Hi Scott, Can you have a look at the authorizations.xml file? (and share the content of it to confirm that node users are given the proxy authorizations?)
Thanks! 2018-03-30 16:15 GMT+02:00 Scott Howell <[email protected]>: > I am nearing the finish line of setting up a cluster using a self-signed > cert. > > When trying to login to the cluster after the cluster comes up I am able > to see in the logs that my initial admin user is able to login. > > Once that takes place I get an “Untrusted proxy” error on both the UI and > in the nifi-user.log. > > This is what I see in the UI: Untrusted proxy > CN="nifi-2.dev.{redacted}.com, OU=Nifi” > > In my authorizers.xml I have this: > <authorizers> > <authorizer> > <identifier>file-provider</identifier> > <class>org.apache.nifi.authorization.FileAuthorizer</class> > <property name="Authorizations File">/opt/config/ > authorizations.xml</property> > <property name="Users File">/opt/config/users.xml</property> > <property name="Initial Admin Identity">uid=scott,ou=users, > dc={redacted},dc=com</property> > <property name="Legacy Authorized Users File"></property> > > <property name="Node Identity 1">CN=nifi-1.dev.{redacted}.com, > OU=Nifi</property> > <property name="Node Identity 2">CN=nifi-2.dev.{redacted}.com, > OU=Nifi</property> > <property name="Node Identity 3">CN=nifi-3.dev.{redacted}.com, > OU=Nifi</property> > </authorizer> > </authorizers> > > On the nodes I am seeing this in my user.xml > <tenants> > <groups/> > <users> > <user identifier="4e9a2753-85a0-3c8e-96bf-6d5ef821fe53" > identity="uid=scott,ou=users,dc={redacted},dc=com"/> > <user identifier="20f01804-bad9-3baf-9ebb-5846ae8e7425" > identity="CN=nifi-1.dev.{redacted}.com, OU=Nifi"/> > <user identifier="ce02b3e3-68ff-3bc1-9001-6a66b26db1f9" > identity="CN=nifi-2.dev.{redacted}.com, OU=Nifi"/> > <user identifier="c0ae0a6d-d80a-39ce-aa5e-b519066ffefe" > identity="CN=nifi-3.dev.{redacted}.com, OU=Nifi"/> > </users> > </tenants> > > I believe the issue is with where the “ is in my error "Untrusted proxy > CN="nifi-2.dev.mobilgov.com, OU=Nifi”” but I am not able to figure out > where that quotation is coming from because I can’t find it in anywhere. > > Was wondering if anyone has had issues with this before. > > Scott >
