LDAP and File-Based Policies
Set up the LDAP and file-based integration in NiFi and NiFi Registry.
Each authorizers.xml file produced in NiFi and NiFi
Registry when using LDAP with file-based policies, contain the following logical
configuration:
- CompositeUserGroupProvider
- LdapUserGroupProvider
- CMUserGroupProvider
- FileAccessPolicyProvider
- Configured with CompositeUserGroupProvider
- StandardManagedAuthorizer
- Configured with FileAccessPolicyProvider
- Uncheck Authorizers: Enable File User Group Provider to disable the file-user-group-provider.
- Uncheck Authorizers: Enable Composite Configurable User Group Provider to disable the composite-configurable-user-group-provider.
-
Check Authorizers: Enable Composite User Group Provider
to enable composite-user-group-provider.
- Enter ldap-user-group-provider for Authorizers: Composite User Group Provider Property - User Group Provider 1.
- Enter cm-user-group-provider for Authorizers: Composite User Group Provider Property - User Group Provider 2.
-
Check LDAP Enabled to enable
ldap-user-group-provider.
- Configure all ldap-user-group-provider parameters.
- Update Authorizers: Default File Access Policy Property - User Group Provider to use the composite-user-group-provider instead of the configurable one.