hivefans

zeppelin-shiro.ini

May 18th, 2021
619
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. [main]
  2. ldapRealm=org.apache.zeppelin.realm.LdapRealm
  3. ldapRealm.contextFactory.authenticationMechanism=simple
  4. ldapRealm.contextFactory.url=ldap://10.252.143.193:389
  5. ldapRealm.userDnTemplate=uid={0},ou=people,dc=gwmedc,dc=com
  6. ldapRealm.pagingSize = 200
  7. ldapRealm.authorizationEnabled=true
  8. ldapRealm.searchBase=dc=gwmedc,dc=com
  9. ldapRealm.userSearchBase = ou=people,dc=gwmedc,dc=com
  10. ldapRealm.groupSearchBase = ou=group,dc=gwmedc,dc=com
  11. ldapRealm.groupObjectClass=posixGroup
  12. ldapRealm.userLowerCase = true
  13. ldapRealm.memberAttribute = memberuid
  14. ldapRealm.groupSearchFilter=(&(objectClass=posixGroup)(memberuid={0}))
  15. ldapRealm.userSearchScope = subtree
  16. ldapRealm.groupSearchScope = subtree
  17. ldapRealm.contextFactory.systemUsername= cn=admin,dc=gwmedc,dc=com
  18. ### 我的cn=admin,dc=domain,dc=com密码设置的是admin,这里需要替换成用户自己设置的密码
  19. ldapRealm.contextFactory.systemPassword = admin
  20. ldapRealm.groupSearchEnableMatchingRuleInChain = false
  21. ### 将Ldap上的admin group映射成zeppelin的admin角色, user group映射成zeppelin的user_role角色
  22. ldapRealm.rolesByGroup = admin:admin,user:user_role
  23. securityManager.realms = $ldapRealm
  24.  
  25. sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
  26. cookie = org.apache.shiro.web.servlet.SimpleCookie
  27. cookie.name = JSESSIONID
  28. cookie.httpOnly = true
  29. sessionManager.sessionIdCookie = $cookie
  30. securityManager.sessionManager = $sessionManager
  31. securityManager.sessionManager.globalSessionTimeout = 86400000
  32. shiro.loginUrl = /api/login
  33. securityManager.sessionManager = $sessionManager
  34. securityManager.realms = $ldapRealm
  35.  
  36. sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager
  37. ### Enables 'HttpOnly' flag in Zeppelin cookies
  38. cookie = org.apache.shiro.web.servlet.SimpleCookie
  39. cookie.name = JSESSIONID
  40. cookie.httpOnly = true
  41. ### Uncomment the below line only when Zeppelin is running over HTTPS
  42. #cookie.secure = true
  43. sessionManager.sessionIdCookie = $cookie
  44. securityManager.sessionManager = $sessionManager
  45. # 86,400,000 milliseconds = 24 hour
  46. securityManager.sessionManager.globalSessionTimeout = 86400000
  47. shiro.loginUrl = /api/login
  48.  
  49. [roles]
  50. #devops = *
  51. #admin = *
  52.  
  53. [urls]
  54. /api/version = anon
  55. /api/interpreter/setting/restart/** = authc
  56. /api/interpreter/** = authc, roles[admin]
  57. /api/configurations/** = authc, roles[admin]
  58. /api/credential/** = authc, roles[admin]
  59. #/** = anon
  60. /** = authc
RAW Paste Data