You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by "Vipin Rathor (JIRA)" <ji...@apache.org> on 2016/12/19 20:33:58 UTC
[jira] [Created] (ZEPPELIN-1840) Fully qualified username can not
be used for login when principalSuffix is defined
Vipin Rathor created ZEPPELIN-1840:
--------------------------------------
Summary: Fully qualified username can not be used for login when principalSuffix is defined
Key: ZEPPELIN-1840
URL: https://issues.apache.org/jira/browse/ZEPPELIN-1840
Project: Zeppelin
Issue Type: Bug
Components: security
Affects Versions: 0.7.0
Reporter: Vipin Rathor
Priority: Minor
When Zeppelin is configured against Active Directory for user authentication, by default, fully qualified user names are allowed. E.g. user1@DOMAIN.COM
User can be spared from typing the long domain name each time by specifying "activeDirectoryGroupRealm.principalSuffix = @DOMAIN.COM" in shiro.ini. Now user can just specify short username i.e. "user1" during login.
Problem:
When principalSuffix is defined in shiro.ini, only the short username are allowed and any attempt with fully qualified user name will result in the login error.
Excepted Behavior:
Zeppelin UI should allow both username formats (short and fully qualified) when principalSuffix is defined
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)