Dave0x1
New Contributor

Nifi migration from 1.13.2 to 1.15.3 or higher

by New Contributor in Support Questions
‎04-15-2022 04:57 AM
‎04-15-2022 04:57 AM
Hi there, we are testing to migrate from nifi 1.13.2 to the latest greatest or at least the 1.15.3 release. We would like to make use of Google SAML integration for authentication. But can't seem to find a decent tutorial with examples for this. There are some good documentation by Bryan Bende using Knox. But doesn't seem to work with google saml. Searched google extensively, but couldn't find a single working example with saml. Is it even working? 😉   Can anyone share a good tutorial on how to implement this? We are running NiFi in a docker container on AWS.   Thank you in advanced. Kind regards, Dave ... View more
Labels:

Nifi Google SAML implementation

by New Contributor in Support Questions
‎03-14-2022 08:53 AM
‎03-14-2022 08:53 AM
When implementing Google SAML with Apache NiFi 1.15 we get the following error on startup.   org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'samlService' defined in org.apache.nifi.web.security.configuration.SamlAuthenticationSecurityConfiguration: Invocation of init method failed; nested exception is java.lang.RuntimeException: Unable to initialize SAML configuration due to: org.opensaml.saml2.metadata.provider.MetadataProviderException: Non-ok status code 400 returned from remote metadata source https://accounts.google.com/o/saml2/idp?idpid=xxxxx   Is this caused by a misconfiguration in Nifi or on the Google configuration side?    There's alot of documentation on what the SAML parameters mean, but unfortunately no expamles can be found on the net.   Thank you in advanced.   Kind regards, Dave ... View more
Labels:

apache-nifi-openid-connect

by New Contributor in Support Questions
‎03-11-2022 06:06 AM
‎03-11-2022 06:06 AM
Hi there,   We want to move from nifi 1.13 to 1.15 and are trying to implement OIDC. We found this great manual from Bryan https://bryanbende.com/development/2017/10/03/apache-nifi-openid-connect  followed this and after some tweaking we finally got the google login screen.  nifi.properties is setup for localhost nifi.web.https.host=localhost nifi.web.https.port=8443   And Google redirect API is set to  https://localhost:8443/nifi-api/access/oidc/callback   After succesfully logging in we get redirected to the url above, but receive the following error. Unable to continue login sequence   Unable to exchange authorization for ID token: Unable to parse the response from the Token request: Unable to validate the ID Token: Unexpected JWT audience: [169248247257-v1tcvtl6n6gq0psjqjt69jpkq36ue3i8.apps.googleusercontent.com] What seems to be going wrong?   Once this is working, we will be implementing this to our AWS nifi clusters with Loadbalancer IP's and of course not on localhost.    Thank you in advanced. Kind regards, Dave ... View more
Labels:
Contact Me
Online
Offline
Last Visited
‎06-24-2022 07:25 AM
Public Statistics
Date Registered ‎03-11-2022 05:48 AM
Last Visited ‎06-24-2022 07:25 AM
Total Messages Posted 3
; ;