About Release 7.10.0
This site contains documentation for HPE Ezmeral Data Fabric release 7.10.0, including installation, configuration, administration, and reference content, as well as content for the associated ecosystem components and drivers.
7.10.0 Installation
This section contains information about installing HPE Ezmeral Data Fabric software. It also contains information about how to migrate data and applications from an Apache Hadoop cluster to a HPE Ezmeral Data Fabric cluster.
7.10.0 Upgrade
This section describes how to upgrade HPE Ezmeral Data Fabric software.
7.10.0 Data Fabric
HPE Ezmeral Data Fabric is the industry-leading data platform for AI and analytics that solves enterprise business needs.
7.10.0 Administration
This section describes how to manage the nodes and services that make up a cluster.
7.10.0 Development
This section contains information related to application development for Ezmeral ecosystem components and HPE Ezmeral Data Fabric products, including the file system, Database (Key-Value and JSON), and Event Streams.
- Application Development Process
  Before you start developing applications on the HPE Ezmeral Data Fabric platform, consider how you will get the data into the platform, the storage format of the data, the type of processing or modeling that is required, and how the data will be accessed.
- File Store and Apps
  The following sections provide information about accessing the File Store with C and Java applications.
- HPE Ezmeral Data Fabric Database and Apps
  This section contains information about developing client applications for JSON and key-value tables.
- Apache Kafka Wire Protocol Service
  HPE Ezmeral Data Fabric Streams supports Apache Kafka Wire Protocol Service. Apache Kafka Wire Protocol Service is a TCP/IP service that emulates a Kafka cluster backed by HPE Ezmeral Data Fabric Streams. The service makes it possible for Apache Kafka clients written in any programming language to access topics in HPE Ezmeral Data Fabric Streams.
- HPE Ezmeral Data Fabric Streams and Apps
  HPE Ezmeral Data Fabric Streams brings integrated publish and subscribe messaging to HPE Ezmeral Data Fabric.
- MapReduce and Apps
  This section contains information associated with developing YARN applications.
- Kubernetes Interfaces for Data Fabric
  This section describes how to leverage the capabilities of the Kubernetes Interfaces for Data Fabric.
- Ecosystem Components
  The following sections provide information about each open-source project that is supported by the HPE Ezmeral Data Fabric.
  - Ecosystem Packs
  - Apache Airflow
    This topic provides an overview of Apache Airflow on HPE Ezmeral Data Fabric.
  - AsyncHBase
  - Cascading
  - Apache Drill
  - Hadoop
  - HBase
  - HBase Client and HPE Ezmeral Data Fabric Database Binary Tables
  - HCatalog
  - Hive
  - HttpFS
  - Hue
  - Livy
    Apache Livy is primarily used to provide integration between Hue and Spark.
  - HPE Ezmeral Data Fabric Streams Clients and Tools
    Describes the supported HPE Ezmeral Data Fabric Streams tools and clients.
  - NiFi
    This topic provides an overview of Apache NiFi on HPE Ezmeral Data Fabric.
    - Accessing NiFi UI
      This topic describes how to access NiFi the UI.
    - NiFi Logs
      This topic describes how to view the logs for NiFi on HPE Ezmeral Data Fabric.
    - Configuring NiFi
      This topic describes where to locate configuration files for NiFi and how to configure NiFi for cluster mode.
    - Starting, Stopping, and Restarting NiFi Services
      This topic describes how to start, stop, and restart NiFi services on HPE Ezmeral Data Fabric.
    - Manually configuring SSO (OIDC) for NiFi
      This topic describes how to manually configure SSO (OIDC) for NiFi.
    - NiFi Security
      This topic describes how the Login Identity Provider provides authentication options for username and password for NiFi.
    - Configuring SSO with OpenID in NiFi
      This topic describes about Configuring SSO with OpenID in NiFi.
    - Integrating NiFi with EEP Components
      This topic describes how to configure NiFi to work with other EEP components in HPE Ezmeral Data Fabric. The information in this topic relates specifically to the EEP components and HPE distribution for Apache NiFi.
    - Installing Custom Processors for NiFi
      This topic describes how to install custom processors for NiFi.
  - OTel
    This topic provides an overview of OpenTelemetry on HPE Ezmeral Data Fabric.
  - Ranger
  - Apache Spark
  - YARN
  - Zeppelin
- Maven and the HPE Ezmeral Data Fabric
  This section discusses topics associated with Maven and the HPE Ezmeral Data Fabric.
- Developer's Reference
  This section contains in-depth information for the developer.
- API Documentation
  HPE Ezmeral Data Fabric supports public APIs for file system, HPE Ezmeral Data Fabric Database, and HPE Ezmeral Data Fabric Streams. These APIs are available for application-development purposes.
Other Docs
This section contains release-independent information, including: Installer documentation, Ecosystem release notes, interoperability matrices, security vulnerabilities, and links to other Data Fabric version documentation.
Glossary
Definitions for commonly used terms in MapR Converged Data Platform environments.

Configuring SSO with OpenID in NiFi

This topic describes about Configuring SSO with OpenID in NiFi.

Starting from EEP 9.4.0, NiFi supports the automatic configuration of OpenID Connect using HPE cluster-level SSO parameters. And, NiFi allows both login/password authentication, and SSO login methods.

Automatic configuration SSO with OpenID

Starting from 9.4.0, NiFi automatically maps the cluster-level SSO parameters and the corresponding OpenID configuration properties. Following OpenID properties are automatically mapped with values from the cluster-level SSO parameters:

nifi.security.user.oidc.discovery.url
nifi.security.user.oidc.client.id
nifi.security.user.oidc.client.secret
nifi.security.user.oidc.claim.identifying.user

$HadoopProvider is the default value for the above-mentioned properties that comes with NiFi out-of-box. And $HadoopProvider value causes the automatic mapping of OpenID and Cluster-level SSO properties.

Automatic configuration only works if NiFi is started by the cluster admin.

If cluster-level SSO is disabled (SSO parameters are set or reset), OpenID will be disabled in NiFi.

If you do any changes to the cluster-level SSO parameters, restart the NiFi, for the changes to take effect.

Manual configuration

To manually configure SSO with OpenID, see Apache NiFi documentation for OpenID Connect. Ensure that you provide literal values for all OIDC properties instead of using $HadoopProvider values.

Disabling NiFi SSO with OpenID

To disable SSO with OpenID in NiFi, comment out the nifi.security.user.oidc.discovery.url property, or leave its value blank.

Login Page

If both OpenID, and user name and password authentication methods are enabled, then user will get the options to choose an authentication method on the login page:
If SSO with OpenID is enabled, but user name and password authentication is not, then SSO login page appears.
If SSO with OpenID is disabled, the SSO button will be inactive.

Troubleshooting

SSO button is inactive with auto-configuration

Ensure that the cluster-level SSO parameters are set with cluster setssoconf , and can be retrieved with cluster getssoconf command.

Ensure NiFi is configured to launch with the cluster admin user (that is default).

To verify, check the run.as value in bootstrap.conf.

Partners Support Dev-Hub Community ALA Privacy Policy Glossary

HPE Ezmeral Data Fabric 7.10.0 Documentation
Abstract	This site contains documentation for the customer-managed platform of the HPE Ezmeral Data Fabric version 7.10.0 including installation, configuration, administration, and reference content, as well as content for the associated bundled ecosystem components and drivers.
Published	April 2025
Edition	7.10.0
Topic last updated	2025-04-23