Add interpreter, credential and configuration urls to shiro.ini

2026-05-24 09:38:26 +00:00 · 2016-06-10 12:41:15 -07:00 · 2016-06-10 12:41:15 -07:00 · 2a054d4b55
commit 2a054d4b55
parent d3a81d5e2c
1 changed files with 6 additions and 2 deletions
--- a/conf/shiro.ini
+++ b/conf/shiro.ini
@ -18,7 +18,7 @@
 [users]
 # List of users with their password allowed to access Zeppelin.
 # To use a different strategy (LDAP / Database / ...) check the shiro doc at http://shiro.apache.org/configuration.html#Configuration-INISections
-admin = password1
+admin = password1, admin
 user1 = password2, role1, role2
 user2 = password3, role3
 user3 = password4, role2
@ -60,10 +60,14 @@ role2 = *
 role3 = *

 [urls]
+# This section is used for url-based security.
+# You can secure interpreter, configuration and credential information by urls. Comment or uncomment the below urls that you want to hide. 
 # anon means the access is anonymous.
-# authcBasic means Basic Auth Security
 # authc means Form based Auth Security
 # To enfore security, comment the line below and uncomment the next one
 /api/version = anon
+#/api/interpreter/** = authc, roles[admin]
+#/api/configurations/** = authc, roles[admin]
+#/api/credential/** = authc, roles[admin]
 /** = anon
 #/** = authc