in this list. I think I am just
completely borking the decrypt.
Scott
> On Dec 18, 2018, at 1:22 PM, Bryan Bende wrote:
>
> What happens when you try to decrypt it? Is there an error?
>
> On Tue, Dec 18, 2018 at 2:16 PM Scott Howell <mailto:scotthow...@payitgov.com>> wrote:
I am trying to decrypt a file that was encrypted using the EncryptContent. I
think I am missing something when it comes to decrypting a file.
We storing the encrypted file in s3 after it is encrypted and would like to
decrypt using the command line after downloading the file.
I attached a
I was wanting to reach out and find out how people are upgrading Nifi
environments while still using the registry to upgrade flows.
We have a particular issue occurring between nifi environments and a process
flow. We run three environments Dev, Staging, and Production. We are on a
weekly
Kelsye,
I know it’s not the best suggestion but if Nifi Expression language could be
used for the fields you could use an updated attribute processor to add the
attributes to the file depending on some other attribute, so that your only
adding the attributes that are needed for that particular
8 at 10:06 AM, Charlie Meyer
> <charlie.me...@civitaslearning.com> wrote:
>> We solved this issue by having our flows in the registry be parameterized by
>> leveraging the variable registry and using a swagger-generated api client
>> set those variables at runtime.
>>
We are currently setting up our dev environment and using Nifi-Registy to
version control we discovered that changing the scheduling on the processors
causes version control to tell us that we need to commit our changes. With
having different scheduling between Dev, Staging, and Production it
he.org> wrote:
>
> Thanks; that certainly narrows it down. It could be that you’ve uncovered a
> bug with the LdapIdentityProvider when using START_TLS. I’ll try to recreate
> it and dig into it on my end. Thanks for sharing all this info.
>
> Kevin
>
> From: Scott
thing wrong with your configuration. I created a free
> jumpcloud account, so I’ll try to recreate this issue and get back to you if
> I have any other insights.
>
> Kevin
>
> From: Scott Howell <scotthow...@mobilgov.com>
> Reply-To: <users@nifi.apache.org>
not.
> On Apr 10, 2018, at 2:18 PM, Scott Howell <scotthow...@mobilgov.com> wrote:
>
> Thanks Kevin for sending that back,
>
> This is what I see when looking at the Headers on the login.
>
>
> The version of Nifi-Registry I am running is 0.1.0. What confuses
e interfering with HTTP headers?
>
> What version of NiFi Registry are you using? 0.1.0 or a version built from
> source?
>
> Hope this helps,
> Kevin
>
>
> On 4/10/18, 14:59, "Scott Howell" <scotthow...@mobilgov.com
> <mailto:scotthow...@mobi
d part of the problem was using
> USE_USERNAME and not USE_DN, have you done a full comparison of the other
> config with this one?
>
> On Tue, Apr 10, 2018 at 2:58 PM, Scott Howell <scotthow...@mobilgov.com
> <mailto:scotthow...@mobilgov.com>> wrote:
> Yes I did,
i-registry.properties with:
>
> nifi.registry.security.identity.provider=ldap-identity-provider
>
> On 4/10/18, 14:53, "Scott Howell" <scotthow...@mobilgov.com> wrote:
>
>Thanks for the all the help yesterday standing up LDAP for NIFI. I was
> able to troubleshoot and fix the
Thanks for the all the help yesterday standing up LDAP for NIFI. I was able to
troubleshoot and fix the issues myself. I am running into a unique issue with
my Nifi-Registry when I try to login with my LDAP credentials like I do for the
nifi cluster I get in my logs with this:
2018-04-10
tity_provider
>
> <https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldap_login_identity_provider>
>
> Andy LoPresto
> alopre...@apache.org <mailto:alopre...@apache.org>
> alopresto.apa...@gmail.com <mailto:alopresto.apa...@gmail.com>
> PGP Fingerp
That is what is inside of
> On Apr 9, 2018, at 3:03 PM, Scott Howell <scotthow...@mobilgov.com> wrote:
>
> Yep let me send it over.
>
>
>ldap-provider
>org.apache.nifi.ldap.LdapProvider
>ANONYMOUS
>
>uid=nifi,ou=Us
loud, but speculating as to what could
> be the cause of your error, it could be the User Search Base/Filter
> configuration values. Can you share the contents of your
> login-identity-providers.xml (removing any sensitive values such as ldap
> credentials)?
>
> Thanks,
> K
I was wondering if there was anyone on the user group that had successfully
integrated their NIFI authentication to work with Jumpcloud LDAP. I have
followed the steps Jumpcloud provides with adding the correct credentials to
the the NIFI login-identity-providers.xml but I am getting an error
print: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69
>
>> On Apr 5, 2018, at 9:50 AM, Scott Howell <scotthow...@mobilgov.com
>> <mailto:scotthow...@mobilgov.com>> wrote:
>>
>> I had to change the subdomain of my cluster nodes. The cluster node n
I had to change the subdomain of my cluster nodes. The cluster node names are
nifi-{#}.internal.dev.{redacted}.com. Looking at my log below it still believes
there is a cluster coordinator is found at nifi-2.dev.{redacted}.com.
o.a.n.c.c.node.NodeClusterCoordinator Failed to determine which
tance I am running separate to the cluster.
