Welcome! Log In Create A New Profile

Advanced

NGINX Reverse Proxy Issues

Posted by cornpop 
NGINX Reverse Proxy Issues
September 21, 2020 07:06AM
I'm trying to setup NGINX reverse proxy with a secure, standalone, NiFi server upstream.

Based on a review of the NGINX and NiFi log files, along with other information, it looks like the reverse proxy is not forwarding the remote client info to NiFi.


1. NGINX access.log:

"GET /nifi-api/flow/current-user HTTP/1.1" 401 85 "https://<uri>"
"GET /nifi/login HTTP/1.1" 200 832 "https://<uri>"
"GET /nifi/css/nf-login-all.css?1.9.1 HTTP/1.1" 200 2426 "https://uri/login"
"GET /nifi-api/access/config HTTP/1.1" 200 54 "https://<uri>/login"
"GET /nifi-api/access HTTP/1.1" 200 108 "https://<uri>/login"

2. NIFI nifi-user.log:

GET request for (<><CN=reverse_proxy, OU=NiFi>)
Authentication success for anonymous
anonymous does not have permission to access the requested resource...Unknown user with identity 'anonymous.' Returning Unauthorized response.

3. NiFI User Interface: Success: You are already logged in

I'm not really sure whether getting the proper headers passed is a configuration problem in the NiFi.properties > nifi.web.proxy.context.path or in the nginx.conf file; however, the NiFi docs say that if the nifi.web.proxy.context.path is not configured properly then "An unexpected error has occurred" page will be shown and an error will be written to the nifi-app.log." and there is no such error message in the nifi-app.log.

That indicates to me that thethe reverse proxy isn't including the required client information.

Any help appreciated.

Thanks.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 54
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready