Brian, NiFi will only grant permissions to the components in the canvas if there is an existing flow.xml.gz in your conf directory. This is due to lifecycle constraints when clustered. This is described in the link you provided if you scroll down a little bit and look for the (i) info icon.
Thanks Matt On Tue, Oct 10, 2017 at 3:47 PM, Brian Ghigiarelli <briang...@gmail.com> wrote: > With a clean install of Apache NiFi 1.4.0 using certificate-based > authentication through file providers, I am able to login to the NiFi > canvas, but it is not authorizing me (the Initial Admin Identity) to > perform any tasks. I'm following the first example configuration at > https://nifi.apache.org/docs/nifi-docs/html/administration- > guide.html#initial-admin-identity. > I > can see that the authorizations.xml file is being generated with the same > UUID as the user that is generated in users.xml, and that user has entries > in the following policies: > > - /flow (R) > - /restricted-components (W) > - /tenants (R) > - /tenants (W) > - /policies (R) > - /policies (W) > - /controller (R) > - /controller (W) > > Based on the docs, a few pieces of the authorizers.xml file changed from > 1.3.0 to 1.4.0, and I changed the nifi.properties > nifi.security.user.authorizer to managed-authorizer. Any ideas what I'm > missing here? Or where to begin debugging? > > Thanks, > Brian >
