通过Apache Knox网关访问Apache NIFI REST API(jwt) [英] Apache NIFI REST API (jwt) access via Apache Knox gateway

问题描述

我正在寻找资源来配置Apache KNOXTOKEN服务以访问Apache NIFI REST API.

我已经配置了KNOXSSO，并且能够通过它访问NIFI UI.但是，我找不到资源来确保可以通过Curl和JWT安全访问NIFI REST服务.

指针受到赞赏.

解决方案

对此处的其他建议进行了细微调整...

与KnoxSSO集成时，NiFi会在cookie中接受Knox JWT令牌.默认情况下，我相信此cookie名为hadoop-jwt.如果您尝试使用curl访问NiFi Rest Api，我相信您需要从Knox获取JWT值(或者通过在浏览器DevTools中查看cookie)，并将其包含在curl请求的cookie中. /p>

如果您在授权标头中包含Knox JWT令牌，则验证将失败.授权标头中指定的JWT必须是NiFi生成/签名的令牌.为了验证由Knox生成/签名的令牌，NiFi遵循Knox约定.

I am looking for resources to configure Apache KNOXTOKEN service to access Apache NIFI REST API.

I already have KNOXSSO configured, and am able to access the NIFI UI through it. However, I could not find resources to make NIFI REST services securely accessible via Curl and JWT.

Pointers appreciated.

解决方案

Minor tweak to the other suggestion here...

When integrating with KnoxSSO, NiFi accepts the Knox JWT token in a cookie. By default, I believe this cookie is named hadoop-jwt. If you're trying to access NiFi Rest Api's using curl I believe you'd need to get the JWT value from Knox (or maybe by looking at the cookie in your browsers DevTools) and include it in a cookie in your curl requests.

If you include the Knox JWT token in an Authorization header the verification will fail. JWTs specified in the Authorization header must be tokens that NiFi generated/signed. To validated a token generated/signed by Knox, NiFi follows the Knox conventions.

这篇关于通过Apache Knox网关访问Apache NIFI REST API(jwt)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！