Bryan, Thank you very much! After setting the ldap-provider information in the logion-identity-providers.xml and the LDAP Group Provider in the authorizers.xml, one would use the authorizers.xml file to load the user groups. There wont be a need to use the files to be a User Group Provider if I am using just LDAP. Is there a guide that one can use for creating file-based policy provider information in the authorizations.xml file?
Best, Mike R On Tue, Dec 14, 2021 at 12:14 PM Bryan Bende <[email protected]> wrote: > CAUTION: This message is from an off campus source. Access to web links > will be filtered (by proxy) for additional protection. Click with caution. > CAUTION: This message came from outside RIT. If you are unsure about the > source or content of this message, please contact the RIT Service Center at > 585-475-5000 or help.rit.edu before clicking links, opening attachments > or responding. > > > Hello, > > The standard authorizer is composed of a user-group-provider and a > policy-provider. The LDAP user-group-provider can be be used to load > groups from LDAP, but you still need to define policies on them which > would be through a policy-provider, most likely the File-based > policy-provider which stores policies in authorizations.xml. > > Thanks, > > Bryan > > On Tue, Dec 14, 2021 at 10:02 AM Michael Radov (RIT Alumni) > <[email protected]> wrote: > > > > Hey, > > > > I am looking to see if there is a way to get NiFi to read directly from > > LDAP Groups. If this were the case, I would use the User Groupo Provider > to > > ldap-user-group-provider. However, would one still need to use an > > authorizations file? > > > > I was reading through the work that Pierre Villard did on LDAP Group > > Authentication and authorization > > < > https://pierrevillard.com/2017/12/22/authorizations-with-ldap-synchronization-in-apache-nifi-1-4/ > > > > using > > NiFi in a similar way and wanted to know if the file user group provider > > was necessary? > > > > Best, > > Mike R >
