[jira] [Created] (ZEPPELIN-5377) How can i use PAM authentication

["ighack (Jira)" <ji...@apache.org>]

ighack created ZEPPELIN-5377:
--------------------------------

             Summary: How can i use PAM authentication
                 Key: ZEPPELIN-5377
                 URL: https://issues.apache.org/jira/browse/ZEPPELIN-5377
             Project: Zeppelin
          Issue Type: Task
          Components: security
    Affects Versions: 0.9.0
            Reporter: ighack


I copy shiro.ini.template to shiro.ini

modify shiro.ini

 

#[users]
# List of users with their password allowed to access Zeppelin.
# To use a different strategy (LDAP / Database / ...) check the shiro doc at http://shiro.apache.org/configuration.html#Configuration-INISections
# To enable admin user, uncomment the following line and set an appropriate password.
#admin = password1, admin
#user1 = password2, role1, role2
#user2 = password3, role3
#user3 = password4, role2

 

………………………………………………………………

 

### A sample PAM configuration
pamRealm=org.apache.zeppelin.realm.PamRealm
pamRealm.service=zeppelin

 

in /etc/pam.d/zeppelin

#%PAM-1.0
## This file is auto-generated.
## User changes will be destroyed the next time authconfig is run.
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
#auth required pam_deny.so
#
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so

 

but only "jzyc" user can login, other users get error "The username and password that you entered don't match."

username and passowd is correct, I ensure

 

if I use "pamRealm.service=sshd"

also only "jzyc" use can login,

I ensure "read_hive" user can ssh, but "read_hive" can't login zeppelin

 

I don't know how to create /etc/pam.d/zeppelin

 

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)