@rguruvannagari. I don't know if it was the trick but I set the property zeppelin.anonymous.allowed to false in conf/zeppelin-site.xml and then restarted zeppelin. i also noticed that my shiro.ini changes were reversed or reset to the original. confused but now i was prompted for login. I used maria_dev and it worked. i will carry on w/ the tutorial. ... View more

[root@sandbox conf]# more shiro.ini [users] # List of users with their password allowed to access Zeppelin. # To use a different strategy (LDAP / Database / ...) check the shiro doc at http://shiro.apache.org/configuration.html#Configuration-INISections #admin = password1 #user1 = password2, role1, role2 #user2 = password3, role3 #user3 = password4, role2 # Sample LDAP configuration, for user Authentication, currently tested for single Realm [main] #activeDirectoryRealm = org.apache.zeppelin.server.ActiveDirectoryGroupRealm #activeDirectoryRealm.systemUsername = CN=Administrator,CN=Users,DC=HW,DC=EXAMPLE,DC=COM #activeDirectoryRealm.systemPassword = Password1! #activeDirectoryRealm.hadoopSecurityCredentialPath = jceks://user/zeppelin/zeppelin.jceks #activeDirectoryRealm.searchBase = CN=Users,DC=HW,DC=TEST,DC=COM #activeDirectoryRealm.url = ldap://ad-nano.test.example.com:389 #activeDirectoryRealm.groupRolesMap = "" #activeDirectoryRealm.authorizationCachingEnabled = true #ldapRealm = org.apache.shiro.realm.ldap.JndiLdapRealm #ldapRealm.userDnTemplate = uid={0},cn=users,cn=accounts,dc=example,dc=com #ldapRealm.contextFactory.url = ldap://ldaphost:389 #ldapRealm.contextFactory.authenticationMechanism = SIMPLE #sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager #securityManager.sessionManager = $sessionManager # 86,400,000 milliseconds = 24 hour #securityManager.sessionManager.globalSessionTimeout = 86400000 shiro.loginUrl = /api/login [urls] # anon means the access is anonymous. # authcBasic means Basic Auth Security # To enfore security, comment the line below and uncomment the next one /api/version = anon /** = anon #/** = authc ... View more

@Iraheja or @rguruvannagari . Thanks for both your answers. Any pointers how to switch users in Zeppelin? I'm stuck on anonymous still after restarting zeppelin w/ the above changes to my shiro.ini config file. I don't see a way in the zeppelin UI to switch users. I can update the 'credential' but I don't really know what that is for. I am clearly a zeppelin newbie. -Colin ... View more

Thank you. I restarted service but going to browser on :9995, I guess I still don't know how to switch from the user anonymous. below is how the tail of my shiro.ini [urls] section now reads in case you see any issue here. -Colin /api/version = anon /** = anon #/** = authc ... View more

Thank you. ... View more

@Michael Young I won't claim to understand but, after adding WebSSL at port 4200 into my network security group and disconnecting from VPN (to avoid SOCKS proxy details), I was able to login as root/hadoop. i then changed the root password and am back on my feet. Thank you. I am curious where you found the detail on the need for port 4200 that you pasted. It is not contained in the Azure HDP Sandbox tutorial. Thanks again, - Colin ... View more