Support Questions
Find answers, ask questions, and share your expertise

How to encrypt and store zeppelin passwords of different users in database?

How to encrypt and store zeppelin passwords of different users in database?

Hi All,

Currently the passwords of all the users of zeppelin are stored in shiro.ini file in plain text format. I want to encrypt these passwords and store in mysql database. I am struck with this since many days as I am new to the technology. I don't have LDAP or AD. Also no kerberization is implemented. Ambari UI is being used. Looking to achieve it through configuration changes itself rather than changing the existing functionality completely. Can anyone please guide me to achieve the same.

Thanks in advance.

2 REPLIES 2

Re: How to encrypt and store zeppelin passwords of different users in database?

Contributor

@Aishwarya Dixit

We can use jceks to secure the password and edit shiro.ini to include this jceks file.

Ex:

hadoop credential create contextFactory.systemPassword -provider jceks:///etc/zeppelin/conf/credentials.jceks

Slide 25 in the following article has an example,

https://www.slideshare.net/vinnies12/apache-spark-apache-zeppelin-security-for-enterprise-deployment...

See if this helps.

Re: How to encrypt and store zeppelin passwords of different users in database?

Hi @Rajesh, Thanks for the answer. This seems to be feasible to be implemented in the cluster I am using. Needed few clarifications though.

1. What would be the content of jceks file? Can i have an example jceks fle for better understanding?

2. hadoop credential create contextFactory.systemPassword -provider jceks:///etc/zeppelin/conf/credentials.jceks This line would be included in [main] part of shiro.ini file?

It would be really helpful if you could guide me through this.

Thanks in advance.