Github user hayssams commented on the pull request:
https://github.com/apache/incubator-zeppelin/pull/53#issuecomment-99104007
Hi Anthony
1. You're right using cookies for the HTTP API would be a much better
choice.
2. Regarding storm path, The comments you find in the shiro.ini file come
from the default shiro.ini setup; Wen can safely ignore/remove them
3. The login page is not required for shiro to work. We can use basic auth
by uncommenting line 17 in the shiro.ini file (/** = authcBasic). The browser
will popup a login dialog without any coding required.
4. By default auth is not activated. To activate it, simply comment line 16
and uncomment line 17 in shiro.ini. The file shiro.ini need to be accessible
through the classpath.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
