GitHub user hayssams opened a pull request:
https://github.com/apache/incubator-zeppelin/pull/53
Added Shiro security
Added shiro security. HTTP calls and websockets communications are both
protected.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/ebiznext/incubator-zeppelin shira-security
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-zeppelin/pull/53.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #53
----
commit 429516845bf9137c8d1d6e908a0e521894bae529
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:14:57Z
Added shirt dependencies
commit e52f4fb2a5997bf41189b20d7b12222497445148
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:16:40Z
default shiro configuration file
commit 6e07f10e5aab247a18df4dad7e10c719373ccee2
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:17:33Z
The connected or anonymous user should get a ticket first from this API
commit 8178c2cb43783694fe2070f950c5bfd35f73e1ae
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:17:54Z
Shiro filter to protect access to the API.
No need to proceed web resources here.
commit 774ada93f2e4a2747fc28e50afb71548a3d7e9f1
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:18:13Z
Very simple ticket container
No cleanup is done, since the same user accross different devices share the
same ticket
The Map size is at most the number of different user names having access to
a Zeppelin instance
commit c2b3cf325244ddf52e46723190d191cb93824900
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:18:28Z
User name & ticket are now required to access the notebook api since each
note is now attached to a user
commit 16f0ace0e7df6546faac6fb33bd5d689d7e7b6d4
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:18:51Z
Notes are now loaded from and stored in a subdirectory named after the
username.
commit a8eb2cc17b3a30f3e8838291ef3cab3b9b4bbae2
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:19:08Z
Web socket handlers require the username & ticket got through the initial
HTTP call to the SecurityRestApi.
This proves that web socket access is done by the user who provided the
credentials through Shiro on the HTTP channel.
commit f81aaa5f7cbd579b489938ff9339b6134e66e940
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:19:26Z
Notebooks are now user dependent. We still load all note in memory.
Tests are updated accordingly by using the anonymous user.
commit 3f96384f62c4f5d2f907063d9e3d0582daa93cb8
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:19:44Z
Get ticket on startup
commit baf311c4d6173af47581df95e3b727d067bf224a
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:20:01Z
Submit username & ticket on web socket requests
commit 4c9167eb943cd368955681665fd151f30a0a1d0f
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:20:23Z
add user & ticket to API calls
commit f9244c3b4e644e9e5a39ee9ca1341697f1232345
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:22:02Z
Upgrade tests
commit ba1da1429f043e4b26afd59f1b59dc84418b431e
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:22:21Z
Message hold the username & ticket now
commit 7ab1b235d83cd330012904ab1060b5d62192102f
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:22:44Z
Angular objects are attached specific to a user
commit 284e2ea7bb4ea9729c468472385a21bb117b5f7f
Author: Hayssam Saleh <[email protected]>
Date: 2015-04-27T08:56:53Z
For an anonymous user, set ticket to anonymous to allow testing
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
