Re: Found multiple policies exception

Wed, 08 Nov 2017 06:01:10 -0800 

Hi Kumar,

 

Access Policies in NiFi 1.3.0 are defined with (resource, action) pairs, where 
"resource" is basically the path part of the resource URI (e.g., /controller, 
/policies), and "action" is either 'read' or 'write'.

 

For each policy defined (resource, action) must be unique. So if you want to 
grant a user or userGroup read or write access to a resource, rather than 
create a new policy, first check if that policy already exists, and if so, add 
the users/groups to that policy. If the policy for the (resource, action) pair 
you want to set does not exist, then create it.

 

Referencing the NiFi REST API documentation [1]:

 

To view all existing policies:

 

GET /policies

 

To update an existing policy:

 

PUT /policies/{policyId}    # where policyId is returned by the server in the 
GET response

 

To create a new policy for a (resource, action) pair that does not already 
exist:

 

POST /policies  # the created policy, including the server-set id, will be 
returned in the response upon success

 

Note, that in order to add tenants (ie, users and userGroups) to a policy, you 
must discover their ids as well. You can use:

 

                GET /tenants/users

                GET/tenants/user-groups

                GET /tenants/search-results  # search by tenant identity, i.e., 
user name or group name.

 

These tenants endpoints may be helpful in resolving the other error you noticed 
in the logs, which user not found exception. Make sure the user you are 
referencing is in the result set of GET /tenants/users and use the same entity 
id when you are adding a user to a policy.

 

[1] https://nifi.apache.org/docs/nifi-docs/rest-api/index.html  

(this link is to 1.4.0 rest api docs, but the tenant and policy API endpoints 
are unchanged from 1.3.0 to my knowledge)

 

Hope this helps!

Kevin

 

From: kumar r <kumarc...@gmail.com>
Reply-To: <users@nifi.apache.org>
Date: Wednesday, November 8, 2017 at 05:30
To: <users@nifi.apache.org>
Subject: Found multiple policies exception

 

Hi,

I am using NiFi-1.3.0 secured with Kerberos. When i set a policy for a user, i 
am getting 

Found multiple policies for '/controller' with 'write'.

After checking log file, below exception occurs

org.apache.nifi.web.ResourceNotFoundException: Unable to find user with id 
'311656fb-3fef-303d-8b61-24d4a7d8aeb9'.. Returning Not Found response.
java.lang.IllegalStateException: Found multiple policies for '/controller' with 
'write'.. Returning Conflict response.

how to solve this? Is this NiFi issue? 

Thanks,

Kumar

Reply via email to