Re: Insufficient permissions on initial start up (NiFi 2.0)

do not understand why. > x Not secure https:// > ec2-44-219-227-80.compute-1.amazonaws.com:8443/nifi/ > > Anyway, thank you Bryan, Matt, and Isha for replying. > > On Wed, Apr 24, 2024 at 9:05 PM Matt Gilman > wrote: > >> What is this Access Token it cites at top?

Re: Insufficient permissions on initial start up (NiFi 2.0)

; *does not have permission to access the requested resource. Unable to view > the user interface. Returning Forbidden response.* > > What is this Access Token it cites at top? > > Based on what I have read in the documentation, nifi itself must be > allowed to create the authorizations.

Re: Insufficient permissions on initial start up (NiFi 2.0)

James, If you check the nifi-user.log in the logs directory, you should see messages for the requests that are being rejected. In that log message you should see the identity that you're authenticated with. Can you compare that with the user that you've configured the policies for. Hopefully,

Re: Indications in the UI of which cluster node hosts a “stuck” thread?

Hi Jim, If you open the Summary page from the global menu you should see the active threads in parentheses next to the scheduled state. Find the row in question and click the cluster icon from the actions column. This will open a dialog with a node-wise breakdown. I believe that the thread

Re: alternate web root directory?

gle root path would make a > difference for the authentication issue, it just makes setting up the > reverse proxy configuration easier since you only need to worry about 1 > path instead of multiple. > > > > On Wed, Mar 18, 2020 at 2:46 PM Matt Gilman > wrote: > >> Wyllys, >> &g

Re: alternate web root directory?

Wyllys, NiFi is comprised of any number of web applications. NiFi offers extension points for custom processor configuration UIs and data type viewers. These UIs can be bundled and discovered at runtime. These docs [1] detail the steps necessary for proxying a NiFi instance. Thanks Matt [1]

Re: Exception is showing in nifi UI users page

t rath > wrote: > >> Thanks Mat, >> >> For this quick response. >> >> Thanks a lot , >> >> Sanjeet >> >> On Thu, 5 Mar 2020, 11:43 pm Matt Gilman, >> wrote: >> >>> I just responded to your StackOverflow post: >>

Re: Exception is showing in nifi UI users page

I just responded to your StackOverflow post: https://stackoverflow.com/questions/60551242/nifi-user-addition-gives-u-null-pointer-exception/60551638#60551638 I believe you'll need to upgrade to a version that addresses the BUG. Thanks! On Thu, Mar 5, 2020 at 1:10 PM sanjeet rath wrote: > Hi

Re: Unable to validate the access token.

Dweep, Sorry you're having trouble with this. Can you please confirm the URL you direct your browser to initially and compare that to the address you are returned to following successful authentication? Would also be interested in seeing if the value in the redirect_uri query parameter when

Re: X-Forwarded-Context whitelisting not working

Curtis, I haven't set this up recently but it was working the last time I tried it. Just wanted to ensure you that were following the guidance in our admin guide for standing up instances behind a proxy [1]. Matt [1]

Re: How to Fetch Bulletins for Process Groups Recursivly

Bulletins for a Process Group should be available in the bulletin field in each Process Group. For instance, if you query for a Process Group /nifi-api/process-groups/{id} it should contain the bulletins rolled up from all descendant components. Matt On Thu, May 2, 2019 at 9:33 AM Shawn Weeks

Re: Empty "nifi users" page.

rch. > > > > What are to be unique? It’s the UUID (id field) present in > users/userGroups endpoints? The identity (short names)? > > I may have some duplicated between names between user and groups, I’m > going to check that point. > > > > Thanks. > > > &

Re: Empty "nifi users" page.

thout guarantee that it’s linked to > the issue: > > > > Content Security Policy: « x-frame-options » ignoré en raison de la > directive « frame-ancestors ». > > CURRENT_SITE: par01prdedge1.soft.fau:18443/nifi/users > KeeperFill-var.js:30:935 > > uncaught exception: Ea

Re: Changing All Stopped Processors to Disabled

Ryan, If you're running 1.7 or later you can enable or disable in bulk just like you can start or stop. It's supported right in NiFi UI. You can use actions out of the Operate palette or the context menu. https://issues.apache.org/jira/browse/NIFI-5066 Matt On Wed, Mar 27, 2019 at 2:07 PM Andy

Re: Empty "nifi users" page.

