Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
0.7.3
-
None
-
centos , linux environment
Heavy server with > 8 GB ram
zeppelin version is 0.7.3
Description
I am trying to enable Oauth on Zeppelin using shiro - buji-pac4j, Oauth is
working, but shiroFilter works only urls like http://myhomelink/api but not
for http://myhomelink, so i modified /api* to /*, it started working,
basically this is the original code in zeppelinServer.java
if (!StringUtils.isBlank(shiroIniPath))
{ webapp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString()); SecurityUtils.initSecurityManager(shiroIniPath); webapp.addFilter(ShiroFilter.class, "/api/*", EnumSet.allOf(DispatcherType.class)); webapp.addEventListener(new EnvironmentLoaderListener()); }
Shiro URLs is as below
[urls]
- This section is used for url-based security.
- You can secure interpreter, configuration and credential information by
urls. Comment or uncomment the below urls that you want to hide. - anon means the access is anonymous.
- authc means Form based Auth Security
/api/version = anon
/callback = callbackFilter
/api/login/logout = logoutFilter
/** = formClientSecurityFilter
/** = oidcSecurityFilter
Request the experts to help me udnerstand how to ensure shiroFilter is
getting applied to all the URLS.
What is the necesssity of keeping it /api* instead of /*
Regs
Srikanth G N