RE: Re:LDAP, Groups and nifi users

[Vishal Jadhav (BLOOMBERG/ 731 LEX)]

Do the logs (nifi-user.log, nifi-app.log) offer any clues? 

From: users@nifi.apache.org At: 03/11/19 09:26:02To:  Vishal Jadhav (BLOOMBERG/ 
731 LEX ) ,  users@nifi.apache.org
Subject: RE: Re:LDAP, Groups and nifi users

     

Hello. 
  
Thanks for your answer. I did not put the entire file, but the user and group 
entries are from the ldapusergroupprovider. Pierre already points me out to his 
 docs and help me here to configure this, the ldap auth is working fine. 
  
I just can’t use anything related to groups 
  

From: Vishal Jadhav (BLOOMBERG/ 731 LEX) <vjad...@bloomberg.net> 
Sent: lundi 11 mars 2019 14:11
To: users@nifi.apache.org
Subject: Re:LDAP, Groups and nifi users 
  

Hello Aurélien, 

  

On a quick look at the gist, it looks like you are missing the 
LdapUserGroupProvider. 

  

(1) Pierre has a very informative guide on the LDAP group configuration here - 
https://pierrevillard.com/?s=ldap. (thank you Pierre! For this one and the 
other posts!!) 

(2) Refer to this one in addition - 
https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldap-based-users-groups-referencing-user-dn
 

  

Also, I think you will need to have the ldap identity provider to authenticate 
the users first. I hope the authentication using LDAP is working for you. 


- Vishal 

From:  users@nifi.apache.org At: 03/11/19 08:17:45 
To:  users@nifi.apache.org
Subject: LDAP, Groups and nifi users 
  


Hello. 
  
I’m struggling to configure a correct authorizes.xml to achieve the following. 
I’m using nifi 1.8 and 1.9 (freshy install) in secure mode + ldap auth. 
  
-          I have a LDAP serveur (RH identity manager) where users/groups are 
stored. 
-          I’d like to be able to grant rights on Nifi based on user group 
-          I’d like to be able to see users and their associated rights in nifi 
menu => users (not working, see screenshot bellow) 
  
  
I don’t know where is my mistake , I’ve tried a lot of conf in 
ldap-user-group-provider, I’m not even really sure the problem is here. 
Authentication itself is working, I can assign policy to users, but  nothing 
works with groups. 
  
My configurations are  
https://gist.github.com/zorel/6934e7e6c1ae9e951ab13a1ce1db2330 
  
Thanks for any pointer. 
  
  
 
Aurélien DEHAY
Big Data Architect
+33 616 815 441 
aurelien.de...@faurecia.com

23/27 avenue des Champs Pierreux
92735 Nanterre Cedex – France 
 
  

This electronic transmission (and any attachments thereto) is intended solely 
for the use of the addressee(s). It may contain confidential or legally 
privileged information. If you are not the intended recipient of this message, 
you must delete it immediately  and notify the sender. Any unauthorized use or 
disclosure of this message is strictly prohibited.  Faurecia does not guarantee 
the integrity of this transmission and shall therefore never be liable if the 
message is altered or falsified nor for any virus,  interception or damage to 
your system. 
 
  
This electronic transmission (and any attachments thereto) is intended solely 
for the use of the addressee(s). It may contain confidential or legally 
privileged information. If you are not the intended recipient of this message, 
you must delete it immediately and notify the sender. Any unauthorized use or 
disclosure of this message is strictly prohibited.  Faurecia does not guarantee 
the integrity of this transmission and shall therefore never be liable if the 
message is altered or falsified nor for any virus, interception or damage to 
your system.