Until we have a good multitenancy support in Zeppelin, we'd have to run individual Zeppelin instances for each user. Apache Zeppelin uses Shiro for authentication.
So we were trying to use following shiro.ini configurations: > [urls] > /api/version = anon > /** = user["[email protected]"] Also tried > /** = authc, user["[email protected]"] none works in a sense that other users after successful LDAP authentication can create their own notebooks in other user's Zeppelin instances. shiro.ini has [users] and [roles] sections are empty. [main] section configures LDAP authentication backend which works as expected. [email protected] is actual user name which is used in LDAP authentication. How to make [urls] section let only one specific user in? Again, neither > /** = user["[email protected]"] nor > /** = authc, user["[email protected]"] work as we expect - any authenticated user still can access /** (all pages). LDAP authentication works as expected; we're struggling with authorization - to lock Zeppelin in [urls] to one user (or a few users). Thank you, Ruslan
