[jira] [Comment Edited] (NIFI-10313) Unexpected "Access Token not found"

Thu, 04 Aug 2022 00:20:16 -0700 


    [ 
https://issues.apache.org/jira/browse/NIFI-10313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17575075#comment-17575075
 ] 

Malthe Borch edited comment on NIFI-10313 at 8/4/22 7:18 AM:
-------------------------------------------------------------

In {{nifi.properties}} we have:
{code:java}
# OpenId Connect SSO Properties #
nifi.security.user.oidc.discovery.url=https://login.microsoftonline.com/<tenant-id>/.well-known/openid-configuration
nifi.security.user.oidc.connect.timeout=5 secs
nifi.security.user.oidc.read.timeout=5 secs
nifi.security.user.oidc.client.id=<client-id>
nifi.security.user.oidc.client.secret=<client-secret>
nifi.security.user.oidc.preferred.jwsalgorithm=
nifi.security.user.oidc.additional.scopes=
nifi.security.user.oidc.claim.identifying.user=upn{code}
{code:java}
# User login configuration
nifi.security.user.authorizer=managed-authorizer
nifi.security.user.login.identity.provider= {code}
Please also see attached [^authorizers.xml].

We are not using sticky sessions. Our ingress controller annotations:
{code:java}
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/ssl-passthrough: true
nginx.ingress.kubernetes.io/ssl-redirect: true {code}
 


was (Author: malthe):
 

nifi.properties we have:

 
{code:java}
# OpenId Connect SSO Properties #
nifi.security.user.oidc.discovery.url=https://login.microsoftonline.com/<tenant-id>/.well-known/openid-configuration
nifi.security.user.oidc.connect.timeout=5 secs
nifi.security.user.oidc.read.timeout=5 secs
nifi.security.user.oidc.client.id=<client-id>
nifi.security.user.oidc.client.secret=<client-secret>
nifi.security.user.oidc.preferred.jwsalgorithm=
nifi.security.user.oidc.additional.scopes=
nifi.security.user.oidc.claim.identifying.user=upn{code}
{code:java}
# User login configuration
nifi.security.user.authorizer=managed-authorizer
nifi.security.user.login.identity.provider= {code}
Please also see attached [^authorizers.xml].

We are not using sticky sessions. Our ingress controller annotations:
{code:java}
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/ssl-passthrough: true
nginx.ingress.kubernetes.io/ssl-redirect: true {code}
 

> Unexpected "Access Token not found"
> -----------------------------------
>
>                 Key: NIFI-10313
>                 URL: https://issues.apache.org/jira/browse/NIFI-10313
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 1.17.0
>            Reporter: Malthe Borch
>            Assignee: David Handermann
>            Priority: Major
>         Attachments: authorizers.xml, nifi.log
>
>
> I'm experiencing some unexpected "Access Token not found" errors after 
> upgrading to 1.17.0.
> See attached traceback.
> What happens is that the NiFi UI seems to work but after a short while the 
> view is redirected to a conflict page (Unable to communicate with NiFi). 
> There are no other problems or evidence of the issue to be found in the logs.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to