[
https://issues.apache.org/jira/browse/NIFI-10415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17598048#comment-17598048
]
David Handermann commented on NIFI-10415:
-----------------------------------------
Thanks for reporting this issue [~gregb].
NiFi SAML integration has been tested in load balanced and reverse proxied
deployments, so the general configuration should work.
The {{login request identifier was not found}} error indicates that the NiFi
node is not receiving the temporary cookie for tracking the login sequence.
Is NiFi deployed in a cluster, and have you configured session affinity for the
proxy server that mediates access to NiFi?
> SAML Login Sequence Fails
> -------------------------
>
> Key: NIFI-10415
> URL: https://issues.apache.org/jira/browse/NIFI-10415
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.16.3
> Environment: RHEL OS. Proxied Environment
> Reporter: Greg Biddy
> Priority: Major
> Labels: SAML
>
> Hello,
> I am attempting to configure a NiFi cluster to authenticate via Okta using
> SAML. I am in a proxied environment. When I navigate to NiFi via Okta, I
> receive the following error in the UI:
> Unable to continue login sequence
> The login request identifier was not found in the request. Unable to continue.
>
> I have configured the nifi.security.user.saml.idp.metadata.url property to
> reference a local file containing the metadata since Nifi cannot communicate
> with the IDP through the Proxy.
> Please verify if NiFi's SAML integration will work in a proxied environment.
>
> Thanks,
> Greg
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
