Re: NiFi Error on SSL Setup for cluster UI not loading - Insufficient Permissions Untrusted proxy

Tue, 05 Jan 2021 14:26:20 -0800 

Hello Karthikeyan

As Chris has pointed out, you would need to add node identities
in authorizations.xml

This is required to establish node identity with NiFi cluster.

Thanks
Sushil Kumar

On Tue, Jan 5, 2021 at 7:52 AM MUTHUKRISHNAN, KARTHIKEYAN <km9...@att.com>
wrote:

> Hi Team,
>
> Can you help us to troubleshoot this issue ?
>
>
> Thanks & Regards,
> M.Karthikeyan.
>
>
> ________________________________
> From: MUTHUKRISHNAN, KARTHIKEYAN
> Sent: Tuesday, December 22, 2020 7:08 PM
> To: dev@nifi.apache.org <dev@nifi.apache.org>
> Cc: RANJAN, RAJIV <rr0...@att.com>; RAJU, JOSEPH <jr4...@att.com>
> Subject: NiFi Error on SSL Setup for cluster UI not loading - Insufficient
> Permissions Untrusted proxy
>
> Hi Team,
>
> I have created a NiFi cluster with 3 nodes and configured SSL for all 3
> eith self signed certs generated for all 3 nodes and a admin user cert. I
> have also configured authorization.xml and nifi.properties acordingly as
> prescribed. I can see users.xml and authorizers.xml getting generated
> properly with Initial Admin configured with cert admin id. All looks good
> in my config files. But i am getting following error in ui : Insufficient
> Permissions Untrusted proxy CN=XXXX.YY.ZZ.com, OU=NIFI
>
> nifi-user Logs looks as with below errors,
>
> 2020-12-22 13:05:27,375 INFO [NiFi Web Server-61]
> o.a.n.w.s.NiFiAuthenticationFilter Attempting request for (CN=nifi-admin)
> GET https://XXXX.YY.ZZ.com:9443/nifi-api/flow/current-user (source ip:
> xx.xx.xx.xxx)
> 2020-12-22 13:05:27,380 INFO [NiFi Web Server-61]
> o.a.n.w.s.NiFiAuthenticationFilter Authentication success for CN=nifi-admin
> 2020-12-22 13:05:53,219 INFO [NiFi Web Server-61]
> o.a.n.w.s.NiFiAuthenticationFilter Attempting request for
> (<CN=nifi-admin><CN=XXXX.YY.ZZ.com, OU=NIFI>) GET
> https://XXXX.YY.ZZ.com:9443/nifi-api/flow/current-user (source ip:
> 130.6.168.62)
> 2020-12-22 13:05:53,226 WARN [NiFi Web Server-61]
> o.a.n.w.s.NiFiAuthenticationFilter Rejecting access to web api: Untrusted
> proxy CN=XXXX.YY.ZZ.com, OU=NIFI
>
> Could you please help me to narrow down if i am missing anything other
> than specified on documentations ?
>
>
> Thanks & Regards,
> M.Karthikeyan.
>
>

Reply via email to