Github user sohaibiftikhar commented on the issue:
https://github.com/apache/zeppelin/pull/932
@echarles I tested with both simple and LdapGroupRealm and it was working.
It is only with LdapRealm that I am facing an issue. I will post a sample
`shiro.ini` for your reference. As I said I am still not sure why /login is
being called internally. I tried debugging with the source code but due to my
unfamiliarity with the codebase it has not been of much help.
```
[main]
ldapRealm = org.apache.zeppelin.realm.LdapRealm
ldapRealm.userDnTemplate = uid={0},ou=people,dc=my-company,dc=net
ldapRealm.searchBase = dc=my-company,dc=net
ldapRealm.userSearchBase = ou=people,dc=my-company,dc=net
ldapRealm.groupSearchBase = ou=groups,dc=my-company,dc=net
ldapRealm.contextFactory.url = ldaps://auth.mycompany.net:636
ldapRealm.contextFactory.authenticationMechanism = simple
ldapRealm.userObjectClass = posixAccount
ldapRealm.groupObjectClass = posixGroup
ldapRealm.authorizationEnabled = true
ldapRealm.memberAttribute = memberUid
ldapRealm.memberAttributeValueTemplate=uid={0},ou=people,dc=my-company,dc=net
ldapRealm.rolesByGroup = USERS:admin
ldapRealm.userSearchAttributeName = uid
securityManager.realms = $ldapRealm
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
shiro.loginUrl = /api/login
[roles]
admin = *
[urls]
/api/version = anon
/** = authc
```
Eventually I will need group based permissions but this is just a
simplified ini. Here is a screenshot of the network activity on calling
api/notebooks.
[https://ibb.co/jLw9vk](url)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
