The identifier is something that is purely internal to NiFi. In your configuration files you'd reference the admin user by its identity, not its identifier. So you'd need:
<property name="Initial Admin Identity">admin-user</property> In your authorizers.xml file, where appropriate. Please note that a successful configuration also depends on how you have configured login-identity-providers.xml. At a high level, your login identity provider would persist users and groups in your users.xml file that would be used by your authorizers and then applied against to define your policies. Le sam. 2 août 2025 à 02:47, [email protected] <[email protected]> a écrit : > > Hi Pierre, > > Thank you again for your continued help. > > I have performed a final check on all of my configuration files, and I am > still seeing the same error. > > Here is what I have confirmed: > > 1. The UUID in my `authorizers.xml` and `users.xml` files are an exact, > character-for-character match. > > 2. The `nifi.properties` file correctly references `managed-authorizer`. > > 3. I have checked for a different NiFi installation and confirmed I am > running the correct one. > > Given that all configuration files are correct, I am still at a loss as to > what is causing the `Unable to locate initial admin` error. > > Below is `authorizers.xml` and `users.xml` files for your review. > > authorizers.xml > --------------- > <?xml version="1.0" encoding="UTF-8" standalone="yes"?> > <authorizers> > <userGroupProvider> > <identifier>file-user-group-provider</identifier> > <class>org.apache.nifi.authorization.FileUserGroupProvider</class> > <property name="Users File">./conf/users.xml</property> > </userGroupProvider> > > <accessPolicyProvider> > <identifier>file-access-policy-provider</identifier> > <class>org.apache.nifi.authorization.FileAccessPolicyProvider</class> > <property name="User Group > Provider">file-user-group-provider</property> > <property name="Authorizations > File">./conf/authorizations.xml</property> > <property name="Initial Admin > Identity">b64b7120-1d20-4b10-9cd8-f53a0502167b</property> > </accessPolicyProvider> > > <authorizer> > <identifier>managed-authorizer</identifier> > <class>org.apache.nifi.authorization.StandardManagedAuthorizer</class> > <property name="Access Policy > Provider">file-access-policy-provider</property> > <property name="User Group > Provider">file-user-group-provider</property> > <property name="Initial Admin > Identity">b64b7120-1d20-4b10-9cd8-f53a0502167b</property> > </authorizer> > </authorizers> > ---- > > users.xml > --- > <?xml version="1.0" encoding="UTF-8" standalone="yes"?> > <tenants> > <groups/> > <users> > <user identifier="b64b7120-1d20-4b10-9cd8-f53a0502167b" > identity="admin-user" /> > </users> > </tenants> > --- > > Do you have any other suggestions, or could this be an issue with my local > environment? > > Thank you for your time. > > Best Regards, > > Dana > > > > ________________________________ > From: Pierre Villard <[email protected]> > Sent: Friday, August 1, 2025 11:05 PM > To: [email protected] <[email protected]> > Cc: [email protected] <[email protected]> > Subject: Re: [NIFI-2.5.0] Persistent startup error: Element 'user' must have > no character or element information item > > This is now an entirely different issue: > > Caused by: > org.apache.nifi.authorization.exception.AuthorizerCreationException: > Unable to locate initial admin b64b7120-1d20-4b10-9cd8-f53a0502167b to > seed policies > > This error is usually because there is a mismatch on how you > configured your initial admin in authorizers.xml and how your > corresponding user is specified in users.xml. > > Le ven. 1 août 2025 à 17:39, [email protected] > <[email protected]> a écrit : > > > > Hi Pierre, > > > > Thank you again for your quick response and for providing the correct > > format for users.xml. > > > > I have applied the fix you provided. However, I am still getting an error > > after several more troubleshooting steps. > > > > Here is what I have done since my last email: > > > > 1. I have updated the users.xml file to the exact attribute-based format > > you provided. > > 2. I have deleted the authorizations.xml file and the entire work > > directory. > > 3. I have restarted NiFi, forcing it to rebuild all its files from scratch. > > > > Despite all these steps, I am still getting the same error. > > > > The log shows the following: > > > > --- > > 2025-08-01 22:25:58,193 ERROR [main] o.s.web.context.ContextLoader Context > > initialization failed > > org.springframework.beans.factory.UnsatisfiedDependencyException: ... > > Caused by: org.springframework.beans.factory.BeanCreationException: Error > > creating bean with name 'authorizer': FactoryBean threw exception on object > > creation > > ... > > Caused by: > > org.apache.nifi.authorization.exception.AuthorizerCreationException: Unable > > to locate initial admin b64b7120-1d20-4b10-9cd8-f53a0502167b to seed > > policies > > ... > > --- > > > > Given that the users.xml file is now in the correct format, I am very > > confused as to why the error persists. It seems the issue might be beyond a > > simple configuration file problem. > > > > Do you have any further suggestions, perhaps related to a system-level or > > environment-specific issue? > > > > Thank you for your time and continued assistance. > > > > Best Regards, > > > > Dana > > > > > > ________________________________ > > From: Pierre Villard <[email protected]> > > Sent: Friday, August 1, 2025 9:12 PM > > To: [email protected] <[email protected]> > > Cc: [email protected] <[email protected]> > > Subject: Re: [NIFI-2.5.0] Persistent startup error: Element 'user' must > > have no character or element information item > > > > You should define the users as below: > > > > <?xml version="1.0" encoding="UTF-8" standalone="yes"?