We are currently authenticating with personal certificates, should we change that then?
Stefan Jakobsson Systems Manager | Scania IT, IKCA | Scania CV AB Phone: +46 8 553 527 27 Mobile: +46 7 008 834 76 Forskargatan 20, SE-151 87 Södertälje, Sweden stefan.jakobs...@scania.com<mailto:stefan.jakobs...@scania.com> From: Shawn Weeks <swe...@weeksconsulting.us> Sent: den 18 oktober 2021 21:35 To: users@nifi.apache.org Subject: RE: Nifi and Registry behind Citrix ADC. Unless you’re operating the LB in TCP Mode you’ll need to configure NiFi to use an alternative authentication method like SAML, LDAP, OIDC, etc. You’ll also need to make sure that your proxy is passing the various HTTP headers through to NiFi and that NiFi is expecting traffic from a proxy. If you look in the nifi-user.log and nifi-app.log there might be some hints about what it didn’t like. Thanks Shawn From: Jakobsson Stefan <stefan.jakobs...@scania.com<mailto:stefan.jakobs...@scania.com>> Sent: Monday, October 18, 2021 2:26 PM To: users@nifi.apache.org<mailto:users@nifi.apache.org> Subject: RE: Nifi and Registry behind Citrix ADC. Ahh, no ADC as in applicationdelivery and loadbalancing 😊 Stefan Jakobsson Systems Manager | Scania IT, IKCA | Scania CV AB Phone: +46 8 553 527 27 Mobile: +46 7 008 834 76 Forskargatan 20, SE-151 87 Södertälje, Sweden stefan.jakobs...@scania.com<mailto:stefan.jakobs...@scania.com> From: Lehel Boér <lehel.b...@gmail.com<mailto:lehel.b...@gmail.com>> Sent: den 18 oktober 2021 15:03 To: users@nifi.apache.org<mailto:users@nifi.apache.org> Subject: Re: Nifi and Registry behind Citrix ADC. Hi Stefan, Please disregard my prior response. The name mislead me, I discovered ADC is not the same as Active Directory. Kind Regards, Lehel Boér Lehel Boér <lehel.b...@gmail.com<mailto:lehel.b...@gmail.com>> ezt írta (időpont: 2021. okt. 18., H, 14:54): Hi Stefan, Have you tried setting up NiFi with an LDAP provider? Here are a few useful links. - https://docs.cloudera.com/HDPDocuments/HDF3/HDF-3.4.1.1/nifi-security/content/ldap_login_identity_provider.html - https://pierrevillard.com/2017/01/24/integration-of-nifi-with-ldap Kind Regards, Lehel Boér Jakobsson Stefan <stefan.jakobs...@scania.com<mailto:stefan.jakobs...@scania.com>> ezt írta (időpont: 2021. okt. 18., H, 13:02): Hello, I have some issues trying to run Nifi and Nifi-registry behind an ADC. Reason for this is that we need Nifi be accessible from aws onto our onprem nifi installation due demands from our IT sec department Anyhow, I can connect to Nifi-Registry on the servers ipconfig (i.e. x.x.x.x:9443/nifi-registry) without problems, but if I try to use the URL setup in the ADC with 9443 redirected to the nifiservers IP we get an error saying: This page isn’t working nifiprod.oururl.com<http://nifiprod.oururl.com> didn’t send any data. ERR_EMPTY_RESPONSE Anyone has any ideas what I should start looking at? I set the https.host to 0.0.0.0 in nifi-registry.conf. Stefan Jakobsson Systems Manager | Scania IT, IKCA | Scania CV AB Phone: +46 8 553 527 27 Mobile: +46 7 008 834 76 Forskargatan 20, SE-151 87 Södertälje, Sweden stefan.jakobs...@scania.com<mailto:stefan.jakobs...@scania.com>