shiro.ini Example
The following example shows a minimum set of shiro.ini
settings
for authentication and access control, for a Zeppelin deployment that uses Active
Directory.
Prerequisite: corresponding account information is
configured in Active Directory (at adhost.field.hortonworks.com
, in this example)
and on Zeppelin nodes.
[main] # AD authentication settings activeDirectoryRealm = org.apache.zeppelin.realm.ActiveDirectoryGroupRealm activeDirectoryRealm.url = ldap://adhost.org.hortonworks.com:389 activeDirectoryRealm.searchBase = DC=org,DC=hortonworks,DC=com # general settings sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager securityManager.cacheManager = $cacheManager securityManager.sessionManager = $sessionManager securityManager.sessionManager.globalSessionTimeout = 86400000 shiro.loginUrl = /api/login [roles] admin = * [urls] # authentication method and access control filters /api/version = anon /api/interpreter/** = authc, roles[admin] /api/configurations/** = authc, roles[admin] /api/credential/** = authc, roles[admin] #/** = anon /** = authc