Hi. Could you open up your browsers Developer Tools and check the Console for any errors and look at the Network requests and ensure that they are returning correctly. The behavior your describing indicate one of two things. Either the request is not returning from the server or there is a front

Re: Search scope for LDAP user authentication

y to set/change this > value through the configurations? (I just want to make sure that I didn’t > accidently change it somehow). > > > > Thanks, > > > > > > User > > *From:* Matt Gilman [mailto:matt.c.gil...@gmail.com] > *Sent:* Monday, March 25, 2019 9

Re: Search scope for LDAP user authentication

Hi, I just took a quick look at the code and the underlying library in use and it appears that searching SUBTREE should be enabled by default. Thanks Matt On Mon, Mar 25, 2019 at 8:59 AM wrote: > Hi, > > > > I was wondering if there was a way to set the Search Scope to SUBTREE when > using

Re: Have localization been supported in NiFi Releases?

Jianan, There have been a few attempts where community members submitted a PR. [1] is another. Unfortunately, they all seemed to have stalled out. The latest NiFi does not support localization. It's a really important feature that we'd like to see soon. But to my knowledge, it is not currently

Re: issue with Nifi UI

How are you trying to access the UI? Matt On Wed, Oct 24, 2018 at 8:38 AM N, Vyshali wrote: > Hi, > > > > I have installed Nifi(1.7 version) in windows 10 and configured the port > as 8081 > > The logs don’t throw any error but the Nifi UI doesn’t come up. > > Attached is the nifi properties

Re: NiFi Web UI in split-horizon DNS environments

workaround we have. > > > > Thanks very much for the help! > > Matt > > > > > > *From: *Matt Gilman > *Reply-To: *"users@nifi.apache.org" > *Date: *Friday, June 8, 2018 at 2:10 PM > *To: *"users@nifi.apache.org" > *Subject: *

Re: NiFi Web UI in split-horizon DNS environments

Matt, Have you tried updating other components as well? All components (Processors, Ports, RPGs, etc) return their own URL in their object model (JSON blob). I would assume if the Reporting Tasks URLs are not formed correctly then the URLs for other components will also not be formed correctly.

Re: Authenticating via OIDC in NiFi 1.6.0

Paul, Unfortunately, there is no workaround in NiFi currently. First the OidcIdentityProvider attempts to use email scope if its supported. If it is not, it attempts to use the email claim on the UserInfo endpoint. Until NiFi is updated to support a configurable user identity claim (like upn in

Re: processGroupId URL

e a user clears an alarm. > Any way to do that? Or, at the very least, can I make them last a lot > longer? > > > Thanks, > > Scott > > On 04/06/2018 07:20 AM, Matt Gilman wrote: > > Scott, > > What version of NiFi are you running? If your running NiFi 1.x the

Re: PUT/flow/process-groups/{id} API

Vitaly, That endpoint will start/stop every component the requesting user has access to. Is your instance secured? If so please ensure that your including necessary authentication details. For instance, if your using client certificate in your browser be sure you request in your Java program

Re: processGroupId URL

Scott, What version of NiFi are you running? If your running NiFi 1.x then the parent process group ID shouldn't be necessary. The fully qualified URL of a processor would look something like http://localhost:8080/nifi-api/processors/9b52d2bf-0162-1000-d1ac-89e944aa1bfe Or are you trying to

