[ https://issues.apache.org/jira/browse/NIFI-4847?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Georgy updated NIFI-4847: ------------------------- Attachment: nifi_error.PNG > Ldap authorization problem in secure cluster > -------------------------------------------- > > Key: NIFI-4847 > URL: https://issues.apache.org/jira/browse/NIFI-4847 > Project: Apache NiFi > Issue Type: Bug > Components: Core Framework > Affects Versions: 1.5.0 > Environment: 2 node cluster > RHEL 7.3 > NiFi 1.5.0 > Windows AD > Reporter: Georgy > Priority: Major > Attachments: nifi.zip, nifi_error.PNG > > > Hi guys, > Have a problem when using LDAP Auth with LDAP Authorization in NiFi secure > cluster mode. > My DN in AD looks so: > CN=Lastname Firstname Middlename, OU=..., ... > where CN consists of cyrillic chars (russian alphabet) > After successful ldap auth and applying specified mappings NiFi passes CN > only (only 1st, last, middle name) to ldap authorizer. In single mode I have > no problems, my CN successfully passes authorization. But in cluster mode I > have such error: > Unknown user with identity 'Ð<U+0091>езÑ<U+0080>Ñ<U+0083>киÑ<U+0085> > Ð<U+0093>еоÑ<U+0080>гийÐ<U+0093>еннадÑ<U+008C>евиÑ<U+0087>'. > Returning Forbidden response. > See attached screenshot with error message in UI. > It seems that there is ISO-8859-1 chars but NiFi tries to implement it as > UTF-8 sequence. Can't understand what is the reason of this transformation in > cluster mode. > I've tried ldap auth with "Identity Strategy = USE_DN" witthout any mappings > and specified my sAMAccountName in file-user-group-provider as Initial User > Identity. Such workaround works but I have to create other ldap users > manually. So I would prefer ldap authorization. > Can you help me to find out a solution? > You can find conf & logs in attachment. > > Env: > 2 node cluster > NiFi 1.5.0 > RHEL 7.3 > Windows AD > -- This message was sent by Atlassian JIRA (v7.6.3#76005)