Hi Alexander,
You may find Bryan Bende's "Authorization and Multi-Tenancy Guide" [1] to contain some helpful advice on exactly what you are looking for. Specifically, the "Authorizers & Initial Admin Identity" section covers how to setup secure access for users to the NiFi UI, and the "Multi-Tenancy" section covers how to set different access policies for different users/groups. Additionally, if you are using LDAP for user management, you may also find Pierre Villard's "Integration of NiFi with LDAP" [2] a useful resource. Hope this helps! If you have further questions, please do post back to this list. [1] http://bryanbende.com/development/2016/08/17/apache-nifi-1-0-0-authorization-and-multi-tenancy [2] https://pierrevillard.com/2017/01/24/integration-of-nifi-with-ldap/ Cheers, Kevin From: "Saip, Alexander (NIH/CC/BTRIS) [C]" <[email protected]> Reply-To: <[email protected]> Date: Thursday, July 13, 2017 at 10:31 To: "'[email protected]'" <[email protected]> Subject: Remote access to NiFi UI in secure setup We are just starting with NiFi. Currently, there is a single-node instance running on a CentOS server. Without any security configuration, I am able to connect to the NiFi UI from the Chrome browser running on my Windows desktop. In order to enable multi-tenancy, we have to secure NiFi. The NiFi System Administrator’s Guide mentions the TLS Toolkit, but exclusively in the context of NiFi cluster. I wonder if there is a way for me to enable HTTPS connections to the NiFi UI from a remote computer that is NOT a cluster node? If yes, what would be the best way to achieve that?
