In case you or someone else wishes only to run, develop, start, stop,
start over, etc., and doesn't care to authenticate a (non-production)
installation, I have followed this since NiFi 1.14 and last used it for
1.19:
https://www.javahotchocolate.com/notes/nifi.html#20210716
If this doesn't work it's usually because the properties file has become
too modified. Start over with a fresh download.
Russ
On 12/28/22 12:03, Chris Sampson wrote:
I think you will need to remove/comment out the references to
single-user-provider in authorisers.xml and login-providers.xml as
well as removing it from nifi.properties (see the comments in these
files as they're provided in the nifi distributions).
If you are using 2-way TLS authentication then I don't think you need
to configure anything else, but remember that all of your nifi
instances in your cluster (if applicable) will need to trust one
another's certificates along with all user certificates - the easiest
way of doing this is typically to trust a common CA that issues all
the nifi instance and user certs. This could be nifi-toolkit, but
beware that the CA used by toolkit is auto-generated on startup, so
you need to retain and configure the same CA for toolkit of you plan
to use it to issue new certs in future.
On Wed, 28 Dec 2022, 17:32 James McMahon, <jsmcmah...@gmail.com> wrote:
I continue to experience errors when I try to start my nifi 1.16.3
instance. I have followed this guide in an effort to use the
toolkit to generate self-0signed certs for user admin, signed by a
nifi truststore:
Apache NiFi Walkthroughs
<https://nifi.apache.org/docs/nifi-docs/html/walkthroughs.html>
I seem to be having issues with this in my nifi.properties:
nifi.security.user.authorizer=single-user-authorizer
When I set it to nothing, it tells me this is required. When I set
it to single-user-authorizer, this error results in the log:
Error creating bean with name 'authorizer': FactoryBean threw
exception on object creation; nested exception is
java.lang.Exception: The specified authorizer
'single-user-authorizer' could not be found.
I suspect my authorizers.xml and/or my
login-identity-providers.xml files are misconfigured. How should
those two config files be structured if I wish to run a secure
nifi instance where mith my self-signed certs, generated using the
nifi toolkit?
