This section describes how to restrict access to Apache Zeppelin notebooks by granting
permissions to specific users and groups.
There are two main steps in this process: defining the
searchBase
property in the Zeppelin Shiro configuration, and then
specifying permissions.-
In Zeppelin configuration settings, the Zeppelin administrator should specify
activeDirectoryRealm.searchBase
or
ldapRealm.searchBase
, depending on whether Zeppelin uses AD or
LDAP for authentication. The value of searchBase
controls where
Zeppelin looks for users and groups.
For more information, refer to "Shiro Settings: Reference" in this guide. For an
example, see "Configure Zeppelin for Authentication: LDAP and Active Directory" in
this guide.
-
The owner of the notebook should navigate to the note and complete the following
steps:
- Click the lock icon on the notebook:
- Zeppelin presents a popup menu. Enter the user and groups that should have
access to the note. To search for an account, start typing the
name.
Note: If you are using Shiro as the identity store, users
should be listed in the [user]
section. If you are using AD
or LDAP users and groups should be stored in the realm associated with your
Shiro configuration.