LDAP and File-Based Policies

Set up the LDAP and file-based integration in NiFi and NiFi Registry.

Each authorizers.xml file produced in NiFi and NiFi Registry when using LDAP with file-based policies, contain the following logical configuration:
  • CompositeUserGroupProvider
    • LdapUserGroupProvider
    • CMUserGroupProvider
  • FileAccessPolicyProvider
    • Configured with CompositeUserGroupProvider
  • StandardManagedAuthorizer
    • Configured with FileAccessPolicyProvider
  1. Uncheck Authorizers: Enable File User Group Provider to disable the file-user-group-provider.
  2. Uncheck Authorizers: Enable Composite Configurable User Group Provider to disable the composite-configurable-user-group-provider.
  3. Check Authorizers: Enable Composite User Group Provider to enable composite-user-group-provider.
    1. Enter ldap-user-group-provider for Authorizers: Composite User Group Provider Property - User Group Provider 1.
    2. Enter cm-user-group-provider for Authorizers: Composite User Group Provider Property - User Group Provider 2.
  4. Check LDAP Enabled to enable ldap-user-group-provider.
    1. Configure all ldap-user-group-provider parameters.
  5. Update Authorizers: Default File Access Policy Property - User Group Provider to use the composite-user-group-provider instead of the configurable one.