Re: Permission to access the API

Just to follow up. For the most part, the permission required is the same as the resource being requested. In this case, it is the /flow (view the flow) resource. Status/Stats for a component are available for anyone with permission to view the flow. 'View the component" will expose configuration

Re: Problem enabling/disabling NiFi controller services from behind proxy

Hi Tim, Sorry for the inconvenience but this was a bug that was introduced in Apache NiFi 1.5.0. This was addressed in this JIRA [1] and will be included in Apache NiFi 1.6.0 which is currently under vote. Matt [1] https://issues.apache.org/jira/browse/NIFI-4894 On Thu, Mar 22, 2018 at 3:13

Re: Connection between RPG and input port is failing via API

Ravi, The available ports are independently retrieved on each node. When clustered the response to the client should only include the ports that all nodes have discovered. However, I believe that currently, it's returning ports that any node has discovered. I've filed a JIRA [1] to address this

Re: Error when executing NiFi REST API PUT /processors/{id} call

Vitaly, I believe that error is being generated by Jackson which handles the JSON (de)serialization. Often times there is additional information that gets logged to your logs/nifi-user.log. Check there to see if there is anything helpful. By any chance, are you attempting to pass the status back

Re: Disconnect nifi node cluster via API

Jorge, A node must be disconnected before it can be removed. If you're looking to invoke the REST endpoints, I would suggest looking at your browsers Dev Tools to see the requests in action. Alternatively, you could use the NodeManagerTool [1] that is bundled in the toolkit [2]. Matt [1]

Re: Issues with service controller when using NiFi behind the proxy

I've gone ahead and issues a PR [1] for this issue. Feel free to check it out and verify it in your environment if possible. Thanks Matt [1] https://github.com/apache/nifi/pull/2482 On Tue, Feb 20, 2018 at 9:33 AM, Matt Gilman <matt.c.gil...@gmail.com> wrote: > Thanks for the emai

Re: Issues with service controller when using NiFi behind the proxy

Thanks for the email. I just looked and this does appear to be a bug in the Javascript that was introduced in 1.5.0 when addressing this issue [1]. I've filed a JIRA [2] to address this issue. Matt [1] https://issues.apache.org/jira/browse/NIFI-4518 [2]

Re: Invalid header error

Robert, James, All, NiFi has been updated to be a little more strict regarding incoming HTTP requests. If the Host header does not comply with an expected value, the request is rejected. Currently, the expected value comes from those .host properties. What's happening is the proxy is likely

Re: nifi webui in browser not responding / waiting

Amit, The splash screen is shown while waiting for a number of requests to return from the server. In your logs, I can see a number those requests coming in. Can you please let me know what the Network tab is showing? In addition, what the Console tab is showing? Thanks Matt On Sun, Jan 7,

Re: nifi webui in browser not responding / waiting

Amit, Anything helpful in the user log? Or what do you see if you open the Developer Tools in your browser and check the Network tab? Matt Sent from my iPhone > On Jan 6, 2018, at 7:41 PM, Amit Pandit wrote: > > It shows the splash page, but it seems to be waiting on

Re: Buttons are greyed out when initial admin account logs in

Hey guys, I just wanted to chime in here. The grayed out buttons on the canvas may be due to the fact that there was no flow.xml.gz in your conf directory when the users/authorizers were seeded. Due to the clustering model, a node may not know what the root group will be. Because of this, the

Re: observing strange behavior nifi UI flow on a system from a recent nifi 0.6.x to nifi 1.3.x upgrade

Jeremy, The behavior your describing happens when you do not have permissions to the root group. This is the behavior when the policies for the initial admin (configured either through the property or through a legacy authorized-users.xml file) are created but there is no existing flow.xml.gz in

Re: Configuration for a Web Load Balancer for a secured NiFi cluster and client certificate authentication

Fabian, I have not personally set up a load balancer. However, I can offer that the LDAP authentication utilizes signed JWT bearer tokens. The key used to sign each token is unique to a given user. The signing key is persisted on a given node and is currently not shared across the cluster.

