Apache Zeppelin Component Guide
Also available as:

Configure Zeppelin for Authentication: Non-Production Use

The following steps provide a quick, basic form of authentication. This approach is not for production use; usernames and passwords are exposed in clear text. For production use, you should use LDAP or Active Directory as the identity source.

To configure authentication for informal use or testing:

  1. Populate the [urls] section as follows:

    1. Specify authc as the authentication method in the URL section of shiro.ini contents, and make sure that the authc line is not commented out.

    2. To disable anonymous access to Zeppelin, add a comment character (#) at the start of the line containing /** = anon.

    Here is an example:

    #/api/version = anon
    #/** = anon
    /** = authc
  2. Populate the [users] section as follows:

    Specify authorized accounts and associated passwords in shiro_ini settings: for clusters managed by Ambari, update shiro_ini_content; for non-Ambari clusters, update the shiro.ini file.

    The following example configures authentication for users admin, user1, and user2, with passwords password1, password2, and password3, respectively:

    admin = password1
    user1 = password2
    user2 = password3
  3. Restart the Zeppelin server using Ambari or, for a cluster not managed by Ambari, follow the instructions in Installing and Configuring Apache Zeppelin in the Non-Ambari Cluster Installation Guide.

  4. After completing these steps, Zeppelin requires authentication of user credentials before allowing access to the Zeppelin UI.