nifi-app.log :
2019-02-07 15:24:40,475 ERROR [NiFi Web Server-22] org.apache.nifi.ldap.LdapProvider nifi.test:389; nested exception is javax.naming.CommunicationException: nifi.test:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]
nifi-user.log :
Caused by: org.apache.nifi.authentication.exception.IdentityAccessException: Unable to validate the supplied credentials. Please contact the system administrator.
at org.apache.nifi.ldap.LdapProvider.authenticate(LdapProvider.java:340)
at org.apache.nifi.web.security.spring.LoginIdentityProviderFactoryBean$1.authenticate(LoginIdentityProviderFactoryBean.java:314)
at org.apache.nifi.web.api.AccessResource.createAccessToken(AccessResource.java:728)
... 78 common frames omitted
Caused by: org.springframework.security.authentication.InternalAuthenticationServiceException: nifi.test:389; nested exception is javax.naming.CommunicationException: nifi.test:389 [Root exception is java.net.ConnectException: Connection refused (Connection refused)]
at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:206)
at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:85)
at org.apache.nifi.ldap.LdapProvider.authenticate(LdapProvider.java:310)
... 80 common frames omitted
nifi.properties :
# web properties #
nifi.web.war.directory=./lib
nifi.web.http.host=
nifi.web.http.port=
nifi.web.http.network.interface.default=
nifi.web.https.host=nifi.test
nifi.web.https.port=8090
nifi.web.https.network.interface.default=
nifi.web.jetty.working.directory=./work/jetty
nifi.web.jetty.threads=200
nifi.web.max.header.size=16 KB
nifi.web.proxy.context.path=
nifi.web.proxy.host=
# security properties #
nifi.sensitive.props.key=
nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL
nifi.sensitive.props.provider=BC
nifi.sensitive.props.additional.keys=
nifi.security.keystore=./conf/keystore.jks
nifi.security.keystoreType=jks
nifi.security.keystorePasswd=vm1VrVaPN2f3xXuva03R//ZtHXoxuYc2qnZYSDpzQDQ
nifi.security.keyPasswd=vm1VrVaPN2f3xXuva03R//ZtHXoxuYc2qnZYSDpzQDQ
nifi.security.truststore=./conf/truststore.jks
nifi.security.truststoreType=jks
nifi.security.truststorePasswd=TJbO3svNAO44hkKgXII58KZV/67sL768IBE3IaisFKs
nifi.security.user.authorizer=managed-authorizer
nifi.security.user.login.identity.provider=ldap-provider
nifi.security.ocsp.responder.url=
nifi.security.ocsp.responder.certificate=
authorizers.xml :
<authorizer>
<identifier>file-provider</identifier>
<class>org.apache.nifi.authorization.FileAuthorizer</class>
<property name="Authorizations File">./conf/authorizations.xml</property>
<property name="Users File">./conf/users.xml</property>
<property name="Initial Admin Identity">testuser</property>
<property name="Legacy Authorized Users File"></property>
<property name="Node Identity 1">CN=*.test,OU=Nifi</property>
</authorizer>
login-identity-providers.xml:
<provider>
<identifier>ldap-provider</identifier>
<class>org.apache.nifi.ldap.LdapProvider</class>
<property name="Authentication Strategy">SIMPLE</property>
<property name="Manager DN">CN=testuser, OU=Nifi, DC=test,DC=local</property>
<property name="Manager Password">pass</property>
<property name="TLS - Keystore"></property>
<property name="TLS - Keystore Password"></property>
<property name="TLS - Keystore Type"></property>
<property name="TLS - Truststore"></property>
<property name="TLS - Truststore Password"></property>
<property name="TLS - Truststore Type"></property>
<property name="TLS - Client Auth"></property>
<property name="TLS - Protocol"></property>
<property name="TLS - Shutdown Gracefully"></property>
<property name="Referral Strategy">IGNORE</property>
<property name="Connect Timeout">10 secs</property>
<property name="Read Timeout">10 secs</property>
<property name="Url">ldap://nifi.test:389</property>
<property name="User Search Base">OU=Nifi, DC=test,DC=local</property>
<property name="User Search Filter">sAMAccountName={0}</property>
<property name="Identity Strategy">USE_USERNAME</property>
<property name="Authentication Expiration">2 hours</property>
</provider>
需要您的建议,为什么我无法在Nifi中获得登录页面?
在Nifi中使用LDAP进行用户身份验证需要做什么?