You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@zeppelin.apache.org by "ighack (Jira)" <ji...@apache.org> on 2021/05/19 07:58:00 UTC
[jira] [Created] (ZEPPELIN-5377) How can i use PAM authentication
ighack created ZEPPELIN-5377:
--------------------------------
Summary: How can i use PAM authentication
Key: ZEPPELIN-5377
URL: https://issues.apache.org/jira/browse/ZEPPELIN-5377
Project: Zeppelin
Issue Type: Task
Components: security
Affects Versions: 0.9.0
Reporter: ighack
I copy shiro.ini.template to shiro.ini
modify shiro.ini
#[users]
# List of users with their password allowed to access Zeppelin.
# To use a different strategy (LDAP / Database / ...) check the shiro doc at http://shiro.apache.org/configuration.html#Configuration-INISections
# To enable admin user, uncomment the following line and set an appropriate password.
#admin = password1, admin
#user1 = password2, role1, role2
#user2 = password3, role3
#user3 = password4, role2
………………………………………………………………
### A sample PAM configuration
pamRealm=org.apache.zeppelin.realm.PamRealm
pamRealm.service=zeppelin
in /etc/pam.d/zeppelin
#%PAM-1.0
## This file is auto-generated.
## User changes will be destroyed the next time authconfig is run.
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 1000 quiet_success
#auth required pam_deny.so
#
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 1000 quiet
account required pam_permit.so
but only "jzyc" user can login, other users get error "The username and password that you entered don't match."
username and passowd is correct, I ensure
if I use "pamRealm.service=sshd"
also only "jzyc" use can login,
I ensure "read_hive" user can ssh, but "read_hive" can't login zeppelin
I don't know how to create /etc/pam.d/zeppelin
--
This message was sent by Atlassian Jira
(v8.3.4#803005)