Github user anandsubbu commented on a diff in the pull request: https://github.com/apache/metron/pull/888#discussion_r160591890 --- Diff: metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/indexing_master.py --- @@ -150,12 +151,36 @@ def zeppelin_notebook_import(self, env): env.set_params(params) Logger.info(ambari_format('Searching for Zeppelin Notebooks in {metron_config_zeppelin_path}')) + + # With Ambari 2.5+, Zeppelin server is enabled to work with Shiro authentication, which requires user/password + # for authentication (see https://zeppelin.apache.org/docs/0.6.0/security/shiroauthentication.html for details). + ses = requests.session() + + # Check if authentication is enabled on the Zeppelin server + try: + conn = ses.get(ambari_format('http://{zeppelin_server_url}/api/login')) + + # Establish connection if authentication is enabled + try: + # The following credentials are created at install time by Ambari at /etc/zeppelin/conf/shiro.ini + # when Shiro auth is enabled on the Zeppelin server + zeppelin_payload = {'userName': 'admin', 'password' : 'admin'} --- End diff -- Hi @cestella , thanks for taking a look. The Zeppelin auth credentials are not related to ambari credentials. They are as defined in `/etc/zeppelin/conf/shiro.ini` on the Zeppelin host, which is set up by default during stack deploy time. Here's a snippet: ``` [root@hcpca-1 ~]# cat /etc/zeppelin/conf/shiro.ini [users] # List of users with their password allowed to access Zeppelin. # To use a different strategy (LDAP / Database / ...) check the shiro doc at http://shiro.apache.org/configuration.html#Configuration-INISections admin = admin, admin <snip> ``` When I created the pull request, I considered the option of reading `shiro.ini` file and parsing for the credentials. I did not pursue that further since I wanted to address the immediate need of ability to import notebook on an out-of-the-box Metron cluster. I understand that a thorough way would be to handle the [different INI settings](http://shiro.apache.org/configuration.html#Configuration-INISections) provided by shiro, and could potentially be the scope of another pull request. Please let me know if it makes sense.
---