Re: Controller settings and process groups

Uwe, Services defined in the Controller Settings are available to Reporting Tasks and other services defined there. Services defined within a Process Group are available to descendent components. To create a service that is available to all components in the flow, define it in the root Process

Re: Deep linking doesn’t work in secured NiFi

I've responded to your question on SO [1]. Matt [1] https://stackoverflow.com/a/46648603/5969130 On Mon, Oct 9, 2017 at 1:01 AM, mathes waran wrote: > Hi Jeff, > > > Thank you for your response. > > > I didn’t configure *SPNEGO*. Even LDAP authentication won’t work

Re: Bug in controller service view HDF 2.1.3

> > > > Does exist a quick solution to fix it . ;) a little a patch for example, > if it already exists > > > > Regards > > > > *De :* Matt Gilman [mailto:matt.c.gil...@gmail.com] > *Envoyé :* mardi 12 septembre 2017 16:14 > > *À :* use

Re: Bug in controller service view HDF 2.1.3

oll (slick.grid.js:1) > > at SlickGrid.resizeCanvas (slick.grid.js:1) > > at Object.resetTableSize (nf-canvas-all.js?1.1.0.2.1.3.0-6:14) > > at Object.resetTableSize (nf-canvas-all.js?1.1.0.2.1.3.0-6:18) > > at HTMLLIElement.select (nf-canvas-all.js?1.1.0.2.1.3.0

Re: Bug in controller service view HDF 2.1.3

What browser are you using? Are there any errors in the Console of the Developer Tools in your browser? Matt On Tue, Sep 12, 2017 at 4:22 AM, Papa Samba DIOP < papasamba.d...@orange-sonatel.com> wrote: > *** > > Sonatel:Scan antiviral effectue (3) > >

Re: Nifi doesn't work behind reverse proxy

directs public-ip/pipeline to public-ip/nifi > > I am stuck trying to figure out all the proxies that nifi needs. Someone > please help me out. > > Thanks, > > On Wed, Jul 19, 2017 at 6:28 PM, Matt Gilman <matt.c.gil...@gmail.com> > wrote: > >> Awesome. Glad you got eve

Re: New "hierarchical" controller service system confusing

Russell, Thanks for the suggestion on the improved Controller Service UX. Would you mind filing a JIRA for this improvement? In 1.x, the user can see the components referencing a Controller Service in 1 of 3 places. The references are shown in the read-only details dialog, the service

Re: Reload authorizers.xml file at runtime

or the response. > > Is there any alternate solution to achieve this? > > Also please look at my another stack overflow question > https://stackoverflow.com/questions/45346902/multiple- > initial-admin-or-initial-admin-group > > Thanks, > Kumar > > On Wed, Jul 26, 2017

Re: Securing NiFi instance

Jennifer, I just wanted to clarify that you can set up username/password authentication with any directory server. It does not have to be Active Directory. Many folks use OpenLDAP or ApacheDS depending on the environment. As James mentioned Kerberos is also an option. Let us know if you have any

Re: Nifi doesn't work behind reverse proxy

Awesome. Glad you got everything working. I've filed a JIRA for updating the documentation accordingly [1]. Matt [1] https://issues.apache.org/jira/browse/NIFI-4206 On Wed, Jul 19, 2017 at 8:31 AM, Raviteja Lokineni < raviteja.lokin...@gmail.com> wrote: > Hi all, > > This is what I used in

Re: NIFI FTP/SFTP modifications

Vijaya, Here's a link to the contribution guide [1]. It's more oriented around submitting a PR but should be helpful. The gist is that you'll want to run mvn clean install from the root directory where the NiFi source is cloned. Once that completes the target directory of the nifi-assembly will

Re: Getting untrusted proxy message while trying to setup secure NIFI cluster

Matheswaran, The Node Identities in the authorizers.xml file need to correspond with the DN from the server certificates each node is configured with. I would recommend using keytool to print the certificate and then copy/paste that DN into the authorizers.xml on each node. NOTE: A

Re: upgrading cluster from 1.0.0 to 1.3.0

Thanks for the great summarization Andy. Just wanted to clarify one small detail. The default file-based authorizer will use conf/authorizations.xml though this value is configurable in conf/authorizers.xml. In the 0.x, when NiFi used role-based authorization the file was called

Re: Why NiFi shouldn't restrict the policy removal for admin user?

