Prerequisites for Running in a Secure Environment
For secured nodes and clusters, two policies should be configured in advance:
Access the controller - A user that will have access to these utilities should be authorized in NiFi by creating an "access the controller" policy (
/controller) with both view and modify rights
Proxy user request - If not previously set, node's identity (the DN value of the node's certificate) should be authorized to proxy requests on behalf of a user
When executing either the Notify or Node Manager tools in a secured environment the
proxyDN flag option should be used in order to properly identify the user that was authorized to execute these commands. In non-secure environments, or if running the status operation on the Node Manager tool, the flag is ignored.