Reply
Expert Contributor
Posts: 219
Registered: ‎01-25-2017

Configuring zeppelin to authentication against active directory

Hi,

I'm trying to configure zeppelin to authnticate against Active directory, i tried akot of combination with no success even the same configuration is working fine against Hue.

Below is my shiro conf at zeppelin and also the parameters i;m using for you?

Any help will be much appreciated, my main goal to allow only user under specific group to access zeppelin.

 

=====================

 

The shiro conf

 

 

[users]
#user1 = password2, role1, role2
#user2 = password3, role3
#user3 = password4, role2


securityManager.sessionManager = $sessionManager
securityManager.sessionManager.globalSessionTimeout = 86400000
shiro.loginUrl = /api/login

 

activeDirectoryRealm = org.apache.zeppelin.server.ActiveDirectoryGroupRealm
activeDirectoryRealm.systemUsername = hueROUser
activeDirectoryRealm.systemPassword = P@ssw0rd!)
activeDirectoryRealm.searchBase = CN=LP HueUsers,OU=Groups,OU=LPDomain
activeDirectoryRealm.url = ldap://lpdomain.com
activeDirectoryRealm.groupRolesMap = "CN=hueROUser,OU=Users,OU=LPDomain EQUINIX,DC=lpdomain,DC=com":"admin"
activeDirectoryRealm.authorizationCachingEnabled = false
activeDirectoryRealm.principalSuffix=@lpdomain
securityManager.realms = $activeDirectoryRealm
activeDirectoryRealm.authorizationCachingEnabled = true


[roles]
group1 = *
role2 = *
role3 = *

[urls]

#/api/version = anon
/api/login = authc
#/** = anon
/** = authc
/api/interpreter/** = authc, roles[admin]
/api/configurations/** = authc, roles[admin]
/api/credential/** = authc, roles[admin]

====

 

The Hue configuration that works

 

ldap_url: ldap://lpdomain.com
Active Directory Domain : lpdomain.com
LDAP Search Base: CN=LP HueUsers,OU=Groups,OU=LPDomain
LDAP Bind User: CN=hueROUser,OU=Users,OU=LPDomain EQUINIX,DC=lpdomain,DC=com
LDAP Bind Password:
LDAP User Filter: (objectClass=user)

LDAP Username Attribute: sAMAccountName
LDAP Group Filter: (objectClass=group)
LDAP Group Name Attribute: cn
LDAP Group Membership Attribute: member

Expert Contributor
Posts: 219
Registered: ‎01-25-2017

Re: Configuring zeppelin to authentication against active directory

Anyone familiar with?

Announcements