Apache NiFi Security Reference
Also available as:
PDF

FileAuthorizer

The FileAuthorizer has been replaced with the more granular StandardManagedAuthorizer approach described above. However, it is still available for backwards compatibility reasons. The FileAuthorizer has the following properties:

Property Name Description

Node Identity

The identity of a NiFi cluster node. When clustered, a property for each node should be defined, so that every node knows about every other node. If not clustered, these properties can be ignored.

Authorizations File

The file where the FileAuthorizer stores policies. By default, the authorizations.xml in the conf directory is chosen.

Users File

The file where the FileAuthorizer stores users and groups. By default, the users.xml in the conf directory is chosen.

Initial Admin Identity

The identity of an initial admin user that is granted access to the UI and given the ability to create additional users, groups, and policies. This property is only used when there are no other users, groups, and policies defined.

Legacy Authorized Users File

The full path to an existing authorized-users.xml that is automatically converted to the multi-tenant authorization model. This property is only used when there are no other users, groups, and policies defined.

Note
Note
Any identity mapping rules specified in nifi.properties will also be applied to the initial admin identity, so the value should be the unmapped identity.
Note
Note
Any identity mapping rules specified in nifi.properties will also be applied to the node identities, so the values should be the unmapped identities (i.e. full DN from a certificate).