pmuntyanu commented on issue #2373: [ZEPPELIN-2598] Securing Zeppelin with OpenID Connect URL: https://github.com/apache/zeppelin/pull/2373#issuecomment-488583737 Hi @ajaygk95 , it worked! I even changed the `preferred_username` to the `email` - for my use case, it is better. With regards to the roles and permissions, I think it is possible to use `keycloak` roles and [RequireAnyRoleAuthorizer](https://github.com/pac4j/pac4j/blob/15419a42a572f67c97b2978911fe8ec66dadf0c7/pac4j-core/src/main/java/org/pac4j/core/authorization/authorizer/RequireAnyRoleAuthorizer.java) which we can setup via java-bean-like shiro.ini file. In the end, it is just an idea and I have not tested it yet, but it looks like it can work. More details are [here](https://github.com/bujiio/buji-pac4j/wiki/Apply-security) and example is [here](https://github.com/bujiio/buji-pac4j/wiki/Security-configuration)
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
