About shamika

shamika · ‎07-13-2023

We are facing no applicable policies issue on nifi ui ,then we renew Kerberos tickit it works ,but after that we got know that cluster status is disconnected And git below popup. Please help in this, nifi-app.log not showing any errorexcept one warn, failed to send heartbeat to nifi.cluster.protocal.protocalexception, PKIX validation failed

shamika · ‎07-13-2023

Sure, if you got the fix. Let me know 🙂

shamika · ‎07-13-2023

I checked the ranger policy into that /flow having acess group nd user acess for username and group. Which its menstion in nifi-user.log -07-12 10:46:36,228 WARN [NiFi Web Server-262] o.a.n.a.util.IdentityMappingUtil Identity Mapping property nifi.security.identity.mapping.pattern.dn was found, but was empty 2023-07-12 10:46:40,796 INFO [NiFi Web Server-19] o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (<JWT token>) GET https://hostname:9091/nifi-api/flow/current-user (source ip:<xy87284hdsshdg)> 2023-07-12 10:46:40,798 INFO [NiFi Web Server-19] o.a.n.w.s.NiFiAuthenticationFilter Authentication success for myuser 2023-07-12 10:46:40,800 INFO [NiFi Web Server-19] o.a.n.w.a.c.AccessDeniedExceptionMapper identity[myuser], groups[bigG, bigdGer] does not have permission to access the requested resource. No applicable policies could be found. Returning Forbidden response

shamika · ‎07-12-2023

Logs from solr.log WARN [c:ranger_audits s:shard1 r:core_node2 x:ranger_audits_shard1_replica_n1] org.apache.hadoop.security.authentication.server.AuthenticationFilter (AuthenticationFilter.java:565) - Authentication exception: GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag) Hadoop.secuorg.apache.hadoop.security.authentication.utill.signerexception invalid signature. Pfa

shamika · ‎07-12-2023

WARN [c:ranger_audits s:shard1 r:core_node2 x:ranger_audits_shard1_replica_n1] org.apache.hadoop.security.authentication.server.AuthenticationFilter (AuthenticationFilter.java:565) - Authentication exception: GSSException: Defective token detected (Mechanism level: GSSHeader did not find the right tag) pfa

shamika · ‎07-12-2023

Can you please suggest what things i need chacke in ranger policy to resolve this no applicable policy issue

shamika · ‎07-12-2023

Logs from nifi-app.log file ERROR [nifi.async.multi_dest.batch_nifi.async.multi_dest.batch.solr_destWriter] o.a.s.client.solrj.impl.CloudSolrClient Request to collection ranger_audits failed due to (401) org.apache.solr.client.solrj.impl.HttpSolrClient$RemoteSolrException: Error from server at http://<hostname>:8886/solr/ranger_audits_shard1_replica_n1: Expected mime type application/octet-stream but got text/html. <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> <title>Error 401 Authentication required</title> </head> <body><h2>HTTP ERROR 401</h2> <p>Problem accessing /solr/ranger_audits_shard1_replica_n1/update. Reason: <pre> Authentication required</pre></p> </body> </html> , retry? 0 Pfa the error attachment

Online	Offline
Last Visited	‎08-09-2023 09:11 AM

Member Since	‎11-22-2021 03:26 AM
Last Visited	‎08-09-2023 09:11 AM
Posts	8

Cloudera Community

Faceing Cluster connection issue with nifi ui

Re: No applicable policy found error while login t...

Re: No applicable policy found error while login t...

Authentication scheme not supported in solr ui

Kerberos authentication error in solr ui

Re: No applicable policy found error while login t...

No applicable policy found error while login to ni...