mirror of https://github.com/apache/nifi.git
NIFI-655:
- Updated user guide with screenshots of login process. - Tweaked wording in admin guide. - Triggering login on enter press in login form.
This commit is contained in:
parent
c073253366
commit
6bce858e4a
|
@ -150,8 +150,8 @@ NiFi provides several different configuration options for security purposes. The
|
||||||
by the NiFi cluster protocol. If the Truststore properties are not set, this must be `false`. Otherwise, a value
|
by the NiFi cluster protocol. If the Truststore properties are not set, this must be `false`. Otherwise, a value
|
||||||
of `true` indicates that nodes in the cluster will be authenticated and must have certificates that are trusted
|
of `true` indicates that nodes in the cluster will be authenticated and must have certificates that are trusted
|
||||||
by the Truststores.
|
by the Truststores.
|
||||||
|`nifi.security.anonymous.authorities` | Specifies the roles that should be granted to users that connect over HTTPS anonymously. All users will
|
|`nifi.security.anonymous.authorities` | Specifies the roles that should be granted to users that connect over HTTPS anonymously. All users can make
|
||||||
be given this level access, however if they have been granted a particular level of access by an administrator
|
use of anonymous access, however if they have been granted a particular level of access by an administrator
|
||||||
it will take precedence if they access NiFi using a client certificate or once they have logged in.
|
it will take precedence if they access NiFi using a client certificate or once they have logged in.
|
||||||
|==================================================================================================================================================
|
|==================================================================================================================================================
|
||||||
|
|
||||||
|
|
Binary file not shown.
After Width: | Height: | Size: 80 KiB |
Binary file not shown.
After Width: | Height: | Size: 91 KiB |
Binary file not shown.
After Width: | Height: | Size: 92 KiB |
|
@ -157,6 +157,32 @@ are in the cluster and how many are currently connected.
|
||||||
image::status-bar.png["NiFi Status Bar"]
|
image::status-bar.png["NiFi Status Bar"]
|
||||||
|
|
||||||
|
|
||||||
|
[[logging-in]]
|
||||||
|
Logging In
|
||||||
|
---------
|
||||||
|
|
||||||
|
If NiFi is configured to run securely, users will be able to request access to the DataFlow. For information on configuring NiFi to run
|
||||||
|
securely, see the link:administration-guide.html[Admin Guide]. If NiFi supports anonymous access, users will be given access
|
||||||
|
accordingly and given an option to log in.
|
||||||
|
|
||||||
|
image::anonymous-access.png["Anonymous Access"]
|
||||||
|
|
||||||
|
Clicking the 'login' link will open the log in page. If the user is logging in with their username/password they will be presented with
|
||||||
|
a form to do so. If NiFi is not configured to support anonymous access and the user is logging in with their username/password, they will
|
||||||
|
be immediately sent to the login form bypassing the canvas.
|
||||||
|
|
||||||
|
image::login.png["Log In"]
|
||||||
|
|
||||||
|
Once the user has logged in or if they are accessing NiFi using a client certificate loaded in their browser, they will be prompted
|
||||||
|
to request access by submitting a justification if this is the first time they have accessed this NiFi. Fill in an optional justification
|
||||||
|
that the administrator will review while granting the account access. If NiFi is not configured to support anonymous access and the
|
||||||
|
user is using a client certificate, they will be immediately sent to the form to request access bypassing the canvas and login form.
|
||||||
|
|
||||||
|
image::request-access.png["Request Access"]
|
||||||
|
|
||||||
|
Press Submit to send the account request. If NiFi supports anonymous access, the user can continue accessing the DataFlow by closing the
|
||||||
|
login page. Returning to the login page will check the status of the account request. If access has been granted, press the home link or
|
||||||
|
reload the page to assume the new roles.
|
||||||
|
|
||||||
|
|
||||||
[[building-dataflow]]
|
[[building-dataflow]]
|
||||||
|
|
|
@ -208,7 +208,7 @@ public class AccessResource extends ApplicationResource {
|
||||||
// no issues with authorization... verify authorities
|
// no issues with authorization... verify authorities
|
||||||
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
|
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
|
||||||
if (userDetails.getAuthorities().isEmpty()) {
|
if (userDetails.getAuthorities().isEmpty()) {
|
||||||
accessStatus.setMessage("Your account is active but is unauthorized as no authorities have been granted.");
|
accessStatus.setMessage("Your account is active but currently does not have any level of access.");
|
||||||
} else {
|
} else {
|
||||||
accessStatus.setMessage("Your account is active and you are already logged in.");
|
accessStatus.setMessage("Your account is active and you are already logged in.");
|
||||||
}
|
}
|
||||||
|
@ -237,7 +237,7 @@ public class AccessResource extends ApplicationResource {
|
||||||
// no issues with authorization... verify authorities
|
// no issues with authorization... verify authorities
|
||||||
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
|
accessStatus.setStatus(AccessStatusDTO.Status.ACTIVE.name());
|
||||||
if (userDetails.getAuthorities().isEmpty()) {
|
if (userDetails.getAuthorities().isEmpty()) {
|
||||||
accessStatus.setMessage("Your account is active but is unauthorized as no authorities have been granted.");
|
accessStatus.setMessage("Your account is active but currently does not have any level of access.");
|
||||||
} else {
|
} else {
|
||||||
accessStatus.setMessage("Your account is active and you are already logged in.");
|
accessStatus.setMessage("Your account is active and you are already logged in.");
|
||||||
}
|
}
|
||||||
|
|
|
@ -87,6 +87,9 @@ nf.Login = (function () {
|
||||||
};
|
};
|
||||||
|
|
||||||
var login = function () {
|
var login = function () {
|
||||||
|
// remove focus
|
||||||
|
$('#username, #password').blur();
|
||||||
|
|
||||||
// show the logging message...
|
// show the logging message...
|
||||||
$('#login-progress-label').text('Logging in...');
|
$('#login-progress-label').text('Logging in...');
|
||||||
$('#login-progress-container').show();
|
$('#login-progress-container').show();
|
||||||
|
@ -219,6 +222,14 @@ nf.Login = (function () {
|
||||||
showLogoutLink();
|
showLogoutLink();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// supporting logging in via enter press
|
||||||
|
$('#username, #password').on('keyup', function (e) {
|
||||||
|
var code = e.keyCode ? e.keyCode : e.which;
|
||||||
|
if (code === $.ui.keyCode.ENTER) {
|
||||||
|
login();
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
// access status
|
// access status
|
||||||
var accessStatus = $.ajax({
|
var accessStatus = $.ajax({
|
||||||
type: 'GET',
|
type: 'GET',
|
||||||
|
|
Loading…
Reference in New Issue