[GitHub] zeppelin issue #2405: [ZEPPELIN-2640] Roles are not getting honored from shi...

2018-03-05 Thread paramount2u 
Github user paramount2u commented on the issue:

https://github.com/apache/zeppelin/pull/2405
  
@prabhjyotsingh thank you for feedback 


---

[GitHub] zeppelin issue #2405: [ZEPPELIN-2640] Roles are not getting honored from shi...

2018-03-05 Thread prabhjyotsingh 
Github user prabhjyotsingh commented on the issue:

https://github.com/apache/zeppelin/pull/2405
  
@paramount2u sounds like something to do with your activeDirectory 
configuration not correct, and if you feel issue can be reproduced, please 
create a new JIRA.


---

[GitHub] zeppelin issue #2405: [ZEPPELIN-2640] Roles are not getting honored from shi...

2018-03-05 Thread paramount2u 
Github user paramount2u commented on the issue:

https://github.com/apache/zeppelin/pull/2405
  
Hi,

After creating build-0.8.0-SNAPSHOT locally and tested group-role mapping. 
Using the below configurations (shiro.ini file) I see the user mapped no roles 
in the log ("roles":"[]"). @prabhjyotsingh can you please help me with that ?

[main]
activeDirectoryRealm = org.apache.zeppelin.realm.ActiveDirectoryGroupRealm
activeDirectoryRealm.systemUsername = USERNAME
activeDirectoryRealm.systemPassword = PASSWORD
activeDirectoryRealm.principalSuffix = @AD.COMPANY.COM
activeDirectoryRealm.searchBase = dc=AD,dc=COMPANY,dc=COM
activeDirectoryRealm.url = ldap://ad.company.com:389
activeDirectoryRealm.groupRolesMap = "CN=ADGROUP,OU=Service Security 
Group,OU=Service-Units,DC=AD,DC=COMPANY,DC=COM":admin
activeDirectoryRealm.authorizationCachingEnabled = true

securityManager.realm = $activeDirectoryRealm

sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager
securityManager.sessionManager = $sessionManager
securityManager.sessionManager.globalSessionTimeout = 8640
shiro.loginUrl = /api/login

[rules]
admin = *

[urls]
/api/version = anon
/api/interpreter/** = authc, roles[admin]
/api/configurations/** = authc, roles[admin]
/api/credential/** = authc, roles[admin]
#/** = anon
/** = authc
 


---

[GitHub] zeppelin issue #2405: [ZEPPELIN-2640] Roles are not getting honored from shi...

2017-06-13 Thread prabhjyotsingh 
Github user prabhjyotsingh commented on the issue:

https://github.com/apache/zeppelin/pull/2405
  
Thank you @felixcheung, @khalidhuseynov for the review.
Will merge this if no more discussion.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---