nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nathan Maynes <>
Subject Communication Error Between NiFi and Registry: Error retrieving all buckets
Date Mon, 05 Aug 2019 17:30:32 GMT
Hopefully I can get some guidance on configuring secure communication
between NiFi and NiFi-Registry. The Error I have been trying to resolve
occurs when trying to send a processor group to NiFi-Registry for
versioning. Below is the error message displayed in the NiFi UI.

"Unable to obtain listing of buckets:
org.apache.nifi.registry.client.NiFiRegistryException: Error retrieving all
buckets: An Authentication object was not found in the SecurityContext
Contact the system administrator. "

I started out by watching the tutorial video <>
"Setting Up a Secure NiFi to Integrate with a Secure NiFi Registry" posted
on the Registry home page. I am using a Kerberos file-based authentication
scheme with the initial admin and initial user set to the same value, eg "
name@DOMAIN.COM." (This is a sanitized value and is used in the
configuration example below) It is based on the configuration we are using
for NiFi. My file has the following relevant
values set.

# security properties #


# kerberos properties #
nifi.registry.kerberos.spnego.authentication.expiration=2 hours

And in authorizers.xml I have:


        <property name="Users File">./conf/users.xml</property>
        <property name="Initial User Identity 1">user@DOMAIN.COM</property>


        <property name="User Group
        <property name="Authorizations
        <property name="Initial Admin Identity">user@DOMAIN.COM</property>
        <property name="NiFi Identity 1"></property>

        <property name="Access Policy

The SSL configuration appears to be correctly set. I am able to access via
username and password, the NiFi Registry UI. Despite my best efforts to
read the documentation, I am unclear on the following points.

Do I need to set the <property name="NiFi Identity 1"></property>?
Is there any special considerations I need to be aware of if I run NiFi and
the NiFi Registry from the same box and use the same domain name?

Any guidance you may be able to share would be appreciated.

Nathan Maynes <>

View raw message