[
https://issues.apache.org/jira/browse/NIFI-3480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andy LoPresto updated NIFI-3480:
--------------------------------
Description:
The Admin Guide *Security Configuration* section states
{quote}
{{nifi.security.truststore}}
Filename of the Truststore that will be used to authorize those connecting to
NiFi. If not set, all who attempt to connect will be provided access as the
*Anonymous* user.
{quote}
This is incorrect and misleading. The only way to configure a secured instance
with anonymous access is via LDAP or Kerberos and configuration of the
authorizer to explicitly allow anonymous access. Configuring a secured instance
with no truststore will simply refuse all incoming connections.
With {{nifi.security.needClientAuth}} set to {{true}} or empty (default):
{code}
2017-02-14 12:03:05,546 WARN [Thread-1] org.apache.nifi.web.server.JettyServer
Failed to stop web server
org.springframework.beans.factory.BeanCreationException: Error creating bean
with name 'flowService': FactoryBean threw exception on object creation; nested
exception is org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'flowController': FactoryBean threw exception on object
creation; nested exception is
org.apache.nifi.framework.security.util.SslContextCreationException: Need
client auth is set to 'true', but no truststore properties are configured.
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:175)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:103)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1585)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
~[na:na]
at
org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
~[na:na]
at
org.apache.nifi.web.contextlistener.ApplicationStartupContextListener.contextDestroyed(ApplicationStartupContextListener.java:103)
~[na:na]
at
org.eclipse.jetty.server.handler.ContextHandler.callContextDestroyed(ContextHandler.java:845)
~[na:na]
at
org.eclipse.jetty.servlet.ServletContextHandler.callContextDestroyed(ServletContextHandler.java:546)
~[na:na]
at
org.eclipse.jetty.server.handler.ContextHandler.stopContext(ContextHandler.java:826)
~[na:na]
at
org.eclipse.jetty.servlet.ServletContextHandler.stopContext(ServletContextHandler.java:356)
~[na:na]
at
org.eclipse.jetty.webapp.WebAppContext.stopWebapp(WebAppContext.java:1410)
~[na:na]
at
org.eclipse.jetty.webapp.WebAppContext.stopContext(WebAppContext.java:1374)
~[na:na]
at
org.eclipse.jetty.server.handler.ContextHandler.doStop(ContextHandler.java:874)
~[na:na]
at
org.eclipse.jetty.servlet.ServletContextHandler.doStop(ServletContextHandler.java:272)
~[na:na]
at
org.eclipse.jetty.webapp.WebAppContext.doStop(WebAppContext.java:544) ~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
~[na:na]
at
org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
~[na:na]
at
org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
~[na:na]
at
org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
~[na:na]
at org.eclipse.jetty.server.Server.doStop(Server.java:482) ~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at org.apache.nifi.web.server.JettyServer.stop(JettyServer.java:854)
~[na:na]
at org.apache.nifi.NiFi.shutdownHook(NiFi.java:188)
[nifi-runtime-1.2.0-SNAPSHOT.jar:1.2.0-SNAPSHOT]
at org.apache.nifi.NiFi$2.run(NiFi.java:89)
[nifi-runtime-1.2.0-SNAPSHOT.jar:1.2.0-SNAPSHOT]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101]
Caused by: org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'flowController': FactoryBean threw exception on object
creation; nested exception is
org.apache.nifi.framework.security.util.SslContextCreationException: Need
client auth is set to 'true', but no truststore properties are configured.
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:175)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:103)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1585)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
~[na:na]
at
org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
~[na:na]
at
org.apache.nifi.spring.StandardFlowServiceFactoryBean.getObject(StandardFlowServiceFactoryBean.java:48)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
~[na:na]
... 33 common frames omitted
Caused by: org.apache.nifi.framework.security.util.SslContextCreationException:
Need client auth is set to 'true', but no truststore properties are configured.
at
org.apache.nifi.framework.security.util.SslContextFactory.createSslContext(SslContextFactory.java:66)
~[na:na]
at
org.apache.nifi.controller.FlowController.<init>(FlowController.java:440)
~[na:na]
at
org.apache.nifi.controller.FlowController.createStandaloneInstance(FlowController.java:375)
~[na:na]
at
org.apache.nifi.spring.FlowControllerFactoryBean.getObject(FlowControllerFactoryBean.java:74)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
~[na:na]
... 40 common frames omitted
2017-02-14 12:03:05,547 INFO [Thread-1] org.apache.nifi.NiFi Jetty web server
shutdown completed (nicely or otherwise).
{code}
With {{nifi.security.needClientAuth}} explicitly set to {{false}}: no errors in
{{logs/nifi-app.log}} but the browser will not be able to make a connection and
will get the {{ERR_CONNECTION_REFUSED}} response.
The Admin Guide should be updated to reflect the correct information.
was:
The Admin Guide *Security Configuration* section states
> nifi.security.truststore
> Filename of the Truststore that will be used to authorize those connecting to
> NiFi. If not set, all who attempt to connect will be provided access as the
> *Anonymous* user.
This is incorrect and misleading. The only way to configure a secured instance
with anonymous access is via LDAP or Kerberos and configuration of the
authorizer to explicitly allow anonymous access. Configuring a secured instance
with no truststore will simply refuse all incoming connections.
With {{nifi.security.needClientAuth}} set to {{true}} or empty (default):
{code}
2017-02-14 12:03:05,546 WARN [Thread-1] org.apache.nifi.web.server.JettyServer
Failed to stop web server
org.springframework.beans.factory.BeanCreationException: Error creating bean
with name 'flowService': FactoryBean threw exception on object creation; nested
exception is org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'flowController': FactoryBean threw exception on object
creation; nested exception is
org.apache.nifi.framework.security.util.SslContextCreationException: Need
client auth is set to 'true', but no truststore properties are configured.
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:175)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:103)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1585)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
~[na:na]
at
org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
~[na:na]
at
org.apache.nifi.web.contextlistener.ApplicationStartupContextListener.contextDestroyed(ApplicationStartupContextListener.java:103)
~[na:na]
at
org.eclipse.jetty.server.handler.ContextHandler.callContextDestroyed(ContextHandler.java:845)
~[na:na]
at
org.eclipse.jetty.servlet.ServletContextHandler.callContextDestroyed(ServletContextHandler.java:546)
~[na:na]
at
org.eclipse.jetty.server.handler.ContextHandler.stopContext(ContextHandler.java:826)
~[na:na]
at
org.eclipse.jetty.servlet.ServletContextHandler.stopContext(ServletContextHandler.java:356)
~[na:na]
at
org.eclipse.jetty.webapp.WebAppContext.stopWebapp(WebAppContext.java:1410)
~[na:na]
at
org.eclipse.jetty.webapp.WebAppContext.stopContext(WebAppContext.java:1374)
~[na:na]
at
org.eclipse.jetty.server.handler.ContextHandler.doStop(ContextHandler.java:874)
~[na:na]
at
org.eclipse.jetty.servlet.ServletContextHandler.doStop(ServletContextHandler.java:272)
~[na:na]
at
org.eclipse.jetty.webapp.WebAppContext.doStop(WebAppContext.java:544) ~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
~[na:na]
at
org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
~[na:na]
at
org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
~[na:na]
at
org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
~[na:na]
at
org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
~[na:na]
at org.eclipse.jetty.server.Server.doStop(Server.java:482) ~[na:na]
at
org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
~[na:na]
at org.apache.nifi.web.server.JettyServer.stop(JettyServer.java:854)
~[na:na]
at org.apache.nifi.NiFi.shutdownHook(NiFi.java:188)
[nifi-runtime-1.2.0-SNAPSHOT.jar:1.2.0-SNAPSHOT]
at org.apache.nifi.NiFi$2.run(NiFi.java:89)
[nifi-runtime-1.2.0-SNAPSHOT.jar:1.2.0-SNAPSHOT]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101]
Caused by: org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'flowController': FactoryBean threw exception on object
creation; nested exception is
org.apache.nifi.framework.security.util.SslContextCreationException: Need
client auth is set to 'true', but no truststore properties are configured.
