Hello, Did you see my previous mail regarding SAML on Nifi Registry ?
Regards, Franck NÉDELLEC ________________________________ De : NEDELLEC Franck <fnedellec.exte...@altima-assurances.fr> Envoyé : vendredi 3 janvier 2025 14:59 À : dev@nifi.apache.org <dev@nifi.apache.org> Objet : NIFI Registry SAML Hello, We are working with Nifi and Nifi Registry. We recently configure SAML for Nifi successfully but we can't did the same for Nifi Registry. There is no mention of SAML into the Nifi Registry documentation and there is no result if we try anyway to use the same configuration. Can you say me if SAML does exist for Nifi Registry or not ? And if not, why please? Here is what we used for our Nifi: # SAML Properties # nifi.security.user.saml.idp.metadata.url:https://our_subdomain_idp.our_domain:9031/pf/federation_metadata.ping?PartnerSpId=com:xxxxx:nifi:xxx nifi.security.user.saml.sp.entity.id=com:xxxxx:nifi:xxx nifi.security.user.saml.identity.attribute.name=uid nifi.security.user.saml.group.attribute.name=memberOf nifi.security.user.saml.request.signing.enabled=false nifi.security.user.saml.want.assertions.signed=true nifi.security.user.saml.signature.algorithm=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 nifi.security.user.saml.authentication.expiration=12 hours nifi.security.user.saml.single.logout.enabled=false nifi.security.user.saml.http.client.truststore.strategy=JDK nifi.security.user.saml.http.client.connect.timeout=30 secs nifi.security.user.saml.http.client.read.timeout=30 secs We tried to add this same code in the "nifi-registry.properties" file but nothing happend, even if we change "nifi.security...." by "nifi.registry.security....".. By IDP side, we tried to used the same endpoint: /nifi-api/access/saml/login/consumer We even tried by using a fictive endpoint: /nifi-registry-api/access/saml/login/consumer I look forward to your reply, Regards, Franck NÉDELLEC
