You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by zj...@apache.org on 2021/07/21 02:13:03 UTC

[zeppelin] branch master updated: [ZEPPELIN-5424] Clarify LDAPRealm Bug/Limit

This is an automated email from the ASF dual-hosted git repository.

zjffdu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zeppelin.git


The following commit(s) were added to refs/heads/master by this push:
     new ef11cbd  [ZEPPELIN-5424] Clarify LDAPRealm Bug/Limit
ef11cbd is described below

commit ef11cbdc1c78bd86951a8cb4d88c5ecf936c40c4
Author: Johannes Schillinger <jo...@gmail.com>
AuthorDate: Wed Jun 23 10:57:52 2021 +0200

    [ZEPPELIN-5424] Clarify LDAPRealm Bug/Limit
    
    Inform Users of Zeppelin 0.9 of a limitation in LDAPRealm
    
    ### What is this PR for?
    As I spent a lot of Time figuring out this Problem with LDAPRealm I would like to inform other Users of this current Limitation
    
    ### What type of PR is it?
    Documentation
    
    ### Todos
    * republish Zeppelin 0.9 Documentation
    
    ### What is the Jira issue?
    https://issues.apache.org/jira/browse/ZEPPELIN-5424
    
    ### How should this be tested?
    No Code testing is needed, maybe verify the documented Limitation
    
    ### Screenshots (if appropriate)
    
    ### Questions:
    * Does the licenses files need update? No
    * Is there breaking changes for older versions? No
    * Does this needs documentation? No
    
    Author: Johannes Schillinger <jo...@gmail.com>
    
    Closes #4149 from chillinger/ZEPPELIN-5424_documentation and squashes the following commits:
    
    d020f0e1ca [Johannes Schillinger] Clarify LDAPRealm Bug/Limit
---
 docs/setup/security/shiro_authentication.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/setup/security/shiro_authentication.md b/docs/setup/security/shiro_authentication.md
index bfd61f8..0e3035f 100644
--- a/docs/setup/security/shiro_authentication.md
+++ b/docs/setup/security/shiro_authentication.md
@@ -195,6 +195,7 @@ Add the following line in the `shiro.ini` file:
 ``` 
 ldapRealm.hadoopSecurityCredentialPath = jceks://file/user/zeppelin/conf/zeppelin.jceks
 ```
+**Caution** due to a bug in LDAPRealm only ```ldapRealm.pagingSize``` results will be fetched from LDAP. In big directory Trees this may cause missing Roles. Try limiting the search Scope using ```ldapRealm.groupSearchBase``` or narrow down the required Groups using ```ldapRealm.groupSearchFilter```
 
 ### PAM
 [PAM](https://en.wikipedia.org/wiki/Pluggable_authentication_module) authentication support allows the reuse of existing authentication