nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy LoPresto <alopre...@apache.org>
Subject Re: Question about LDAP authentication/authorization
Date Thu, 07 May 2020 19:38:20 GMT
Hi Claudio,

Yes, you should be able to accomplish this by putting the highest level group you want authorized
(in this case, Group B) as the target. There is more information available in the Admin Guide
[1]. I think the important setting for this case is Group Search Scope, which would likely
need to be set to “SUBTREE”. More information on nested LDAP groups here [2]. 

[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldapusergroupprovider
<https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldapusergroupprovider>
[2] https://stackoverflow.com/a/5135252/70465 <https://stackoverflow.com/a/5135252/70465>

Andy LoPresto
alopresto@apache.org
alopresto.apache@gmail.com
He/Him
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69

> On May 7, 2020, at 11:18 AM, Lombardo, Claudio <cmlombardo@ucsd.edu.INVALID> wrote:
> 
> Hello there.
> 
> I was wondering if NIFI supports nested groups for authorization.
> 
> Basically, if a user is a member of Group A and group A is a member of Group B, is it
possible to have NIFI authorize group B, which only contains another group (group A)?
> 
> Thank you,
> Claudio
> 
> Claudio M. Lombardo
> Sr. Enterprise Platforms Engineer
> Application Platforms​
> Information Technology Services​
> ​
> UC San Diego​
> cmlombardo@ucsd.edu​


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message