> > > <tenants> > > <groups/> > > <users> > > <user identifier="b64b7120-1d20-4b10-9cd8-f53a0502167b" > > identity="admin-user" /> > > ... > > </users> > > </tenants> > > > > Hope this helps, > > Pierre > > > > Le ven. 1 août 2025 à 16:05, [email protected] > > <[email protected]> a écrit : > > > > > > Hi Pierre, > > > > > > Thank you for the quick reply. > > > > > > Here is the content of my users.xml file, as requested. > > > > > > --- > > > <?xml version="1.0" encoding="UTF-8" standalone="yes"?> > > > <tenants> > > > <groups/> > > > <users> > > > <user> > > > <identifier>b64b7120-1d20-4b10-9cd8-f53a0502167b</identifier> > > > <identity>admin-user</identity> > > > </user> > > > </users> > > > </tenants> > > > --- > > > > > > I appreciate your help in looking into this. > > > > > > Thank you. > > > > > > Best Regards, > > > > > > Dana > > > > > > ________________________________ > > > From: Pierre Villard <[email protected]> > > > Sent: Friday, August 1, 2025 5:59 PM > > > To: [email protected] <[email protected]> > > > Subject: Re: [NIFI-2.5.0] Persistent startup error: Element 'user' must > > > have no character or element information item > > > > > > Hi Dana, > > > > > > Can you share the (redacted if needed) content of users.xml file? > > > > > > Thanks, > > > Pierre > > > > > > Le ven. 1 août 2025 à 12:39, [email protected] > > > <[email protected]> a écrit : > > > > > > > > Hello everyone, > > > > > > > > I'm trying to set up a new instance of Apache NiFi 2.5.0 with security > > > > enabled for a new project. > > > > > > > > I have been running into a persistent startup error and am looking for > > > > some guidance. > > > > > > > > Environment Details > > > > > > > > NiFi Version: 2.5.0 > > > > Java : openjdk version "21.0.7" > > > > OS : Windows 10 Home > > > > > > > > The Problem Description > > > > > > > > The application fails to start with the following error: > > > > 2025-08-01 16:53:11,024 ERROR [main] o.s.web.context.ContextLoader > > > > Context initialization failed > > > > org.springframework.beans.factory.UnsatisfiedDependencyException: ... > > > > Caused by: org.springframework.beans.factory.BeanCreationException: > > > > Error creating bean with name 'authorizer': FactoryBean threw exception > > > > on object creation ... Caused by: > > > > org.apache.nifi.authorization.exception.AuthorizerCreationException: > > > > jakarta.xml.bind.UnmarshalException - with linked exception: > > > > [org.xml.sax.SAXParseException; systemId: > > > > file:/C:/nifi-2.5.0-bin/nifi-2.5.0/./conf/users.xml; lineNumber: 8; > > > > columnNumber: 16; cvc-complex-type.2.1: Element 'user' must have no > > > > character or element information item [children], because the type's > > > > content type is empty.] ... > > > > > > > > Based on standard troubleshooting, here is a list of the steps I have > > > > already taken: > > > > > > > > 1. Configured security files (authorizers.xml, users.xml) and verified > > > > the configuration multiple times. > > > > > > > > 2. Confirmed the 'Initial Admin Identity' is correctly set in both the > > > > access policy provider and the managed authorizer blocks. > > > > > > > > 3. Ensured the 'User Group Provider' property is correctly defined in > > > > all relevant sections of authorizers.xml. > > > > > > > > 4. Corrected the 'nifi.security.user.authorizer' property in > > > > nifi.properties to point to 'managed-authorizer'. > > > > > > > > 5. Confirmed the users.xml file has the correct structure (groups > > > > before users, valid tags, etc.) and contains the admin user definition. > > > > > > > > 6. Recreated users.xml from scratch using a clean text editor and from > > > > the command line to rule out hidden character or formatting issues. > > > > > > > > 7. Performed a complete and clean reinstallation of NiFi 2.5.0, > > > > deleting all old files and re-applying the configuration. > > > > > > > > 8. Confirmed that the user running NiFi has Full Control permissions > > > > over the NiFi installation directory. > > > > > > > > Despite all these steps, the error persists. > > > > > > > > This is an unusual issue, and I'm at a loss for what to try next. Could > > > > someone please provide some guidance on what might be causing this > > > > error, or if there's something I've missed? > > > > > > > > Thank you for your time and expertise. > > > > > > > > Best Regards, > > > > > > > > Dana
