Thanks a lot.It worked. shiro.ini changes was not required.I just worked with the code change. Can you just tell me the gist of the problem ? .I read the code but I am not so good in javascript so couldn't figure out the exact problem.
Thanks, Abhisar On Thu, Jun 23, 2016 at 7:10 PM, Prabhjyot Singh <prabhjyotsi...@gmail.com> wrote: > Hi Abhisar, > > I was able to figure out as why it didn't work for you with the last > patch, can you check the latest patch. > > Also, can you try/test with following config in shiro.ini > > [users] >> admin = admin >> user1 = user1 >> >> [main] >> sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager >> securityManager.sessionManager = $sessionManager >> securityManager.sessionManager.globalSessionTimeout = 86400000 >> shiro.loginUrl = /api/login >> >> [urls] >> /api/version = anon >> /** = authcBasic >> >> > > > > On 23 June 2016 at 16:25, Abhisar Mohapatra <abhisar.mohapa...@inmobi.com> > wrote: > >> Nopes .It doesn't.Only in case of new window if opened,it asks for >> relogin else it just redirects to same page without logout >> >> On Thu, Jun 23, 2016 at 3:21 PM, Prabhjyot Singh < >> prabhjyotsi...@gmail.com> wrote: >> >>> Hi Abhisar, >>> >>> I've just created a PR (https://github.com/apache/zeppelin/pull/1071) >>> for this fix. Can you apply this patch and test, if that works for you. >>> >>> On 23 June 2016 at 08:40, Abhisar Mohapatra < >>> abhisar.mohapa...@inmobi.com> wrote: >>> >>>> Yeah this I explored.It only gets plugged into LDAP or CAS now through >>>> shiro. Have to figure out a way to integrate with existing SSO and then use >>>> JWT for all permission stuff. >>>> Anyways Thanks :) >>>> >>>> On Wed, Jun 22, 2016 at 11:43 PM, Rob Anderson < >>>> rockclimbings...@gmail.com> wrote: >>>> >>>>> There was a bug fix / enhancement that went out last week, to support >>>>> group-to-role mappings, from a directory server, via ldap(s) calls. See >>>>> https://github.com/apache/zeppelin/pull/986. I'm not sure if it's >>>>> compatible with JWT tokens, I would guess not. >>>>> >>>>> I'm using AD on the back end. I've got groups mapped to roles, which >>>>> are then used for the notebook R/W permissions. Works great. >>>>> >>>>> Rob >>>>> >>>>> On Wed, Jun 22, 2016 at 2:07 AM, Abhisar Mohapatra < >>>>> abhisar.mohapa...@inmobi.com> wrote: >>>>> >>>>>> >>>>>> I am using basic Shiro based authentication inbuilt in Zeppelin 0.6.0. >>>>>> I have got a certain use case where we have a separate SSO system >>>>>> which once successfully authenticated gives me back a JWT token with user >>>>>> info and groups. Can this info be used to give notebook level read-write >>>>>> access and share access ? >>>>>> >>>>>> >>>>>> Thanks, >>>>>> Abhisar >>>>>> >>>>>> >>>>>> >>>>>> _____________________________________________________________ >>>>>> The information contained in this communication is intended solely >>>>>> for the use of the individual or entity to whom it is addressed and >>>>>> others >>>>>> authorized to receive it. It may contain confidential or legally >>>>>> privileged >>>>>> information. If you are not the intended recipient you are hereby >>>>>> notified >>>>>> that any disclosure, copying, distribution or taking any action in >>>>>> reliance >>>>>> on the contents of this information is strictly prohibited and may be >>>>>> unlawful. If you have received this communication in error, please notify >>>>>> us immediately by responding to this email and then delete it from your >>>>>> system. The firm is neither liable for the proper and complete >>>>>> transmission >>>>>> of the information contained in this communication nor for any delay in >>>>>> its >>>>>> receipt. >>>>> >>>>> >>>>> >>>> >>>> _____________________________________________________________ >>>> The information contained in this communication is intended solely for >>>> the use of the individual or entity to whom it is addressed and others >>>> authorized to receive it. It may contain confidential or legally privileged >>>> information. If you are not the intended recipient you are hereby notified >>>> that any disclosure, copying, distribution or taking any action in reliance >>>> on the contents of this information is strictly prohibited and may be >>>> unlawful. If you have received this communication in error, please notify >>>> us immediately by responding to this email and then delete it from your >>>> system. The firm is neither liable for the proper and complete transmission >>>> of the information contained in this communication nor for any delay in its >>>> receipt. >>>> >>> >>> >>> >>> -- >>> Thankx and Regards, >>> >>> Prabhjyot Singh >>> >> >> >> _____________________________________________________________ >> The information contained in this communication is intended solely for >> the use of the individual or entity to whom it is addressed and others >> authorized to receive it. It may contain confidential or legally privileged >> information. If you are not the intended recipient you are hereby notified >> that any disclosure, copying, distribution or taking any action in reliance >> on the contents of this information is strictly prohibited and may be >> unlawful. If you have received this communication in error, please notify >> us immediately by responding to this email and then delete it from your >> system. The firm is neither liable for the proper and complete transmission >> of the information contained in this communication nor for any delay in its >> receipt. >> > > > > -- > Thankx and Regards, > > Prabhjyot Singh > -- _____________________________________________________________ The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. The firm is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.
