Posts: 104
Registered: ‎01-25-2017

Configuring zeppelin to authentication against active directory


I'm trying to configure zeppelin to authnticate against Active directory, i tried akot of combination with no success even the same configuration is working fine against Hue.

Below is my shiro conf at zeppelin and also the parameters i;m using for you?

Any help will be much appreciated, my main goal to allow only user under specific group to access zeppelin.




The shiro conf



#user1 = password2, role1, role2
#user2 = password3, role3
#user3 = password4, role2

securityManager.sessionManager = $sessionManager
securityManager.sessionManager.globalSessionTimeout = 86400000
shiro.loginUrl = /api/login


activeDirectoryRealm = org.apache.zeppelin.server.ActiveDirectoryGroupRealm
activeDirectoryRealm.systemUsername = hueROUser
activeDirectoryRealm.systemPassword = P@ssw0rd!)
activeDirectoryRealm.searchBase = CN=LP HueUsers,OU=Groups,OU=LPDomain
activeDirectoryRealm.url = ldap://
activeDirectoryRealm.groupRolesMap = "CN=hueROUser,OU=Users,OU=LPDomain EQUINIX,DC=lpdomain,DC=com":"admin"
activeDirectoryRealm.authorizationCachingEnabled = false
securityManager.realms = $activeDirectoryRealm
activeDirectoryRealm.authorizationCachingEnabled = true

group1 = *
role2 = *
role3 = *


#/api/version = anon
/api/login = authc
#/** = anon
/** = authc
/api/interpreter/** = authc, roles[admin]
/api/configurations/** = authc, roles[admin]
/api/credential/** = authc, roles[admin]



The Hue configuration that works


ldap_url: ldap://
Active Directory Domain :
LDAP Search Base: CN=LP HueUsers,OU=Groups,OU=LPDomain
LDAP Bind User: CN=hueROUser,OU=Users,OU=LPDomain EQUINIX,DC=lpdomain,DC=com
LDAP Bind Password:
LDAP User Filter: (objectClass=user)

LDAP Username Attribute: sAMAccountName
LDAP Group Filter: (objectClass=group)
LDAP Group Name Attribute: cn
LDAP Group Membership Attribute: member

Posts: 104
Registered: ‎01-25-2017

Re: Configuring zeppelin to authentication against active directory

Anyone familiar with?