Matheswaran, The Initial Admin grants the user with that identity the required permissions to administer that instance including adding/updating/removing users, groups, and policies. The policies are granted at a resource level. This means that you can introduce new administers at a Process Group

Re: Migration - 1.2 to 1.3

Hey Neil, The issue you're seeing is because some of your nodes have not been upgraded yet. In this particular scenario, a node that hasn't been upgraded is attempting to replicate a request to a node that has been upgraded. We could better handle rolling upgrades in the 0.x because we could

Re: NiFi web interface not starting

NAPSHOT/logs org.apache.nifi.NiFi > 2017-06-12 18:01:50,506 INFO [main] org.apache.nifi.bootstrap.Command > Launched Apache NiFi with Process ID 20304 > 2017-06-12 18:01:51,063 INFO [NiFi Bootstrap Command Listener] > org.apache.nifi.bootstrap.RunNiFi Apache NiFi now running and listening

Re: NiFi web interface not starting

Georg, The UI will be available once you see these log messages: 2017-06-09 09:02:37,208 INFO [main] org.apache.nifi.web.server.JettyServer NiFi has started. The UI is available at the following URLs: 2017-06-09 09:02:37,208 INFO [main] org.apache.nifi.web.server.JettyServer http://:/nifi

[ANNOUNCE] Apache NiFi CVE-2017-7667 and CVE-2017-7665

to set this response header will be applied on Apache NiFi 0.7.4 and Apache NiFi 1.3.0 releases. Users running a prior 0.x or 1.x release should upgrade to the appropriate release. Credit: This issue was discovered by Matt Gilman. CVE-2017-7665: Apache NiFi XSS issue on certain user input components

Re: NiFi 1.2.0 REST API problem

sword on the trust store and that is the only change I am making. > > I will need to dig into the nifi logs to check for any errors there. > > On Thu, Jun 8, 2017 at 11:24 AM, Matt Gilman <matt.c.gil...@gmail.com> > wrote: > >> Raymond, >> >> When it's in a

Re: Saving controller services w/ templates?

Mike, Currently, the services are saved if they are referenced by processors in your data flow. There is an existing JIRA [1] to always include them. Thanks Matt [1] https://issues.apache.org/jira/browse/NIFI-2895 On Thu, Jun 8, 2017 at 12:59 PM, Mike Thomsen wrote:

Re: NiFi 1.2.0 REST API problem

Raymond, When it's in a state that is not working are there any bulletins on the second processor? When it's in that state and you view the configuration details for that processor, do the properties look correct and the same as when you manually re-add the processor through the UI? Specifically,

Re: Manage NiFi Users via Rest Api

Matt, When a request fails, the reason for the failure will is typically included in the response body as text/plain. This should provide some insight about why the requests aren't working. These same details should be in the logs/nifi-user.log of your NiFi instance. Also, I would suggest

Re: Nifi Authentication

or my ignorance. I am > now to nifi. > > > > Regards, > > Shrey > > > > *From:* Matt Gilman [mailto:matt.c.gil...@gmail.com] > *Sent:* Friday, May 26, 2017 11:38 AM > *To:* users@nifi.apache.org > *Subject:* Re: Nifi Authentication > > > >

Re: Nifi Authentication

Shrey, 1) I believe that you can use the encrypt-config tool that is part of the nifi-toolkit to encrypt the sensitive parts of the login-identity-providers.xml file. The documentation for that is available in the admin guide [1]. The nifi-toolkit is available on the downloads page [2]. 2) NiFi

