通过 Apache Knox 网关访问 Apache NIFI REST API (jwt) [英] Apache NIFI REST API (jwt) access via Apache Knox gateway

问题描述

我正在寻找资源来配置 Apache KNOXTOKEN 服务以访问 Apache NIFI REST API.

I am looking for resources to configure Apache KNOXTOKEN service to access Apache NIFI REST API.

我已经配置了 KNOXSSO，并且能够通过它访问 NIFI UI.但是，我找不到可以通过 Curl 和 JWT 安全访问 NIFI REST 服务的资源.

I already have KNOXSSO configured, and am able to access the NIFI UI through it. However, I could not find resources to make NIFI REST services securely accessible via Curl and JWT.

感谢指点.

推荐答案

对这里的其他建议稍作调整...

Minor tweak to the other suggestion here...

与 KnoxSSO 集成时，NiFi 接受 cookie 中的 Knox JWT 令牌.默认情况下，我相信这个 cookie 被命名为 hadoop-jwt.如果您尝试使用 curl 访问 NiFi Rest Api，我相信您需要从 Knox 获取 JWT 值(或者可能通过查看浏览器 DevTools 中的 cookie)并将其包含在您的 curl 请求中的 cookie 中.

When integrating with KnoxSSO, NiFi accepts the Knox JWT token in a cookie. By default, I believe this cookie is named hadoop-jwt. If you're trying to access NiFi Rest Api's using curl I believe you'd need to get the JWT value from Knox (or maybe by looking at the cookie in your browsers DevTools) and include it in a cookie in your curl requests.

如果您在 Authorization 标头中包含 Knox JWT 令牌，则验证将失败.Authorization 标头中指定的 JWT 必须是 NiFi 生成/签名的令牌.为了验证由 Knox 生成/签名的令牌，NiFi 遵循 Knox 约定.

If you include the Knox JWT token in an Authorization header the verification will fail. JWTs specified in the Authorization header must be tokens that NiFi generated/signed. To validated a token generated/signed by Knox, NiFi follows the Knox conventions.

这篇关于通过 Apache Knox 网关访问 Apache NIFI REST API (jwt)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！