Use the following steps to begin configuring Apache Zeppelin security.
Configure Security on an Ambari-Managed Cluster
If your cluster is managed by Ambari, navigate to the Configs tab and edit settings in the "Advanced zeppelin-env", "Advanced zeppelin-config", "zeppelin-log4j-properties" and "zeppelin-shiro-ini" sections, as described in following subsections.
shiro_ini_content require restarting the Zeppelin server.
Ambari indicates this with a warning, and offers a menu option to restart
Configure Security on a non-Ambari Cluster
If your cluster is not managed by Ambari:
- Locate the
shiro.initemplate file in the Zeppelin
- Copy the template file as
- Edit the
shiro.inifile as described in the following subsections.
- After editing the
shiro.inifile, restart the Zeppelin server:
shiro_ini_content property (Ambari) and
shiro.ini file (non-Ambari) contain several sections for
[main], which contains definitions for LDAP or Active Directory objects and properties.
[users], which can be used to specify user accounts and passwords for simple deployments that do not require secure passwords, and require only a small number of statically-defined accounts.
[roles], for defining roles associated with access control.
[urls], for configuring URL-based security. For Zepplin, the
[urls]section is used to specify authentication method and define access control filters.