Elgato_dark/zeppelin
1
0
Fork 0
mirror of https://github.com/apache/zeppelin synced 2026-05-24 09:38:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

documentation....?

Browse source
This commit is contained in:
Herval Freire 2017-10-03 20:52:53 -07:00
parent 82ae8f4012
commit 1d4bc04ac7
1 changed files with 27 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
docs/setup/operation/configuration.md
View file

@ -77,7 +77,19 @@ If both are defined, then the **environment variables** will take priority.
<td>*</td>
<td>Enables a way to specify a ',' separated list of allowed origins for REST and websockets. <br /> e.g. http://localhost:8080</td>
</tr>
<tr>
<tr>
<td><h6 class="properties">ZEPPELIN_CREDENTIALS_PERSIST</h6></td>
<td><h6 class="properties">zeppelin.credentials.persist</h6></td>
<td>true</td>
<td>Persist credentials on a JSON file (credentials.json)</td>
</tr>
<tr>
<td><h6 class="properties">ZEPPELIN_CREDENTIALS_ENCRYPT_KEY</h6></td>
<td><h6 class="properties">zeppelin.credentials.encryptKey</h6></td>
<td></td>
<td>If provided, encrypt passwords on the credentials.json file (passwords will be stored as plain-text otherwise</td>
</tr>
<tr>
<td>N/A</td>
<td><h6 class="properties">zeppelin.anonymous.allowed</h6></td>
<td>true</td>
@ -411,6 +423,20 @@ The following properties needs to be updated in the `zeppelin-site.xml` in order
</property>
```
### Storing user credentials
In order to avoid having to re-enter credentials every time you restart/redeploy Zeppelin, you can store the user credentials. Zeppelin supports this via the ZEPPELIN_CREDENTIALS_PERSIST configuration.
Please notice that passwords will be stored in *plain text* by default. To encrypt the passwords, use the ZEPPELIN_CREDENTIALS_ENCRYPT_KEY config variable. This will encrypt passwords using the AES-128 algorithm.
You can generate an appropriate encryption key any way you'd like - for instance, by using the openssl tool:
```
openssl enc -aes-128-cbc -k secret -P -md sha1
```
*Important*: storing your encryption key in a configuration file is _not advised_. Depending on your environment security needs, you may want to consider utilizing a credentials server, storing the ZEPPELIN_CREDENTIALS_ENCRYPT_KEY as an OS env variable, or any other approach that would not colocate the encryption key and the encrypted content (the credentials.json file).
### Obfuscating Passwords using the Jetty Password Tool