Hi Edward, Thanks for the reply here logger level into "DEBUG" mode updated
logs has been mentioned here, please help me to resolve this issue;
2020-11-05 05:29:23,029 INFO [NiFi Web Server-23]
o.a.n.c.s.StandardProcessScheduler Starting
PutHDFS[id=8e0a7636-0175-1000-810b-e0cb6cb164e0]
2020-11-05
They are currently stored in the flow and encrypted the same way as
sensitive properties. There has been discussion around sourcing sensitive
parameters from external systems like Vault, but I’m not aware of anyone
working on it. I could see value binding to external files, but also not
sure of
Hi Bryan,
Thank you for pointing me to parameter contexts as a possible answer to a
shortcoming we deal w/ for reasons of some challenges in handling different
environments with their different constraints and limitations we deal w/ for
those environments. I’ve glanced at the parameter
In the traditional scenario it would work like the following…
1) Processor in NiFi is configured to use some credentials, lets say a key tab
2) Processor runs and attempts authentication to HDFS using the configured key
tab
3) If authentication is successful, then HDFS performs authorization,
Sure thing Joe. Let me provide a more clear use case.
As I mentioned, our identities are established at the enterprise level. So
while I mentioned the existing auth(entication yes) I see in processors now
(basic auth, kerberos), probably the general use case there is to authenticate
to a
Darren
Its difficult to get to what you have in mind as you keep saying
authorization but then giving examples of authentication protocols
(kerberos/keytabs, basic auth).
Lets focus though on your later comment about hdfs processors. Take for
example put hdfs...it connects to and hdfs cluster
Hi Bryan,
Thanks for the input. Right now, I'm really exploring how better to
accommodate migrating from the use of keytabs to our corporate mandate for
pkinit support. Observing that the current authorizations in processors (basic
auth, kerberos etc) are tightly wired, it suggested to me an
Darren,
I also thought you were talking about authentication. Processors don’t really
perform authorization, they provide credentials to some system which is
authentication, the system then decides if they authenticated successfully, and
then some systems may also perform authorization to
Thanks Joe.
Just looking to see where community might be going down the road with respect
to processor security so we can keep our efforts aligned.
In regards to your question I primarily mean authorization. Our company already
has a SSO that establishes identity credentials so these are then
Hi,
Looking at the error I would guess that for some reason the PutHDFS
processor isn't able to resolve the data node in HDFS.
Do you have any additional infornation around HDFS in your Nifi app log or
any information in the HDFS logs?
Otherwise I would suggest lowering lowering the log level
Hi Jeremy,
The recommended approach would be to use parameter contexts Introduced in
1.10.0. All properties automatically support parameters and parameters can
be marked as sensitive and will be stored encrypted.
Thanks,
Bryan
On Wed, Nov 4, 2020 at 1:37 PM Jeremy Taylor <
Not sure if this would be helpful for you, but I wonder if you could use
the new process group concurrency controls introduced in 1.12.0 to help
determine when processing is complete. You could set a process group to
allow 1 flow file in at a time and then batch output to wait for all flow
files
Greetings,
(Background: We are currently using NiFi 1.9.2 and hope to do a leap-frog
upgrade within the next 6 months.)
Upon looking into a particular NiFi topic, my team members and I were recently
reminded of the following two things that we feel go together that we would
love to see NiFi
Eric
Nope Im not aware of anything specific.
Thanks
Joe
On Wed, Nov 4, 2020 at 9:54 AM Eric Secules wrote:
> Hello,
>
> I agree it's not the best idea to use the provenance data constantly to
> check when a test file is finally done being processed. Do you know if
> anything came out in
Darren
You will want this thread on dev list to get traction.
Also please clarify if you mean authorization or whether you mean
authentication. I read all usages as meaning to discuss authentication.
thanks
On Wed, Nov 4, 2020 at 9:53 AM Darren Govoni wrote:
> Greetings!
>
> We have an
Hello,
I agree it's not the best idea to use the provenance data constantly to
check when a test file is finally done being processed. Do you know if
anything came out in 1.12.0 or 1.12.1 which would cause provenance queries
to have a greater impact? We recently upgraded nifi among other changes
Greetings!
We have an internal need to move to a specific PK based authorization for all
our nifi processors. Currently, authorizations such as basic auth and kerberos
seem to be wired directly inside the processors. My design approach to
addressing our need also seeks to factor authorization
Hi,
Im trying to put data into hdfs filesystem, but i didnt work properly. I
have configured both 50010, 8020 ports telnet everything working from nifi
server but still i cant be able to resolve this issue, Please anyone help me
out from this issue, it creates file in hdfs location but it didnt
18 matches
Mail list logo
