>
> What is this Access Token it cites at top?
>
NiFi UI attempts to get the access token expiration. However, since you're
authenticating with a certificate the endpoint returns an IllegalState
because there was no token in the request.
Looking at the logs and the supplied configuration it
The identity you put for your initial admin is:
C = US, ST = Virginia, L = Reston, O = C4 Rampart, OU = NIFI, CN = admin2
Which does not match the identity shown in the logs that is coming from
your client cert:
CN=admin2, OU=NIFI, O=C4 Rampart, L=Reston, ST=Virginia, C=US
It is case and
Looking at the nifi-user.log, I find I am getting a Conflict response,
Access Token not found.
more ./nifi-user.log
2024-04-25 00:23:49,329 INFO [main] o.a.n.a.FileUserGroupProvider Creating
new users file at /opt/nifi/config_resources/users.xml
2024-04-25 00:23:49,352 INFO [main]
James,
If you check the nifi-user.log in the logs directory, you should see
messages for the requests that are being rejected. In that log message you
should see the identity that you're authenticated with. Can you compare
that with the user that you've configured the policies for. Hopefully,
I still cannot access my own NiFi 2.0 instance. I continue to get this
rejection:
Insufficient Permissions
- home
Unable to view the user interface. Contact the system administrator.
The canvas flashes for an instant when I try to hit my secure URL, but is
immediately replaced with this
I'll review this closely once again when I get back to this system tonight
- thanks very much for your reply, Isha.
I also feel I need to look more closely in nifi.properties, at values I
have set for keys nifi.security.identity.mapping.[value, transform,
pattern].CN1
I noticed some odd behavior
Hi James,
Have you changed these settings in authorizers.xml since you first started
NiFi? If so, you may need to delete users.xml and authorizations.xml.
A new admin user will not be created if those files already exist.
Otherwise, the trickiest part is usually that the user DN needs to match