Search code examples
dockercallbackapache-nifihttpserver

Nifi ListenHTTP/HandleHttpRequest External Access

I would like to use the NiFi to have an HTTP listener that I would be using it as a callback url for and external API.

So, I got to know about ListenHTTP and HandleHttpRequest which acts as a HTTP server that keeps listening on a defined path. The NiFi server is running on Docker and setup is secured(HTTPS) and the UI is accessible via https://nifidev.xyz.com/nifi/

Now I setup the HandleHttpRequest to port 443 and base path to /callback

HandleHttpRequest Properties

When I try to do some POST commands using cURL from the docker container, a flowfile is generated with the details that is passed

curl --location 'http://nifidev:443/callback' --header 'Content-Type: text/plain' --data 'foo=bar
userid=12345
startdate=1530576000
enddate=1530698753'

Note: nifidev is the container name that is used in the cURL command

Now, when I try to do the same via postman the POST call fails

POST Request : https://nifidev.xyz.com:443/callback

<h1>System Error</h1>
<h2>The request contained an invalid host header [<code>nifidev.xyz.com:443</code>] in the request
    [<code>/callback</code>]. Check for request manipulation or third-party intercept.</h2>
<h3>Valid host headers are [<code>empty</code>] or: <br/><code>
<ul><li>127.0.0.1</li>
<li>127.0.0.1:8443</li>
<li>localhost</li>
<li>localhost:8443</li>
<li>[::1]</li>
<li>[::1]:8443</li>
<li>nifidev</li>
<li>nifidev:8443</li>
<li>10.0.4.11</li>
<li>10.0.4.11:8443</li>
<li>nifidev.xyz.com</li>
</ul>

</code></h3>

I have also tried to make the call POST /callback HTTP/1.1 Host: nifidev.xyz.com Response -> You may have mistyped... but we'll try to redirect you in 5 seconds.

Would the HTTP server be accessible from the internet, do I need to add any additional configurations to make it accessible. The whole setup is on Docker so is it something to do with the container to be made publically accessible.

Setup Details

  • Docker NiFi
  • Web Proxy Traefik
  • NiFi Secured HTTPS
Solution

  • As all the setup is on Docker and we have a Webproxy (Traefik), I was able to route the requests POST by adding a rule in the Traefik labels.

    # HTTP Listener
- traefik.http.routers.Nifi-listener.service=Nifi-listener
- traefik.http.routers.Nifi-listener.entrypoints=websecure
- traefik.http.routers.Nifi-listener.tls=true
- traefik.http.routers.Nifi-listener.rule=(Host(`hostname`) && Path(`/path`))
- traefik.http.services.Nifi-listener.loadbalancer.server.port=<port>
- traefik.http.services.Nifi-listener.loadbalancer.server.scheme=https

    With this labels added into the NiFi Docker compose file, the requests redirection was taken care by Traefik.