ZEPPELIN-661: Add shiro authentication docs

2026-05-24 09:38:26 +00:00 · 2016-02-12 11:16:14 +09:00 · 2016-02-12 11:16:14 +09:00 · d841a8a23c
commit d841a8a23c
parent 6e35120851
3 changed files with 70 additions and 0 deletions
--- a/docs/_includes/themes/zeppelin/_navigation.html
+++ b/docs/_includes/themes/zeppelin/_navigation.html
@ -86,6 +86,9 @@
                <li><a href="{{BASE_PATH}}/development/writingzeppelininterpreter.html">Writing Zeppelin Interpreter</a></li>
                <li><a href="{{BASE_PATH}}/development/howtocontribute.html">How to contribute (code)</a></li>
                <li><a href="{{BASE_PATH}}/development/howtocontributewebsite.html">How to contribute (website)</a></li>
+                <li role="separator" class="divider"></li>
+                <!-- li><span><b>Shiro Security</b><span></li -->
+                <li><a href="{{BASE_PATH}}/manual/shiroauthentication.html">Shiro Authentication</a></li>
              </ul>
            </li>
          </ul>
--- a/docs/assets/themes/zeppelin/img/docs-img/zeppelin-login.png
+++ b/docs/assets/themes/zeppelin/img/docs-img/zeppelin-login.png
--- a/docs/manual/shiroauthentication.md
+++ b/docs/manual/shiroauthentication.md
@ -0,0 +1,67 @@
+---
+layout: page
+title: "Shiro Security for Apache Zeppelin"
+description: ""
+group: manual
+---
+<!--
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+{% include JB/setup %}
+
+# Shiro authentication for Apache Zeppelin
+[Apache Shiro](http://shiro.apache.org/) is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. In this documentation, we will explain step by step how Shiro works for Zeppelin notebook authentication. 
+
+When you connect to Apache Zeppelin, you will be asked to enter your credentials. Once you logged in, then you have access to all notes including other user's notes.
+
+## Security Setup
+You can setup **Zeppelin notebook authentication** in some simple steps.
+
+####1. Secure the HTTP channel
+Deactivate the line "/** = anon" and activate the line "/** = authcBasic" in `conf/shiro.ini` file. 
+
+```
+#/** = anon
+/** = authcBasic
+```
+
+For the further information about  `shiro.ini` file format, please refer to [Shiro Configuration](http://shiro.apache.org/configuration.html#Configuration-INISections).
+
+####2. Secure the Websocket channel
+Set to property **zeppelin.anonymous.allowed** to **false** in `conf/zeppelin-site.xml`. If you don't have this file yet, just copy `conf/zeppelin-site.xml.template` to `conf/zeppelin-site.xml`.
+
+####3. Start Zeppelin
+	 
+```
+bin/zeppelin-daemon.sh start (or restart)
+```
+	
+Then you can browse Zeppelin at [http://localhost:8080](http://localhost:8080).
+
+####4. Login
+Finally, you can login using one of the below **username/password** combinations. 
+
+<center><img src="../assets/themes/zeppelin/img/docs-img/zeppelin-login.png" width="40%" height="40%"></center>
+
+```
+admin = password1
+user1 = password2
+user2 = password3
+```
+	
+Those combinations are defined in the `conf/shiro.ini` file.
+
+> **NOTE :** This documentation is originally from [SECURITY-README.md](https://github.com/apache/incubator-zeppelin/blob/master/SECURITY-README.md). 
+
+
+