nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Russell Bateman <r...@windofkeltia.com>
Subject Legacy Authorized Users File approach not working?
Date Fri, 16 Dec 2016 22:21:07 GMT
I'm working on securing NiFi 1.1.0 with SSL. As I'm following a tutorial 
[1] written for 0.x, I'm attempting to use the legacy option in 
/conf/authorizers.//xml/:

    <authorizer>
       <identifier>file-provider</identifier>
    <class>org.apache.nifi.authorization.FileAuthorizer</class>
       <property name="Authorizations
    File">./conf/authorizations.xml</property>
       <property name="Users File">./conf/users.xml</property>
       <property name="Initial Admin Identity"></property>
    *  <property name="Legacy Authorized Users
    File">./conf/authorized-users.xml</property>*

       <!-- Provide the identity (typically a DN) of each node when
    clustered, see above description of Node Identity.
       <property name="Node Identity 1"></property>
       <property name="Node Identity 2"></property>
         -->
    </authorizer>


I fixed complaints of missing /users.xml/ already by supplying 
/conf/users.xml/, no default for which exists:

    <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
    <users/>


It would appear that this is insufficient (/logs/nifi-app.log/):

org.springframework.beans.factory.BeanCreationException: Error creating 
bean with name 'niFiWebApiSecurityConfiguration': Injection of autowired 
dependencies failed; nested exception is 
org.springframework.beans.factory.BeanCreationException: Could not 
autowire method: public void 
org.apache.nifi.web.NiFiWebApiSecurityConfiguration.setX509AuthenticationProvider(org.apache.nifi.web.security.x509.X509AuthenticationProvider);

nested exception is 
org.springframework.beans.factory.BeanCreationException: Error creating 
bean with name 'x509AuthenticationProvider' defined in class path 
resource [nifi-web-security-context.xml]: Cannot resolve reference to 
bean 'authorizer' while setting constructor argument; nested exception 
is org.springframework.beans.factory.BeanCreationException: Error 
creating bean with name 'authorizer': FactoryBean threw exception on 
object creation; nested exception is 
org.apache.nifi.authorization.exception.AuthorizerCreationException: 
javax.xml.bind.UnmarshalException
  - with linked exception:
*[org.xml.sax.SAXParseException; systemId: 
file:/home/russ/dev/nifi/secure-nifi/nifi-1.1.0/./conf/users.xml; 
lineNumber: 2; columnNumber: 9; cvc-elt.1: Cannot find the declaration 
of element 'users'.]*

I'm defining users by means of a 0.x /authorized-users.xml/ file, not 
the /users.xml/ file. There are no examples I can find of /users.xml/ 
and /authorizations.xml/, empty or otherwise, to compare with existing, 
functioning NiFi 0.x installations, so I can't tell if the whole legacy 
option just doesn't work anyway or if it's just that I've got stuff 
wrong still.

Grateful for comments or samples of working /users.xml/ and 
/authoriz//ations.xml/.

[1] http://www.batchiq.com/nifi-configuring-ssl-auth.html

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message