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:175)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:103)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1585)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
~[na:na]
at
org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
~[na:na]
at
org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
~[na:na]
at
org.apache.nifi.spring.StandardFlowServiceFactoryBean.getObject(StandardFlowServiceFactoryBean.java:48)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
~[na:na]
... 33 common frames omitted
Caused by: org.apache.nifi.framework.security.util.SslContextCreationException:
Need client auth is set to 'true', but no truststore properties are configured.
at
org.apache.nifi.framework.security.util.SslContextFactory.createSslContext(SslContextFactory.java:66)
~[na:na]
at
org.apache.nifi.controller.FlowController.<init>(FlowController.java:440)
~[na:na]
at
org.apache.nifi.controller.FlowController.createStandaloneInstance(FlowController.java:375)
~[na:na]
at
org.apache.nifi.spring.FlowControllerFactoryBean.getObject(FlowControllerFactoryBean.java:74)
~[na:na]
at
org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
~[na:na]
... 40 common frames omitted
2017-02-14 12:03:05,547 INFO [Thread-1] org.apache.nifi.NiFi Jetty web server
shutdown completed (nicely or otherwise).
{code}
With {{nifi.security.needClientAuth}} explicitly set to {{false}}: no errors in
{{logs/nifi-app.log}} but the browser will not be able to make a connection and
will get the {{ERR_CONNECTION_REFUSED}} response.
The Admin Guide should be updated to reflect the correct information.
> Fix incorrect Admin Guide documentation regarding anonymous access
> ------------------------------------------------------------------
>
> Key: NIFI-3480
> URL: https://issues.apache.org/jira/browse/NIFI-3480
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Documentation & Website
> Affects Versions: 1.1.1
> Reporter: Andy LoPresto
> Priority: Trivial
> Labels: documentation, security
>
> The Admin Guide *Security Configuration* section states
> {quote}
> {{nifi.security.truststore}}
> Filename of the Truststore that will be used to authorize those connecting to
> NiFi. If not set, all who attempt to connect will be provided access as the
> *Anonymous* user.
> {quote}
> This is incorrect and misleading. The only way to configure a secured
> instance with anonymous access is via LDAP or Kerberos and configuration of
> the authorizer to explicitly allow anonymous access. Configuring a secured
> instance with no truststore will simply refuse all incoming connections.
> With {{nifi.security.needClientAuth}} set to {{true}} or empty (default):
> {code}
> 2017-02-14 12:03:05,546 WARN [Thread-1]
> org.apache.nifi.web.server.JettyServer Failed to stop web server
> org.springframework.beans.factory.BeanCreationException: Error creating bean
> with name 'flowService': FactoryBean threw exception on object creation;
> nested exception is org.springframework.beans.factory.BeanCreationException:
> Error creating bean with name 'flowController': FactoryBean threw exception
> on object creation; nested exception is
> org.apache.nifi.framework.security.util.SslContextCreationException: Need
> client auth is set to 'true', but no truststore properties are configured.
