[ https://issues.apache.org/jira/browse/NIFI-10313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17575075#comment-17575075 ]
Malthe Borch edited comment on NIFI-10313 at 8/4/22 7:18 AM: ------------------------------------------------------------- In {{nifi.properties}} we have: {code:java} # OpenId Connect SSO Properties # nifi.security.user.oidc.discovery.url=https://login.microsoftonline.com/<tenant-id>/.well-known/openid-configuration nifi.security.user.oidc.connect.timeout=5 secs nifi.security.user.oidc.read.timeout=5 secs nifi.security.user.oidc.client.id=<client-id> nifi.security.user.oidc.client.secret=<client-secret> nifi.security.user.oidc.preferred.jwsalgorithm= nifi.security.user.oidc.additional.scopes= nifi.security.user.oidc.claim.identifying.user=upn{code} {code:java} # User login configuration nifi.security.user.authorizer=managed-authorizer nifi.security.user.login.identity.provider= {code} Please also see attached [^authorizers.xml]. We are not using sticky sessions. Our ingress controller annotations: {code:java} kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/ssl-passthrough: true nginx.ingress.kubernetes.io/ssl-redirect: true {code} was (Author: malthe): nifi.properties we have: {code:java} # OpenId Connect SSO Properties # nifi.security.user.oidc.discovery.url=https://login.microsoftonline.com/<tenant-id>/.well-known/openid-configuration nifi.security.user.oidc.connect.timeout=5 secs nifi.security.user.oidc.read.timeout=5 secs nifi.security.user.oidc.client.id=<client-id> nifi.security.user.oidc.client.secret=<client-secret> nifi.security.user.oidc.preferred.jwsalgorithm= nifi.security.user.oidc.additional.scopes= nifi.security.user.oidc.claim.identifying.user=upn{code} {code:java} # User login configuration nifi.security.user.authorizer=managed-authorizer nifi.security.user.login.identity.provider= {code} Please also see attached [^authorizers.xml]. We are not using sticky sessions. Our ingress controller annotations: {code:java} kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/ssl-passthrough: true nginx.ingress.kubernetes.io/ssl-redirect: true {code} > Unexpected "Access Token not found" > ----------------------------------- > > Key: NIFI-10313 > URL: https://issues.apache.org/jira/browse/NIFI-10313 > Project: Apache NiFi > Issue Type: Bug > Affects Versions: 1.17.0 > Reporter: Malthe Borch > Assignee: David Handermann > Priority: Major > Attachments: authorizers.xml, nifi.log > > > I'm experiencing some unexpected "Access Token not found" errors after > upgrading to 1.17.0. > See attached traceback. > What happens is that the NiFi UI seems to work but after a short while the > view is redirected to a conflict page (Unable to communicate with NiFi). > There are no other problems or evidence of the issue to be found in the logs. -- This message was sent by Atlassian Jira (v8.20.10#820010)