Scott, In your last email, the way I read it you found part of the problem was using USE_USERNAME and not USE_DN, have you done a full comparison of the other config with this one?
On Tue, Apr 10, 2018 at 2:58 PM, Scott Howell <[email protected]> wrote: > Yes I did, I had Nifi-registry working with a local instances of LDAP > running. It’s now not cooperating since I moved to using Jumpcloud. > > > On Apr 10, 2018, at 1:56 PM, Kevin Doran <[email protected]> wrote: > > > > Hi Scott, > > > > Did you configure nifi-registry.properties with: > > > > nifi.registry.security.identity.provider=ldap-identity-provider > > > > On 4/10/18, 14:53, "Scott Howell" <[email protected]> wrote: > > > > Thanks for the all the help yesterday standing up LDAP for NIFI. I > was able to troubleshoot and fix the issues myself. I am running into a > unique issue with my Nifi-Registry when I try to login with my LDAP > credentials like I do for the nifi cluster I get in my logs with this: > > > > 2018-04-10 18:43:15,303 INFO [NiFi Registry Web Server-18] > o.a.n.r.w.s.NiFiRegistrySecurityConfig AuthenticationEntryPoint invoked > as no user identity credentials were found in the request. > > > > My identity-providers.xml is this: > > <identityProviders> > > <provider> > > <identifier>ldap-identity-provider</identifier> > > <class>org.apache.nifi.registry.security.ldap. > LdapIdentityProvider</class> > > <property name="Authentication > Strategy">START_TLS</property> > > <property name="Manager DN">uid=nifi,ou=Users,o={ > redacted},dc=jumpcloud,dc=com</property> > > <property name="Manager Password">{redacted}</property> > > <property name="TLS - Keystore”> > > </property> > > <property name="TLS - Keystore Password"></property> > > <property name="TLS - Keystore Type"></property> > > <property name="TLS - Truststore">/opt/certs/ > jumpcloud.jks</property> > > <property name="TLS - Truststore Password">{redacted}</ > property> > > <property name="TLS - Truststore Type">JKS</property> > > <property name="TLS - Client Auth"></property> > > <property name="TLS - Protocol">TLSv1.2</property> > > <property name="TLS - Shutdown Gracefully"></property> > > <property name="Referral Strategy">FOLLOW</property> > > <property name="Connect Timeout">10 secs</property> > > <property name="Read Timeout">10 secs</property> > > <property name="Url">ldap://ldap.jumpcloud.com:389 > </property> > > <property name="User Search Base">ou=Users,o={redacted}, > dc=jumpcloud,dc=com</property> > > <property name="User Search Filter">uid={0}</property> > > <property name="Identity Strategy">USE_USERNAME</ > property> > > <property name="Authentication Expiration">12 > hours</property> > > </provider> > > </identityProviders> > > > > For the most part I grabbed most of this from my Nifi node > login-identity-providers.xml but I seem to have something messed up. > > > > > >