> at
> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:175)
> ~[na:na]
> at
> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:103)
> ~[na:na]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1585)
> ~[na:na]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
> ~[na:na]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
> ~[na:na]
> at
> org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
> ~[na:na]
> at
> org.apache.nifi.web.contextlistener.ApplicationStartupContextListener.contextDestroyed(ApplicationStartupContextListener.java:103)
> ~[na:na]
> at
> org.eclipse.jetty.server.handler.ContextHandler.callContextDestroyed(ContextHandler.java:845)
> ~[na:na]
> at
> org.eclipse.jetty.servlet.ServletContextHandler.callContextDestroyed(ServletContextHandler.java:546)
> ~[na:na]
> at
> org.eclipse.jetty.server.handler.ContextHandler.stopContext(ContextHandler.java:826)
> ~[na:na]
> at
> org.eclipse.jetty.servlet.ServletContextHandler.stopContext(ServletContextHandler.java:356)
> ~[na:na]
> at
> org.eclipse.jetty.webapp.WebAppContext.stopWebapp(WebAppContext.java:1410)
> ~[na:na]
> at
> org.eclipse.jetty.webapp.WebAppContext.stopContext(WebAppContext.java:1374)
> ~[na:na]
> at
> org.eclipse.jetty.server.handler.ContextHandler.doStop(ContextHandler.java:874)
> ~[na:na]
> at
> org.eclipse.jetty.servlet.ServletContextHandler.doStop(ServletContextHandler.java:272)
> ~[na:na]
> at
> org.eclipse.jetty.webapp.WebAppContext.doStop(WebAppContext.java:544) ~[na:na]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
> ~[na:na]
> at
> org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
> ~[na:na]
> at
> org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.stop(ContainerLifeCycle.java:143)
> ~[na:na]
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStop(ContainerLifeCycle.java:161)
> ~[na:na]
> at
> org.eclipse.jetty.server.handler.AbstractHandler.doStop(AbstractHandler.java:73)
> ~[na:na]
> at org.eclipse.jetty.server.Server.doStop(Server.java:482) ~[na:na]
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.stop(AbstractLifeCycle.java:89)
> ~[na:na]
> at org.apache.nifi.web.server.JettyServer.stop(JettyServer.java:854)
> ~[na:na]
> at org.apache.nifi.NiFi.shutdownHook(NiFi.java:188)
> [nifi-runtime-1.2.0-SNAPSHOT.jar:1.2.0-SNAPSHOT]
> at org.apache.nifi.NiFi$2.run(NiFi.java:89)
> [nifi-runtime-1.2.0-SNAPSHOT.jar:1.2.0-SNAPSHOT]
> at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101]
> Caused by: org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'flowController': FactoryBean threw exception on
> object creation; nested exception is
> org.apache.nifi.framework.security.util.SslContextCreationException: Need
> client auth is set to 'true', but no truststore properties are configured.
> at
> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:175)
> ~[na:na]
> at
> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:103)
> ~[na:na]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1585)
> ~[na:na]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:254)
> ~[na:na]
> at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202)
> ~[na:na]
> at
> org.springframework.context.support.AbstractApplicationContext.getBean(AbstractApplicationContext.java:1060)
> ~[na:na]
> at
> org.apache.nifi.spring.StandardFlowServiceFactoryBean.getObject(StandardFlowServiceFactoryBean.java:48)
> ~[na:na]
> at
> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
> ~[na:na]
> ... 33 common frames omitted
> Caused by:
> org.apache.nifi.framework.security.util.SslContextCreationException: Need
> client auth is set to 'true', but no truststore properties are configured.
> at
> org.apache.nifi.framework.security.util.SslContextFactory.createSslContext(SslContextFactory.java:66)
> ~[na:na]
> at
> org.apache.nifi.controller.FlowController.<init>(FlowController.java:440)
> ~[na:na]
> at
> org.apache.nifi.controller.FlowController.createStandaloneInstance(FlowController.java:375)
> ~[na:na]
> at
> org.apache.nifi.spring.FlowControllerFactoryBean.getObject(FlowControllerFactoryBean.java:74)
> ~[na:na]
> at
> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:168)
> ~[na:na]
> ... 40 common frames omitted
> 2017-02-14 12:03:05,547 INFO [Thread-1] org.apache.nifi.NiFi Jetty web server
> shutdown completed (nicely or otherwise).
> {code}
> With {{nifi.security.needClientAuth}} explicitly set to {{false}}: no errors
> in {{logs/nifi-app.log}} but the browser will not be able to make a
> connection and will get the {{ERR_CONNECTION_REFUSED}} response.
> The Admin Guide should be updated to reflect the correct information.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
