[
https://issues.apache.org/jira/browse/NIFI-7957?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17222709#comment-17222709
]
Jenil Shah commented on NIFI-7957:
----------------------------------
Okay got the problem. We are having oidc authentication flow. In which we got
the groups from access token itself.But in Nifi we need to configure service to
get groups from keycloak service(in which we need to configure admin
credentials).To avoid it we have done some customization where we saved groups
claim in NifiUser and created jwt token based on it.Now instead of fetching
groups from other service we parse the group from token itself. But We haven't
patched OTP service so we were not getting groups details and faced access
denied error.We need advice on these approach how we should avoid fetching
groups from other service where we can get it from access token itself. Thanks
for prompt response and apologies for wrong bug.
> Nifi Content Repo Viewer not working with OIDC
> ----------------------------------------------
>
> Key: NIFI-7957
> URL: https://issues.apache.org/jira/browse/NIFI-7957
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core UI
> Affects Versions: 1.12.1
> Reporter: Jenil Shah
> Priority: Major
> Attachments: Screenshot from 2020-10-28 15-11-57.png, Screenshot from
> 2020-10-28 15-15-05.png
>
>
> I have enabled OIDC auth in nifi and given proper access permission to user
> to view content of flow file.Now I try to see content of flow file from NIFI
> UI but it is giving me error.
> In ideal flow of nifi,nifi fetch the token using rest api and pass this token
> as Authentication header in all subsequent request but when we try to view
> content of flowfile it is opening new tab in which all those things are not
> happening so Authorization header is not passed in request which is generated
> from new tab. This causes auth problem.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
