Github user SarthakSahu commented on the issue:
https://github.com/apache/nifi/pull/2866
@pepov ok.
1. Service Principal and service keytab required where as nifi needs
authenticate as client. So when nifi needs to authenticate as client to
kerborized zookeeper service keytab and principal is needed.
2. For user authentication nifi will authenticate users with help of KDC
server.
For example: A "pepov" user wants to authenticate with nifi.
We need to create a principal in KDC server as [email protected] using
below command.
Note: we have not used -randkey option. Instead we provide password to the
created princpal
kadmin: addprinc pepov
WARNING: no policy specified for [email protected]; defaulting to no policy
Enter password for principal "[email protected]":
Re-enter password for principal "[email protected]":
Principal "[email protected]" created.
Now we have to provide the username(pepov) and password in the login page
to access nifi.
Hope this clarify the query.
---
