nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Gilman <matt.c.gil...@gmail.com>
Subject Re: Nifi UI - Readonly
Date Fri, 22 Jan 2016 01:16:32 GMT
Without introducing user authentication/authorization the UI is editable by
anyone. To secure your NiFi check out the admin [1] [2] [3] and user [4]
guide.

Matt

[1]
https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#security-configuration
[2]
https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user-authentication
[3]
https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#controlling-levels-of-access
[4] https://nifi.apache.org/docs/nifi-docs/html/user-guide.html#logging-in

On Thu, Jan 21, 2016 at 7:51 PM, Chakrader Dewaragatla <
Chakrader.Dewaragatla@lifelock.com> wrote:

> Joe - To setup roles and users, I should have organization setup using
> LDAP or some other authentication providers.
> Before going there, any means of deploying nifi with read-only UI access
> as default ?
>
> Thanks,
> -Chakri
>
>
>
> On 1/21/16, 2:03 PM, "Joe Witt" <joe.witt@gmail.com> wrote:
>
> >Chakri
> >
> >A user is associated with one or more roles.  One of those roles a
> >user could have is simply read-only.  In a typical organization the
> >majority of users actually have 'read-only' like a watch person or
> >monitoring service and so on.  Very few users would have roles such as
> >provenance or dfm where they can review details of what happened or
> >change flow behavior.  Once you setup NiFi in secure mode these roles
> >are in play.  The UI and API port you are referring to are indeed one
> >in the same because whether it is a user in their browser or whether
> >it is an automated system calling NIFI in any case it is using the
> >NIFI HTTP-based API.  You can certainly change the port but there is
> >only one port.
> >
> >Thanks
> >Joe
> >
> >On Thu, Jan 21, 2016 at 4:50 PM, Chakrader Dewaragatla
> ><Chakrader.Dewaragatla@lifelock.com> wrote:
> >> Hi – I would like to secure the nifi ui to readonly mode. Nifi
> documentation
> >> has some steps to enable authentication options using ldap, kerberos
> etc.
> >> Before going into authentication setup, do nifi has any config in
> >> nifi.properties to enable UI in readonly mode ?
> >>
> >> Api and UI has same default port (8080), can I change api port to some
> >> custom port ?
> >>
> >> Thanks,
> >> -Chakri
> >> ________________________________
> >> The information contained in this transmission may contain privileged
> and
> >> confidential information. It is intended only for the use of the
> person(s)
> >> named above. If you are not the intended recipient, you are hereby
> notified
> >> that any review, dissemination, distribution or duplication of this
> >> communication is strictly prohibited. If you are not the intended
> recipient,
> >> please contact the sender by reply email and destroy all copies of the
> >> original message.
> >> ________________________________
> ________________________________
>  The information contained in this transmission may contain privileged and
> confidential information. It is intended only for the use of the person(s)
> named above. If you are not the intended recipient, you are hereby notified
> that any review, dissemination, distribution or duplication of this
> communication is strictly prohibited. If you are not the intended
> recipient, please contact the sender by reply email and destroy all copies
> of the original message.
> ________________________________
>

Mime
View raw message