The files to remove (or rename for temporary safe keeping) that Matthew is referring to are authorizations.xml and users.xml. You will want to properly configure authorizers.xml with an Initial Admin User.
Of course, "properly configure" includes having an authenticated user requiring a client user certificate or some other means of authentication such as integrating with LDAP. -Mark On Thu, Sep 5, 2024 at 12:25 AM Matthew Hawkins <hawko2...@gmail.com> wrote: > Hi Hannah, > > Please make sure the user and authorisers XML configs match the new user > ids and credentials. You MUST delete the *generated* xml files and restart > NiFi (which will re-generate those files). I can't remember the exact names > off the top of my head as they're named very similarly (the actual config > and the generated config) and I'm no longer daily in NiFi, but it's in the > NiFi Admin guide on the official website. > > Single user mode is really only for demos, you should consider changing to > at least TLS authentication. I have a github gist with a script that will > help generate the necessary certs using java keytool and maintain the > keystore and truststore: > https://gist.github.com/hawko2600/922b727634784614465b83e52ec2be52 > > > On Thu, 5 Sept 2024 at 02:56, LUKE, HANNAH R CIV USAF USSPACECOM > USSPACECOM/J26 <hannah.l...@usspacecom.mil.invalid> wrote: > > > Hello! > > > > I was wondering if I could get some help on an issue I was having with > > NiFi. > > > > For some background, I have NiFi up and running on an Amazon EC2 > instance. > > I recently installed an SSL cert on the server and changed the single > user > > credentials using the command line. I can log in to NiFi but once I do I > > get an error stating "No applicable policies could be found. Contact the > > system administrator". > > > > I am the system administrator for this server and NiFi instance. I'm > > unsure why I am getting this error or how to fix it - is there any > chance I > > could receive some guidance on this? > > > > Thank you! > > Hannah Luke > > > > > -- > Kind regards, > Matthew Hawkins >