Re: using rest api to enable transmission in remote process group

check the status of the rest api to find if the connection is created > successfully or not, otherwise, the loop sleeps for some time then begins > the next iteration. I just wonder if there is something I should do in NIFI > configuration to the need for this loop? > > Regards

Re: NIFI startup error

Ben, The warning in your log is simply letting the developer of those components know that the bundle is not following the suggested best practices [1]. NiFi has detected this but will not have any ill effects based on other isolated classpath configurations and referencing components. If the

Re: Content Repository Retention

Jim, Yes, the contain can be archived once the flowfile has exited NiFi. This allows the content to be downloaded/viewed from provenance events for that flowfile. This behavior can be controlled using the nifi.content.repository.archive.* properties [1]. Thanks Matt [1]

Re: Nifi Cluster fails to disconnect node when node was killed

bout what I think is the >> problem and a potential remedy for the problem. >> >> Thanks >> -Mark >> >> > On May 18, 2017, at 9:49 AM, Matt Gilman <matt.c.gil...@gmail.com> >> wrote: >> > >> > Thanks for the additional details. They will be

Re: Nifi Cluster fails to disconnect node when node was killed

Thanks for the additional details. They will be helpful when working the JIRA. All nodes, including the coordinator, heartbeat to the active coordinator. This means that the coordinator effectively heartbeats to itself. It appears, based on your log messages, that this is not happening. Because

Re: Nifi Cluster fails to disconnect node when node was killed

Thank you for the confirmation. I've filed this JIRA [1] to track the issue. Matt [1] https://issues.apache.org/jira/browse/NIFI-3933 On Thu, May 18, 2017 at 8:21 AM, ddewaele wrote: > Thanks for the response. > > When killing a non-coordinator node, it does take 8 * 5

Re: Nifi Cluster fails to disconnect node when node was killed

Hi, Once the new coordinator was elected, it is responsible for disconnecting nodes due to lack of heartbeat. It will wait 8 times the configured nifi.cluster.protocol.heartbeat.interval before the node is disconnected. Can you confirm that this amount of time has elapsed? Did you see any

Re: Queue incoherent state

gt; the queue status > 6) I tried to change the backpressure threshold without any effect. > 7) During the problem the queue was operating normally on the cluster, and > flowfiles were flowing through it without any issue. > > Arnaud > > > > On Mon, May 15, 2017 at 10:39

Re: Queue incoherent state

Sorry for the delayed response. Similar behavior has been reported by some other users [1]. Does the connection have any back pressure threshold configured? Can new flowfiles be enqueued? Do the expiration settings have any affect? Lastly, if you restart the cluster does it claim the connection

Re: Importing template into 1.2.0

Tim, Just wanted to provide a few more details. Prior to 1.2.0 the flow and templates did not contain any details about the NAR (bundle) it was packaged in. In 1.2.0, since your template did not contain any bundle details NiFi attempted to find a compatible Processor (matched by class name only).

Re: Issues with creating and connecting RPG programmatically

I've responded to the question on StackOverflow [1]. Thanks Matt [1] http://stackoverflow.com/questions/43788780/nifi-issues-with-creating-and-connecting-rpg-programmatically/43789310#43789310 On Thu, May 4, 2017 at 12:49 PM, Pushkara R wrote: > Hi, > > I am trying to

Re: ERRORs when trying to make new RPGs

This is a known issue [1] that has been addressed in the upcoming 1.2.0 release. If you include a position then you should be able to creation the component successfully. Sorry for the inconvenience. Matt [1] https://issues.apache.org/jira/browse/NIFI-2994 On Wed, Apr 19, 2017 at 12:00 PM,

Re: Unable to access NIFI Rest api of another server in secured mode.

