Closed alvincjin closed 7 years ago
hermannpencole
commented
7 years ago Creates a token for accessing the REST API via Kerberos ticket exchange / SPNEGO negotiation
The token returned is formatted as a JSON Web Token (JWT). The token is base64 encoded and comprised of three parts. The header, the body, and the signature. The expiration of the token is a contained within the body. The token can be used in the Authorization header in the format 'Authorization: Bearer
alvincjin
commented
7 years ago hi @hermannpencole ,
When I ran below command, it gave me: 2017-09-25 15:17:33 | ERROR | [main] c.g.h.n.c.Main:147 - Unauthorized com.github.hermannpencole.nifi.swagger.ApiException: Unauthorized
java -jar nifi-deploy-config-1.1.12.jar \ -accessFromTicket \ -nifi https://ip:port/nifi-api \ -branch "root>" \ -conf api-deploy-demo.xml \ -mode deployTemplate \ -noVerifySsl
hermannpencole
commented
7 years ago have you keberos ticket? what are the result of command /usr/bin/klist -f ?
Hello,
I have a secured NiFi cluster authenticated via Kerberos. Would you please explain a bit how does this option work? If I add "-accessFromTicket" option, do I need to specify username/password? How does NiFi know which user tries to access?
Sorry for my limit knowledge of Kerberos. Thanks.