svn commit: r1768149 [2/2] - in /zeppelin/site/docs/0.7.0-SNAPSHOT: ./ development/ displaysystem/ install/ rest-api/ security/

[mi...@apache.org]

Modified: zeppelin/site/docs/0.7.0-SNAPSHOT/security/shiroauthentication.html
URL: http://svn.apache.org/viewvc/zeppelin/site/docs/0.7.0-SNAPSHOT/security/shiroauthentication.html?rev=1768149&r1=1768148&r2=1768149&view=diff
==============================================================================
--- zeppelin/site/docs/0.7.0-SNAPSHOT/security/shiroauthentication.html (original)
+++ zeppelin/site/docs/0.7.0-SNAPSHOT/security/shiroauthentication.html Sat Nov  5 04:49:29 2016
@@ -215,7 +215,12 @@ limitations under the License.
 
 <p>You can setup <strong>Zeppelin notebook authentication</strong> in some simple steps.</p>
 
-<h3>1. Secure the HTTP channel</h3>
+<h3>1. Enable Shiro</h3>
+
+<p>By default in <code>conf</code>, you will find <code>shiro.ini.template</code>, this file is used as an example and it is strongly recommended
+to create a <code>shiro.ini</code> file by doing the following command line <code>cp conf/shiro.ini.template conf/shiro.ini</code>.</p>
+
+<h3>2. Secure the HTTP channel</h3>
 
 <p>To secure the HTTP channel, you have to change both <strong>anon</strong> and <strong>authc</strong> settings in <code>conf/shiro.ini</code>. In here, <strong>anon</strong> means &quot;the access is anonymous&quot; and <strong>authc</strong> means &quot;formed auth security&quot;.</p>
 
@@ -229,16 +234,16 @@ limitations under the License.
 </code></pre></div>
 <p>For the further information about  <code>shiro.ini</code> file format, please refer to <a href="http://shiro.apache.org/configuration.html#Configuration-INISections">Shiro Configuration</a>.</p>
 
-<h3>2. Secure the Websocket channel</h3>
+<h3>3. Secure the Websocket channel</h3>
 
 <p>Set to property <strong>zeppelin.anonymous.allowed</strong> to <strong>false</strong> in <code>conf/zeppelin-site.xml</code>. If you don&#39;t have this file yet, just copy <code>conf/zeppelin-site.xml.template</code> to <code>conf/zeppelin-site.xml</code>.</p>
 
-<h3>3. Start Zeppelin</h3>
+<h3>4. Start Zeppelin</h3>
 <div class="highlight"><pre><code class="text language-text" data-lang="text">bin/zeppelin-daemon.sh start (or restart)
 </code></pre></div>
 <p>Then you can browse Zeppelin at <a href="http://localhost:8080">http://localhost:8080</a>.</p>
 
-<h3>4. Login</h3>
+<h3>5. Login</h3>
 
 <p>Finally, you can login using one of the below <strong>username/password</strong> combinations.</p>
 
@@ -326,8 +331,8 @@ securityManager.realms = $zeppelinHubRea
 
 <h2>Secure your Zeppelin information (optional)</h2>
 
-<p>By default, anyone who defined in <code>[users]</code> can share <strong>Interpreter Setting</strong>, <strong>Credential</strong> and <strong>Configuration</strong> information in Apache Zeppelin. 
-Sometimes you might want to hide these information for your use case. 
+<p>By default, anyone who defined in <code>[users]</code> can share <strong>Interpreter Setting</strong>, <strong>Credential</strong> and <strong>Configuration</strong> information in Apache Zeppelin.
+Sometimes you might want to hide these information for your use case.
 Since Shiro provides <strong>url-based security</strong>, you can hide the information by commenting or uncommenting these below lines in <code>conf/shiro.ini</code>.</p>
 <div class="highlight"><pre><code class="text language-text" data-lang="text">[urls]
 
@@ -335,7 +340,7 @@ Since Shiro provides <strong>url-based s
 /api/configurations/** = authc, roles[admin]
 /api/credential/** = authc, roles[admin]
 </code></pre></div>
-<p>In this case, only who have <code>admin</code> role can see <strong>Interpreter Setting</strong>, <strong>Credential</strong> and <strong>Configuration</strong> information. 
+<p>In this case, only who have <code>admin</code> role can see <strong>Interpreter Setting</strong>, <strong>Credential</strong> and <strong>Configuration</strong> information.
 If you want to grant this permission to other users, you can change <strong>roles[ ]</strong> as you defined at <code>[users]</code> section.</p>
 
 <p><br/></p>