Hi,
I found I had to add this to authorizations.xml for R & W, with
corresponding users.xml entries:
<policy identifier="nifi-cluster-write" resource="/proxy" action="W">
<user identifier="nifi-leith"/>
<user identifier="nifi-wharfe"/>
<user identifier="nifi-tamar"/>
</policy>
Still not entirely sure my secured cluster is fully set up correctly -
planning on writing up how we did it tho.
James
On 13 July 2017 at 13:47, mathes waran <[email protected]> wrote:
> I am using nifi V-1.3, and trying to setup 3 node secure NIFI cluster.
>
> I have added all the required properties, I can see nodes sending heartbeats
> in logs in all the nodes but on screen I'm getting Untrusted proxy message
> for all nodes. error screen shot attached.
>
> Error log getting as NiFiAuthenticationFilter Rejecting access to web api:
> Untrusted proxy CN=hostname
>
> Find the nifi properties below:
> <authorizer>
> <identifier>file-provider</identifier>
> <class>org.apache.nifi.authorization.FileAuthorizer</class>
> <property
> name="AuthorizationsFile">./conf/authorizations.xml</property>
> <property name="Users File">./conf/users.xml</property>
> <property name="Initial Admin
> Identity">[email protected]</property>
> <property name="Legacy Authorized Users File"></property>
> <property name="Node Identity 1">[email protected],
> OU=NIFI</property>
> <property name="Node Identity 2">[email protected],
> OU=NIFI</property>
> <property name="Node Identity 3">[email protected],
> OU=NIFI</property>
> </authorizer>
>
>
> could you please tell if anybody overcomes it.
>
> Thanks,
> Matheswaran
