Re: Policies for root Process Group.
Thanks Matt, I get now what is the problem, in order to exhaust all my possibilities I may ask, is there a way using the API to get the root UUID from the flow.xml.gz file? Because I see the file there after running the tests. Thanks, On Mon, Feb 26, 2018 at 3:26 PM, Daniel Hernandez < daniel.hernan...@civitaslearning.com> wrote: > Hi Matt, > > Thanks for your answer. > > Do you know if there is a way to preconfigure this value when running > Nifi's Docker image? I am making the calls from an integration test that > runs a docker container with the Nifi server. I already check and the value > under in the flow.xml.gz file changes everytime I deploy > the container, I guess it is created at startup. Is it possible that I can > change my docker image to get a fix root group value? > > Thanks, > > Daniel > > On Mon, Feb 26, 2018 at 11:35 AM, Daniel Hernandez <daniel.hernandez@ > civitaslearning.com> wrote: > >> Hi, >> >> I am currently working on calling the Nifi REST API to get the 'root' >> process group and setting it as parent for a new process-group. >> >> However I am getting the next messages: >> >> Attempting GET request to: JerseyWebTarget { >> https://127.0.0.1:8443/nifi-api/process-groups/root } >> 2018-02-26 11:06:55.341 DEBUG --- [ main] >> c.c.p.n.c.i.b.BootApiClient : >> 2018-02-26 11:06:55.341 DEBUG --- [ main] >> c.c.p.n.c.i.b.BootApiClient : Received 403 response from GET >> to JerseyWebTarget { https://127.0.0.1:8443/nifi-api/process-groups/root >> } >> >> com.civitaslearning.platform.nifi.client.invoker.boot.exception.NifiForbiddenException: >> No applicable policies could be found. Contact the system administrator. >> >> This is the content of my authorizations.xml file: >> >> >> >> >> >> >> >> > resource="/flow" action="R"> >> >> >> >> >> >> > resource="/restricted-components" action="W"> >> >> >> >> >> >> > resource="/tenants" action="R"> >> >> >> >> >> >> > resource="/tenants" action="W"> >> >> >> >> >> >> > resource="/policies" action="R"> >> >> >> >> >> >> > resource="/policies" action="W"> >> >> >> >> >> >> > resource="/controller" action="R"> >> >> >> >> >> >> > resource="/controller" action="W"> >> >> >> >> >> >> > resource="/process-groups/root" action="R"> >> >> >> >> >> >> > resource="/process-groups/root" action="W"> >> >> >> >> >> >> >> >> >> >> And this is the content of authorizations.xml >> >> >> >> >> >> file-access-policy-provider >> >> org.apache.nifi.authorization.FileAccessPolicyProvide >> r >> >> file-user-group-prov >> ider >> >> ./conf/authorizations.xm >> l >> >> CN=civitas, >> OU=ApacheNifi >> >> >> >> >> >> >> >> >> >> >> managed-authorizer >> >> org.apache.nifi.authorization.StandardManagedAuthoriz >> er >> >> file-access-policy-p >> rovider >> >> >> >> >> >> >> And users.xml >> >> >> >> >> >> >> >> >> >> >> > identity="CN=civitas, OU=ApacheNifi"/> >> >> >> >> >> >> I already create a policy using the same user cert so I guess the DN is >> valid. >> Am I defining the policy or making the call in a wrong way? >> >> Thanks in advance, >> >> Daniel Hernandez >> >> >> >
Re: Policies for root Process Group.
Hi Matt, Thanks for your answer. Do you know if there is a way to preconfigure this value when running Nifi's Docker image? I am making the calls from an integration test that runs a docker container with the Nifi server. I already check and the value under in the flow.xml.gz file changes everytime I deploy the container, I guess it is created at startup. Is it possible that I can change my docker image to get a fix root group value? Thanks, Daniel On Mon, Feb 26, 2018 at 11:35 AM, Daniel Hernandez < daniel.hernan...@civitaslearning.com> wrote: > Hi, > > I am currently working on calling the Nifi REST API to get the 'root' > process group and setting it as parent for a new process-group. > > However I am getting the next messages: > > Attempting GET request to: JerseyWebTarget { https://127.0.0.1:8443/nifi- > api/process-groups/root } > 2018-02-26 11:06:55.341 DEBUG --- [ main] > c.c.p.n.c.i.b.BootApiClient : > 2018-02-26 11:06:55.341 DEBUG --- [ main] > c.c.p.n.c.i.b.BootApiClient : Received 403 response from GET > to JerseyWebTarget { https://127.0.0.1:8443/nifi-api/process-groups/root } > > com.civitaslearning.platform.nifi.client.invoker.boot.exception.NifiForbiddenException: > No applicable policies could be found. Contact the system administrator. > > This is the content of my authorizations.xml file: > > > > > > > > resource="/flow" action="R"> > > > > > > resource="/restricted-components" action="W"> > > > > > > resource="/tenants" action="R"> > > > > > > resource="/tenants" action="W"> > > > > > > resource="/policies" action="R"> > > > > > > resource="/policies" action="W"> > > > > > > resource="/controller" action="R"> > > > > > > resource="/controller" action="W"> > > > > > > resource="/process-groups/root" action="R"> > > > > > > resource="/process-groups/root" action="W"> > > > > > > > > > > And this is the content of authorizations.xml > > > > > > file-access-policy-provider > > org.apache.nifi.authorization.FileAccessPolicyProvider class> > > file-user-group- > provider > > ./conf/authorizations. > xml > > CN=civitas, > OU=ApacheNifi > > > > > > > > > > > managed-authorizer > > org.apache.nifi.authorization.StandardManagedAuthorizer class> > > file-access-policy- > provider > > > > > > > And users.xml > > > > > > > > > > > identity="CN=civitas, OU=ApacheNifi"/> > > > > > > I already create a policy using the same user cert so I guess the DN is > valid. > Am I defining the policy or making the call in a wrong way? > > Thanks in advance, > > Daniel Hernandez > > >
Policies for root Process Group.
Hi, I am currently working on calling the Nifi REST API to get the 'root' process group and setting it as parent for a new process-group. However I am getting the next messages: Attempting GET request to: JerseyWebTarget { https://127.0.0.1:8443/nifi-api/process-groups/root } 2018-02-26 11:06:55.341 DEBUG --- [ main] c.c.p.n.c.i.b.BootApiClient : 2018-02-26 11:06:55.341 DEBUG --- [ main] c.c.p.n.c.i.b.BootApiClient : Received 403 response from GET to JerseyWebTarget { https://127.0.0.1:8443/nifi-api/process-groups/root } com.civitaslearning.platform.nifi.client.invoker.boot.exception.NifiForbiddenException: No applicable policies could be found. Contact the system administrator. This is the content of my authorizations.xml file: And this is the content of authorizations.xml file-access-policy-provider org.apache.nifi.authorization.FileAccessPolicyProvider file-user-group-provider ./conf/authorizations.xml CN=civitas, OU=ApacheNifi managed-authorizer org.apache.nifi.authorization.StandardManagedAuthorizer file-access-policy-provider And users.xml I already create a policy using the same user cert so I guess the DN is valid. Am I defining the policy or making the call in a wrong way? Thanks in advance, Daniel Hernandez