Nijandan, I can't tell how you're creating your request based off your message. I would say to make sure you are setting the Authorization as an HTTP header and not part of the body of the request. Matt On Tue, Apr 4, 2017 at 3:11 AM, Nijandan D wrote: > Hi, > > I am

Re: REST API queries

Pushkar, NiFi employs an optimistic locking scheme that requires clients to pass in a revision when making a mutable request. The revision is comprised of a version (a number that increments with each modification) and a client id. The client id can be any string. You should continue to use this

Re: Admin policies not set by default

There is no option to add users with full privilege. Setting the initial admin identity will give that user access to the UI and permissions to manage users, groups, and policies. Additionally, if the NiFi instance has an existing flow it will grant permissions to the root group. Otherwise, the

Re: How to access Controller Service created in UI into Root processors in NiFi-1.1.1?

Hi, What browser are you using? We had some issues the action icons in Firefox in NiFi 1.1.0 wrapping to the next line that is addressed in this JIRA [1]. If you are using Firefox, can you try Chrome to help narrow down the issue? Does the policy links show up in the Controller Services tab?

Re: How to pass credential to NiFi rest api

Kumar, Check out my response on Stack Overflow [1]. Thanks Matt [1] http://stackoverflow.com/questions/42827820/how-to-pass-credential-to-nifi-rest-api On Thu, Mar 16, 2017 at 3:33 AM, kumar r wrote: > Hi, > > I have enabled LDAP authentication for Apache NiFi-1.1.1. >

Re: Nifi 1.1.2 - Ldap user group

Chakri, Unfortunately, LDAP user groups are not currently supported. Currently, user authentication through LDAP is supported but loading/interpreting their groups are not. Adding the concept of a group provider which would complement the existing identity provider seems like a good fit. Also,

Re: Process Groups and StandardClassificationService

mmon instances of one or more of these services typically > shared across process groups? > > Regards, > Jim > > On Mon, Mar 13, 2017 at 9:03 AM, Matt Gilman <matt.c.gil...@gmail.com> > wrote: > >> Jim, Joe, >> >> Just wanted to clarify. It sounds

Re: Process Groups and StandardClassificationService

Jim, Joe, Just wanted to clarify. It sounds as though your running the 0.x baseline. In 0.x, a single revision is maintained for the entire flow. If another user makes a change, you will get a notification that you need to Refresh to realize their changes before you can make any changes. In 1.x

Re: Kerberos authentication

Without knowing more of your setup, I would guess that your browser is prompting you based on the available certificates. What happens if you uninstall the certificate from your browser? Matt Sent from my iPhone > On Mar 9, 2017, at 7:37 PM, Joe Skora wrote: > > I have an

Re: Move flow into process group

BH, You should be able to select the components in question and dragging and dropping them into the desired Process Group. You can select the components by holding down Shift and clicking on each one. Another option is to use a selection box by clicking and dragging on the canvas. You should see

Re: LDAP Group Authorization

Just wanted to add to Bryan's response that there is a JIRA [1] that captures the ability to synchronize LDAP user/groups. This is probably a good place to capture any additional use cases. Matt [1] https://issues.apache.org/jira/browse/NIFI-3409 On Sun, Jan 29, 2017 at 6:25 PM, Bryan Bende

Re: NiFi 1.1.1 behind Apache HTTPd Proxy

i > is asking for JWT. > Please, Could anyone share your Apache HTTPd Proxy configuration ? > > Regards. > > - wr > > > > On 16 January 2017 at 14:38, Matt Gilman <matt.c.gil...@gmail.com> wrote: > >> A couple comments. Apache NiFi is comprised of a number of web

Re: NiFi 1.1.1 behind Apache HTTPd Proxy

A couple comments. Apache NiFi is comprised of a number of web applications. You've mapped to three of them. However, we also support UI extensions for Custom Processor configuration (like UpdateAttribute and JoltTransformJson) and custom data viewers (based on content type) when looking at data

Re: How to use Rest API ressource data-transfer?

