I have tried to install NiFi toolkit to enable TLS. I followed instructions given here.
I followed the steps,using localhost and host as sachith but when I try to start NiFi again, I get following error.
Bootstrap Config File: /home/sachith/nifi-1.9.2/conf/bootstrap.conf 16:59:23,949 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml] 16:59:23,950 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback.groovy] 16:59:23,950 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [logback.xml] at [file:/home/sachith/Documents/Projects/nifi-1.9.2-bin/nifi-1.9.2/conf/logback.xml] 16:59:24,032 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - debug attribute not set 16:59:24,046 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - Will scan for changes in [file:/home/sachith/Documents/Projects/nifi-1.9.2-bin/nifi-1.9.2/conf/logback.xml] 16:59:24,046 |-INFO in ch.qos.logback.classic.joran.action.ConfigurationAction - Setting ReconfigureOnChangeTask scanning period to 30 seconds 16:59:24,049 |-INFO in ch.qos.logback.classic.joran.action.LoggerContextListenerAction - Adding LoggerContextListener of type [ch.qos.logback.classic.jul.LevelChangePropagator] to the object stack 16:59:24,062 |-INFO in ch.qos.logback.classic.jul.LevelChangePropagator@48140564 - Propagating DEBUG level on Logger[ROOT] onto the JUL framework 16:59:24,062 |-INFO in ch.qos.logback.classic.joran.action.LoggerContextListenerAction - Starting LoggerContextListener 16:59:24,062 |-INFO in ch.qos.logback.core.joran.action.AppenderAction - About to instantiate appender of type [ch.qos.logback.core.rolling.RollingFileAppender] 16:59:24,067 |-INFO in ch.qos.logback.core.joran.action.AppenderAction
- Naming appender as [APP_FILE] 16:59:24,084 |-INFO in c.q.l.core.rolling.SizeAndTimeBasedRollingPolicy@93122545 - Archive files will be limited to [100 MB] each. 16:59:24,127 |-INFO in c.q.l.core.rolling.SizeAndTimeBasedRollingPolicy@93122545 - No compression will be used 16:59:24,128 |-INFO in c.q.l.core.rolling.SizeAndTimeBasedRollingPolicy@93122545 - Will use the pattern /home/sachith/Documents/Projects/nifi-1.9.2-bin/nifi-1.9.2/logs/nifi-app_%d{yyyy-MM-dd_HH}.%i.log for the active file 16:59:24,131 |-INFO in ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP@7c30a502 - The date pattern is 'yyyy-MM-dd_HH' from file name pattern '/home/sachith/Documents/Projects/nifi-1.9.2-bin/nifi-1.9.2/logs/nifi-app_%d{yyyy-MM-dd_HH}.%i.log'.
nifi-app.log
2020-06-26 09:27:50,296 INFO [main] org.eclipse.jetty.server.Server Started @186210ms
2020-06-26 09:27:50,297 WARN [main] org.apache.nifi.web.server.JettyServer Failed to start web server... shutting down.
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Unsatisfied dependency expressed through method 'setFilterChainProxySecurityConfigurer' parameter 1; nested exception is org.springframework.beans.factory.BeanExpressionException: Expression parsing failed; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.apache.nifi.web.NiFiWebApiSecurityConfiguration': Unsatisfied dependency expressed through method 'setJwtAuthenticationProvider' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jwtAuthenticationProvider' defined in class path resource [nifi-web-security-context.xml]: Cannot resolve reference to bean 'authorizer' while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authorizer': FactoryBean threw exception on object creation; nested exception is org.apache.nifi.authorization.exception.AuthorizerCreationException: Unable to locate configured Access Policy Provider: file-access-policy-provider
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:666)
at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87)
at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1269)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:551)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:481)
at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230)
Edit : After Andy's initial answer.
My authorizers.xml
<accessPolicyProvider>
<identifier>file-access-policy-provider</identifier>
<class>org.apache.nifi.authorization.FileAccessPolicyProvider</class>
<property name="User Group Provider">file-user-group-provider</property>
<property name="Authorizations File">./conf/authorizations.xml</property>
<property name="Initial Admin Identity">CN=sachith, OU=NiFi</property>
<property name="Legacy Authorized Users File"></property>
<property name="Node Identity 1"></property>
<property name="Node Group"></property>
</accessPolicyProvider>
<userGroupProvider>
<identifier>file-user-group-provider</identifier>
<class>org.apache.nifi.authorization.FileUserGroupProvider</class>
<property name="Users File">./conf/users.xml</property>
<property name="Legacy Authorized Users File"></property>
<property name="Initial User Identity 1">CN=sachith, OU=NiFi</property>
</userGroupProvider>
