Configuring single user authentication
Single user authentication is NiFi’s most basic authentication option, sufficient for development clusters. A single user is granted all permissions on the NiFi cluster, no other users can be configured.
To configure single user authentication, you need to specify it in loginIdentityProviders and you need to make overrides to the nifi.properties configuration file:
spec:
security:
customAuthorizer:
identifier: single-user-authorizer
className: org.apache.nifi.authorization.single.user.SingleUserAuthorizer
configOverride:
loginIdentityProviders: |
<loginIdentityProviders>
<provider>
<identifier>single-user-provider</identifier>
<class>org.apache.nifi.authentication.single.user.SingleUserLoginIdentityProvider</class>
<property name="Username">[***SINGLE USER NAME***]</property>
<property name="Password">[***HASHED PASSWORD**]</property>
</provider>
</loginIdentityProviders>
nifiProperties:
upsert:
nifi.security.user.authorizer: single-user-authorizer
nifi.security.user.login.identity.provider: single-user-provider
Replace:
-
[***SINGLE USER NAME***] with your desired username
-
[***HASHED PASSWORD***] with a hash of your password. You can use the cfmctl CLI tool to generate this hash using the single-user-credential command.