> On Mar 30, 2018, at 10:43 AM, Pierre Villard <pierre.villard...@gmail.com>
> wrote:
>
> Oh ok now I see what you mean with the double quotes... didn't notice in the
> first place =/
> How did you generate t
2018-03-30 15:32:42,268 INFO [NiFi Web Server-21]
o.a.n.w.s.NiFiAuthenticationFilter Attempting request for () GET
https://localhost:8443/nifi-api/flow/current-user (source ip: 10.10.2.214)
2018-03-30 15:32:42,270 INFO [NiFi Web Server-21]
o.a.n.w.s.NiFiAuthenticationFilter Authentication
e users are given the proxy authorizations?)
>
> Thanks!
>
> 2018-03-30 16:15 GMT+02:00 Scott Howell <scotthow...@mobilgov.com
> <mailto:scotthow...@mobilgov.com>>:
> I am nearing the finish line of setting up a cluster using a self-signed
> cert.
>
> When t
I am nearing the finish line of setting up a cluster using a self-signed cert.
When trying to login to the cluster after the cluster comes up I am able to see
in the logs that my initial admin user is able to login.
Once that takes place I get an “Untrusted proxy” error on both the UI and in
il.com> wrote:
>
> Ok, can you provide the stacktrace from nifi-app.log when it gets the
> socket timeout?
>
> On Wed, Mar 28, 2018 at 3:45 PM, Scott Howell <scotthow...@mobilgov.com>
> wrote:
>> Yes I have https: defined on the registry client.
>>
>
Yes I have https: defined on the registry client.
> On Mar 28, 2018, at 2:29 PM, Bryan Bende <bbe...@gmail.com> wrote:
>
> Just to double-check, when you defined the Registry Client in NiFi,
> did you enter the URL starting with "https" ?
>
> On Wed, Mar
I have a single node nifi server setup with a self-signed keystone and
truststore. I then used the same self-signed cert to create a keystone and
truststore for Nifi-Registry. Currently I am able to access the UI for both
Nifi and Nifi-Registry securely while also seeing the correct
ith two
> /proxy policies, one for each node.
>
> So if you do that then your cluster starts up, but when you access the
> UI then you get the untrusted proxy?
>
>
> On Wed, Mar 21, 2018 at 12:58 PM, Scott Howell <scotthow...@mobilgov.com>
> wrote:
>> use
l
>
> On Wed, Mar 21, 2018 at 12:37 PM, Scott Howell <scotthow...@mobilgov.com>
> wrote:
>> Thanks I have checked that and the whitespace is correct in user.xml.
>>
>> I did make a change to my authorizer.xml
>>
>>
>>
>>file-pro
you delete users.xml and
> authorizations.xml?
>
> You would have to do that for those changes to take effect. You can
> look in users.xml and see if you still have the user identities
> without whitespace.
>
> On Wed, Mar 21, 2018 at 12:20 PM, Scott Howell <scotthow...@mo
One other thing I am seeing and I don’t know if this is an issue or not in my
authorizations.xml I do not have a policy for /proxy with action=“R” only
action=“W”.
> On Mar 21, 2018, at 11:03 AM, Scott Howell <scotthow...@mobilgov.com> wrote:
>
> Thanks for that. I am still get
21, 2018, at 10:23 AM, Bryan Bende <bbe...@gmail.com> wrote:
>
> All identity strings are case & whitespace sensitive.
>
> The node identities in your authorizers.xml have no whitespace, and
> the identity showing in the logs does.
>
> On Wed, Mar 21, 2018 a
ization-and-multi-tenancy>
>
>
> Andy LoPresto
> alopre...@apache.org <mailto:alopre...@apache.org>
> alopresto.apa...@gmail.com <mailto:alopresto.apa...@gmail.com>
> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69
>
>> On Mar 20, 2018
t;> showed?
>>
>> It may just be that you only copied/pasted the one provider, but the
>> root element is not , so as it is shown there it would not
>> parse.
>>
>> On Mon, Mar 19, 2018 at 2:54 PM, Scott Howell <scotthow...@mobilgov.com>
>> wrot
tained invalid XML.
>
> Did you start by modifying the identity-providers.xml file that was
> already there? Can you share the file, or the contents (removing
> anything sensitive)?
>
> On Mon, Mar 19, 2018 at 1:09 PM, Scott Howell <scotthow...@mobilgov.com>
> wrote:
>>
e if/how to do
> this, but I assume there should be some way to configure it. It might require
> settings not exposed in the AWS web console.)
>
> On 3/19/18, 10:51, "Scott Howell" <scotthow...@mobilgov.com> wrote:
>
>Thanks Kevin,
>
>I am j
, such as EFS, it would not work the way you hope.)
>
> Hope this helps,
> Kevin
>
> On 3/19/18, 10:20, "Scott Howell" <scotthow...@mobilgov.com> wrote:
>
>Thanks for the quick response.
>
>A couple of things I am seeing.
>
>1. Ther
t; What error are you getting when you cannot access the UI?
>
> Is there anything interesting in nifi-registry-app.log regarding
> authentication/authorization when this happens?
>
> Can you access the UI securely without going through the ELB?
>
> Thanks,
>
> Bryan
I was able to stand up nifi-registry behind an AWS ELB non-secure. Everything
was working great and was able to access the UI anonymously. I set up the
authorization just like on my nifi instances along with the authorizers and
identity-provider. The service comes up without errors and
38 matches
Mail list logo
