
09-01-2022
03:22 AM
Thank you Matt sorry for the super delay response but it's very helpful
... View more