Enabling Access Control for Notebooks
The next optional security step is to add access control for Zeppelin notes, granting
permissions to specific users and groups. There are two main steps to this process: defining
the searchBase
property in the Zeppelin Shiro configuration, and then
specifying permissions.
To restrict notebook access to authorized users:
Administrator:
In Zeppelin configuration settings, specify
activeDirectoryRealm.searchBase
orldapRealm.searchBase
, depending on whether you use AD or LDAP for authentication. The value ofsearchBase
controls where Zeppelin looks for users and groups.For more information, refer to Shiro Settings: Reference. For an example, see Configure Authentication for Authentication: LDAP and Active Directory.
Owner of a notebook:
Navigate to the note.
Click the lock icon on the notebook:
Zeppelin presents a popup menu. Enter the user and groups that should have access to the note. To search for an account, start typing the name.
Note: If you are using Shiro as the identity store, users should be listed in the
[user]
section. If you are using AD or LDAP users and groups should be stored in the realm associated with your Shiro configuration.
For more information, see Apache Zeppelin Notebook Authorization.