RE: Insufficient Permissions - Unable to view the user interface - at WebUI

Thu, 22 Feb 2024 06:09:16 -0800 

My ./config/authorizers.xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<authorizers>
    <userGroupProvider>
        <identifier>file-user-group-provider</identifier>
        <class>org.apache.nifi.authorization.FileUserGroupProvider</class>
        <property name="Users File">./conf/users.xml</property>
        <property name="Initial User Identity 1">CN=My 
Name,OU=MyOU,DC=MyDomain</property>
    </userGroupProvider>
    <accessPolicyProvider>
        <identifier>file-access-policy-provider</identifier>
        <class>org.apache.nifi.authorization.FileAccessPolicyProvider</class>
        <property name="User Group Provider">file-user-group-provider</property>
        <property name="Authorizations 
File">./conf/authorizations.xml</property>
        <property name="Initial Admin Identity">CN=My 
Name,OU=MyOU,DC=MyDomain</property>
        <property name="Node Identity 1"></property>
        <property name="Node Group"></property>
    </accessPolicyProvider>
    <authorizer>
        <identifier>managed-authorizer</identifier>
        <class>org.apache.nifi.authorization.StandardManagedAuthorizer</class>
        <property name="Access Policy 
Provider">file-access-policy-provider</property>
    </authorizer>
</authorizers>


From: Alexei Rozenvaser <[email protected]>
Sent: Thursday, February 22, 2024 2:59 PM
To: [email protected]
Subject: Insufficient Permissions - Unable to view the user interface - at WebUI

Hi Everyone

I have a brand new installation of NiFi 2.0.
I configured LDAP user authentication.
I have my AD DN defined as both "Initial User Identity 1" and "Initial Admin 
Identity" in authorizers.xml
1.    Now I can launch the NiFi server successfully.
2.    I can successfully log in to NiFi's webUI with my AD user
3.    But I get: "Insufficient Permissions" - "Unable to view the user 
interface."  at WebUI
4.    There is an AccessDeniedExeptionMapper identity [cn=My 
Name,ou=MyOU,DC=MyDC], group[] does not have permission to access the requested 
resource. Unable to view the user interface. Returning Forbidden response. 
entry at nifi-user.log
If I understand the situation correctly I can pass the authentication phase but 
my user wasn't authorized for UI access?
What should I check first?

Reply via email to