You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by zj...@apache.org on 2021/07/21 02:13:03 UTC
[zeppelin] branch master updated: [ZEPPELIN-5424] Clarify LDAPRealm
Bug/Limit
This is an automated email from the ASF dual-hosted git repository.
zjffdu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zeppelin.git
The following commit(s) were added to refs/heads/master by this push:
new ef11cbd [ZEPPELIN-5424] Clarify LDAPRealm Bug/Limit
ef11cbd is described below
commit ef11cbdc1c78bd86951a8cb4d88c5ecf936c40c4
Author: Johannes Schillinger <jo...@gmail.com>
AuthorDate: Wed Jun 23 10:57:52 2021 +0200
[ZEPPELIN-5424] Clarify LDAPRealm Bug/Limit
Inform Users of Zeppelin 0.9 of a limitation in LDAPRealm
### What is this PR for?
As I spent a lot of Time figuring out this Problem with LDAPRealm I would like to inform other Users of this current Limitation
### What type of PR is it?
Documentation
### Todos
* republish Zeppelin 0.9 Documentation
### What is the Jira issue?
https://issues.apache.org/jira/browse/ZEPPELIN-5424
### How should this be tested?
No Code testing is needed, maybe verify the documented Limitation
### Screenshots (if appropriate)
### Questions:
* Does the licenses files need update? No
* Is there breaking changes for older versions? No
* Does this needs documentation? No
Author: Johannes Schillinger <jo...@gmail.com>
Closes #4149 from chillinger/ZEPPELIN-5424_documentation and squashes the following commits:
d020f0e1ca [Johannes Schillinger] Clarify LDAPRealm Bug/Limit
---
docs/setup/security/shiro_authentication.md | 1 +
1 file changed, 1 insertion(+)
diff --git a/docs/setup/security/shiro_authentication.md b/docs/setup/security/shiro_authentication.md
index bfd61f8..0e3035f 100644
--- a/docs/setup/security/shiro_authentication.md
+++ b/docs/setup/security/shiro_authentication.md
@@ -195,6 +195,7 @@ Add the following line in the `shiro.ini` file:
```
ldapRealm.hadoopSecurityCredentialPath = jceks://file/user/zeppelin/conf/zeppelin.jceks
```
+**Caution** due to a bug in LDAPRealm only ```ldapRealm.pagingSize``` results will be fetched from LDAP. In big directory Trees this may cause missing Roles. Try limiting the search Scope using ```ldapRealm.groupSearchBase``` or narrow down the required Groups using ```ldapRealm.groupSearchFilter```
### PAM
[PAM](https://en.wikipedia.org/wiki/Pluggable_authentication_module) authentication support allows the reuse of existing authentication