Created on 01-25-201704:28 AM - edited 08-17-201905:26 AM
By integrating with LDAP, username/password authentication can be enabled in NiFi. This tutorial provides step by step instructions to setup NiFi - LDAP Authentication via Ambari (Using Knox Demo Ldap Server)
1) Assuming you already have HDF-2.x Installed on your VM/Server, Ambari, NiFi is up and running with out security.
If not, I would recommend "Ease of Deployment" section of this article to install it [You can also follow this article for Automated installation of HDF cluster or refer hortonworks.com for detailed steps]
Setting up Demo LDAP Server
1) As HDF and HDP cannot co-exist on a single node, lets download knox zip file from apache for this tutorial for easily setting up an ldap server. Execute below steps for the same after establishing ssh connectivity to the VM/Server (name of my host is node1):
4) While logged in as admin on the nifi UI, Lets us add a user jobin with below id by clicking '+ user' button on top right 'users' menu like below:
Enter the above value and click OK.
5. Now close the users window and click to open 'policies' window on the management menu on the top right corner below 'users' menu. click "+user" button on right top corner, on the pop up, enter jobin and select the user and click OK.
6. Once policy added, it will look like below:
7. Now you may log out as admin and provide below credentials to login as 'jobin' user,
8. you should be able to login and view the UI, but wont have privilege to add anything to the canvas. (as jobin is given only read access) you may login back as admin and give required access.
This completes the tutorial, You have successfully:
- Installed and Configured HDF 2.0 on your server.
- Downloaded and started knox Demo Ldap Server
- Configured NiFi to use Knox Ldap to Authenticate users where NiFi Initial Admin is from Ldap.
- Restarted NiFi and verified access for admin user in NiFi UI.
- Created a new user jobin in ldap, added him to NiFi user list and gave read access.