Known Issues in Apache Zeppelin

Learn about the known issues in Zeppelin, the impact or changes to the functionality, and the workaround.

CDPD-16845: Zeppelin - Upgrade to Shiro 1.6.0 due to CVE-2020-13933

In the Zeppelin's shiro-ini configuration, set the following properties: invalidRequest.blockBackslash = false invalidRequest.blockSemicolon = false invalidRequest.blockNonAscii = false

CDPD-3090: Due to a configuration typo, functionality involving notebook repositories does not work

Due to a missing closing brace, access to the notebook repositories API is blocked by default.

From the CDP Management Console, go to Cloudera Manager for the cluster running Zeppelin. On the Zeppelin configuration page (Zeppelin service > Configuration), enter shiro urls in the Search field, and then add the missing closing brace to the notebook-repositories URL, as follows:

/api/notebook-repositories/** = authc, roles[{{zeppelin_admin_group}}]

Click Save Changes, and restart the Zeppelin service.

CDPD-2406: Logout button does not work

Clicking the Logout button in the Zeppelin UI logs you out, but then immediately logs you back in using SSO.

Close the browser.