Reputation: 351
OIDC Disconnect in Nifi
I have set up a OIDC on my nifi standalone instance, it works great and all but if i idle for more than 5 mintues it redirects me to an Unauthorized window message and says "Unknown user with identity anonymous". Refreshing solves this, however, is there a way to make sure to extend the connection, or a workaround to avoid these disconnects?
Upvotes: 0
Views: 1075
Answers (2)
Reputation: 351
In case anyone is struck with a similar problem, my solution is to overwrite the NAR file responsible to OIDCAuthentication (just increasing the expiration timer hehe) its not a pleasant solution but it will do for the time being, until nifi supports refresh tokens or adds a feature to customize session duration.
stay updated at
https://issues.apache.org/jira/browse/NIFI-4890
Upvotes: 2
Reputation: 28696
It depends on used Identity Provider (IdP) - it generates token with preconfigured time validity. Usually, it can be configured on the client configuration level, but it is recommended to have short time validity. OIDC offers option how to renew access token, but it depends on used flow. It can be refreshed via refresh tokens (grant code flow) or silent refresh (implicit flow). It is not clear which IdP and flow is used in your case, so you can get only these general recommendation.
Upvotes: 1
Related Questions
- How to handle auth in nifi-registry when calling from nifi in OIDC configuration?
- Sign out from OIDC client not working with IdentityServer4
- How To properly OIDC Logout in WSO2 IS
- Keycloak | OIDC Backchannel (Single) Logout with Spring Security
- Authenticate Nifi using OpenID Connect using API
- OpenID Connect - how to handle single logout
- How to load users and usergroups info and poliocis from openid connect provider?
- Back-channel logout using OIDC
- Single Logout with OIDC
- How to implement OIDC (Open Id connect) server with OWIN