I'm not super familiar with this endpoint so hopefully someone else can chime in here if necessary. But I believe the transactionId is already composed in the Location header of this endpoint POST /data-transfer/input-ports/{portId}/transactions There is a Java class [1] available in NiFi

Re: Migrating NiFi templates/canvas

level controller service as it was in the original NiFi instance > before exporting the template). > > > Many thanks, > > Panos > > > -- > *From:* Matt Gilman <matt.c.gil...@gmail.com> > *Sent:* Friday, January 13, 2017 6:27

Re: Migrating NiFi templates/canvas

Panos, The current behavior is that Controller Services are only included if they are referenced by a component in the template. While this was initially by designed, we have received comments about it from folks looking to export their entire configuration. There is an outstanding JIRA [1] to

Re: Write-lock processors

Alessio, There is currently no way to lock the canvas. If the current user has permissions to modify a given component it will be modifiable if the component is in a valid state for the request action. For instance, if the component is scheduled to execute it cannot be deleted. There has been

Re: nifi 1.1.1 processor details don't show from summary view

Naz, Thanks for feedback. This issue has been captured in the following JIRA [1]. I apologize for any inconvenience. Matt [1] https://issues.apache.org/jira/browse/NIFI-3306 On Thu, Jan 12, 2017 at 10:22 AM, Irizarry Jr., Nazario wrote: > In NiFi 1.1.1 (and 1.1.0) if you pull

Re: nifi 1.1.1 : Unable to empty queues

If your instance is clustered, you'll need to authorize the nodes with the data policies as well. Any 'data-plane' endpoint (where data or meta-data is returned or modified) will require the nodes in the request chain to also be approved for access as the data will traverse some of them when the

Re: NiFi UI fails to display Processor Group: NullPointerException

t I cannot enter my new Processor Group. > > > > Strangely, my Processor Groups that do not have a GenerateFlowFile > Processor still work. So I might have just narrowed this down to one > Processor, GenerateFlowFile. > > > > Kevin > > > > *From:* Matt G

Re: NiFi UI fails to display Processor Group: NullPointerException

e points out to me, but it might not be > related. Kerberos returns an error: > > > > POST http://servername:1/nifi-api/access/kerberos 409 > (Conflict) > > > > Probably not related, but otherwise I do not see any other error that > would explain what is g

Re: NiFi UI fails to display Processor Group: NullPointerException

Sorry for the inconvenience. Is there a stack trace listed in the user log? A quick glance at the code and the error handler looks like it logs the exception (which should include the stack trace) unconditionally. Also, you should be able to look backward from that line to look for other log

Re: How to create template for all entities in UI using Rest API?

eed rest api which create template for entire ui elements. > > On Tue, Jan 3, 2017 at 9:30 PM, Matt Gilman <matt.c.gil...@gmail.com> > wrote: > >> I think you would need to specify every component that is on the canvas. >> If all of the components were in a nested Pr

Re: How to create template for all entities in UI using Rest API?

I think you would need to specify every component that is on the canvas. If all of the components were in a nested Process Group, then you would just need to specify that Process Group. What is the behavior you're seeing? Thanks Matt On Mon, Dec 26, 2016 at 10:52 PM, prabhu Mahendran

Re: Deleting cluster nodes using UI - what permissions are required

In order to modify the nodes in the cluster, a user would need to have permissions to the controller. Permissions to this resource will allow a user to view and modify different aspects of the Flow Controller including Reporting Tasks, Controller Services (referenced by Reporting Tasks), the Nodes

Re: Getting org.springframework.web.client.HttpClientErrorException: 409 Conflict on DELETE ProcessGroup

On Wed, Dec 7, 2016 at 2:51 AM, Nirmal Kumar <nirmal.ku...@impetus.co.in> wrote: > Each time I fire the DELETE request I first GET the ProcessGroup details > and then fetch the *version*. > > So I am passing the correct version in DELETE request. > > > > Thanks, > >

  1   2   >