Elgato_dark/zeppelin
1
0
Fork 0
mirror of https://github.com/apache/zeppelin synced 2026-05-24 09:38:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeppelin/conf
History
Khalid Huseynov 78ff94c177 [DOCS] Update Shiro configuration file with new package names 
### What is this PR for?
Since most of authentication related realm classes has moved from `org.apache.zeppelin.server` package into `org.apache.zeppelin.realm`, we need to update corresponding `shiro.ini.template` file

### What type of PR is it?
Improvement | Documentation

### Todos
* [x] - update class packages

### What is the Jira issue?
N/A

### How should this be tested?
same as for testing `LdapGroupRealm` or `ActiveDirectoryGroupRealm`

### Screenshots (if appropriate)

### Questions:
* Does the licenses files need update? no
* Is there breaking changes for older versions? no
* Does this needs documentation? no

Author: Khalid Huseynov <khalidhnv@gmail.com>

Closes #1700 from khalidhuseynov/update/shiro-config and squashes the following commits:

2eabc24 [Khalid Huseynov] update package names
2016-11-29 17:03:09 +09:00
..
configuration.xsl Add daemon script and configuration files 2013-09-08 16:13:22 +09:00
interpreter-list Closes [ZEPPELIN-1505] Add Scio interpreter 2016-11-14 11:00:15 -08:00
log4j.properties [ZEPPELIN-23] Set version of default spark interpreter build profile from 1.1 to 1.3 2015-06-03 14:26:50 +09:00
README.md Fix some typos 2015-02-08 01:33:14 +09:00
shiro.ini.template [DOCS] Update Shiro configuration file with new package names 2016-11-29 17:03:09 +09:00
zeppelin-env.cmd.template [HOTFIX] Set default ZEPPELIN_INTP_MEM 2016-10-12 16:44:53 +09:00
zeppelin-env.sh.template [ZEPPELIN-1657] Private/public mode for user note creation/import 2016-11-19 05:55:40 -08:00
zeppelin-site.xml.template [ZEPPELIN-1683] Run python process in docker container 2016-11-24 09:08:52 -08:00

README.md

Enabling SSL

Enabling SSL requires a few changes. The first is to set zeppelin.ssl to true. If you'll like to use client side certificate authentication as well, then set zeppelin.ssl.client.auth to true too.

Information how about to generate certificates and a keystore can be found here.

A condensed example can be found in the top answer to this StackOverflow post.

The keystore holds the private key and certificate on the server end. The trustore holds the trusted client certificates. Be sure that the path and password for these two stores are correctly configured in the password fields below. They can be obfuscated using the Jetty password tool. After Maven pulls in all the dependency to build Zeppelin, one of the Jetty jars contain the Password tool. Invoke this command from the Zeppelin home build directory with the appropriate version, user, and password.

java -cp ./zeppelin-server/target/lib/jetty-all-server-<version>.jar org.eclipse.jetty.util.security.Password <user> <password>

If you are using a self-signed, a certificate signed by an untrusted CA, or if client authentication is enabled, then the client must have a browser create exceptions for both the normal HTTPS port and WebSocket port. This can by done by trying to establish an HTTPS connection to both ports in a browser (i.e. if the ports are 443 and 8443, then visit https://127.0.0.1:443 and https://127.0.0.1:8443). This step can be skipped if the server certificate is signed by a trusted CA and client auth is disabled.