Github user paramount2u commented on the issue:
https://github.com/apache/zeppelin/pull/2405
Hi,
After creating build-0.8.0-SNAPSHOT locally and tested group-role mapping.
Using the below configurations (shiro.ini file) I see the user mapped no roles
in the log ("roles":"[]"). @prabhjyotsingh can you please help me with that ?
[main]
activeDirectoryRealm = org.apache.zeppelin.realm.ActiveDirectoryGroupRealm
activeDirectoryRealm.systemUsername = USERNAME
activeDirectoryRealm.systemPassword = PASSWORD
activeDirectoryRealm.principalSuffix = @AD.COMPANY.COM
activeDirectoryRealm.searchBase = dc=AD,dc=COMPANY,dc=COM
activeDirectoryRealm.url = ldap://ad.company.com:389
activeDirectoryRealm.groupRolesMap = "CN=ADGROUP,OU=Service Security
Group,OU=Service-Units,DC=AD,DC=COMPANY,DC=COM":admin
activeDirectoryRealm.authorizationCachingEnabled = true
securityManager.realm = $activeDirectoryRealm
sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager
securityManager.sessionManager = $sessionManager
securityManager.sessionManager.globalSessionTimeout = 8640
shiro.loginUrl = /api/login
[rules]
admin = *
[urls]
/api/version = anon
/api/interpreter/** = authc, roles[admin]
/api/configurations/** = authc, roles[admin]
/api/credential/** = authc, roles[admin]
#/** = anon
/** = authc
---