Elgato_dark/zeppelin
1
0
Fork 0
mirror of https://github.com/apache/zeppelin synced 2026-05-24 09:38:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Updated doc as per the review comments.

Browse source
This commit is contained in:
Vipin Rathor 2017-08-22 13:20:47 -07:00
parent fec8d7edc2
commit c7b7995920
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/setup/security/shiro_authentication.md
View file

@ -212,7 +212,7 @@ securityManager.realms = $zeppelinHubRealm
## Secure Cookie for Zeppelin Sessions (optional)
Zeppelin can be configured to set `HttpOnly` flag in the session cookie. With this configuration, Zeppelin cookies can
not be accessed via client side scripts thus preventing Cross-site scripting (XSS) attacks.
not be accessed via client side scripts thus preventing majority of Cross-site scripting (XSS) attacks.
To enable secure cookie support via Shiro, add the following lines in `conf/shiro.ini` under `[main]` section, after
defining a `sessionManager`.