‘ User Search Base’ – Base DN for searching for users (i.e. ‘Read Timeout’ – Duration of read timeout. ‘Connect Timeout’ – Duration of connect timeout. Possible values are FOLLOW, IGNORE, THROW. ‘Referral Strategy’ – Strategy for handling referrals. ![]() ‘TLS – Shutdown Gracefully’ – Specifies whether the TLS should be shut down gracefully before the target context is closed. ‘TLS – Protocol’ – Protocol to use when connecting to LDAP using LDAPS or START_TLS. Possible values are REQUIRED, WANT, NONE. ‘TLS – Client Auth’ – Client authentication policy when connecting to LDAP using LDAPS or START_TLS. ‘TLS – Truststore Type’ – Type of the Truststore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. ‘TLS – Truststore Password’ – Password for the Truststore that is used when connecting to LDAP using LDAPS or START_TLS. ‘TLS – Truststore’ – Path to the Truststore that is used when connecting to LDAP using LDAPS or START_TLS. ‘TLS – Keystore Type’ – Type of the Keystore that is used when connecting to LDAP using LDAPS or START_TLS (i.e. ‘TLS – Keystore Password’ – Password for the Keystore that is used when connecting to LDAP using LDAPS or START_TLS. ‘TLS – Keystore’ – Path to the Keystore that is used when connecting to LDAP using LDAPS or START_TLS. ‘Manager Password’ – The password of the manager that is used to bind to the LDAP server to search for users. ‘Manager DN’ – The DN of the manager that is used to bind to the LDAP server to search for users. Possible values are ANONYMOUS, SIMPLE, LDAPS, or START_TLS. ‘Authentication Strategy’ – How the connection to the LDAP server is authenticated. Identity Provider for users logging in with username/password against an LDAP server. ![]() Here are the LDAP parameters (and we can notice that the identifier is matching the value set in nifi.properties): Īnd here is the associated documentation: identity.provider=ldap-providerĪnd then I just need to configure my XML files and to restart NiFi. OK, so I set the following values in nifi.properties: .configuration.file=./conf/login-identity-providers.xml In other words, if you want login/password authentication, your cluster needs to be secured first! Using HTTP all users will be granted all roles. NiFi does not perform user authentication over HTTP. By default, this property is not configured meaning that username/password must be explicitly enabled. If this property is not configured, NiFi will not support username/password authentication and will require client certificates for authenticating users over HTTPS. The .identity.provider property indicates which of the configured Login Identity Provider should be used. ![]() The .configuration.file property specifies the configuration file for Login Identity Providers. Which Login Identity Provider to use is configured in two properties in the nifi.properties file. The Login Identity Provider is a pluggable mechanism for authenticating users via their username/password. Username/password authentication is performed by a Login Identity Provider. NiFi supports user authentication via client certificates or via username/password.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |