You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zeppelin.apache.org by mo...@apache.org on 2016/05/18 21:30:47 UTC

svn commit: r1744456 - in /incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT: ./ assets/themes/zeppelin/img/screenshots/ security/

Author: moon
Date: Wed May 18 21:30:47 2016
New Revision: 1744456

URL: http://svn.apache.org/viewvc?rev=1744456&view=rev
Log:
https://github.com/apache/incubator-zeppelin/pull/877

Removed:
    incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/assets/themes/zeppelin/img/screenshots/authentication-basic-auth-nginx-https.png
    incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/assets/themes/zeppelin/img/screenshots/authentication-basic-auth-nginx-request.png
Modified:
    incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/atom.xml
    incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/rss.xml
    incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/security/authentication.html
    incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/sitemap.txt

Modified: incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/atom.xml
URL: http://svn.apache.org/viewvc/incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/atom.xml?rev=1744456&r1=1744455&r2=1744456&view=diff
==============================================================================
--- incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/atom.xml (original)
+++ incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/atom.xml Wed May 18 21:30:47 2016
@@ -4,7 +4,7 @@
  <title>Apache Zeppelin (incubating)</title>
  <link href="http://zeppelin.incubator.apache.org/" rel="self"/>
  <link href="http://zeppelin.incubator.apache.org"/>
- <updated>2016-05-18T14:19:55-07:00</updated>
+ <updated>2016-05-18T14:30:55-07:00</updated>
  <id>http://zeppelin.incubator.apache.org</id>
  <author>
    <name>The Apache Software Foundation</name>

Modified: incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/rss.xml
URL: http://svn.apache.org/viewvc/incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/rss.xml?rev=1744456&r1=1744455&r2=1744456&view=diff
==============================================================================
--- incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/rss.xml (original)
+++ incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/rss.xml Wed May 18 21:30:47 2016
@@ -5,8 +5,8 @@
         <description>Apache Zeppelin (incubating) - The Apache Software Foundation</description>
         <link>http://zeppelin.incubator.apache.org</link>
         <link>http://zeppelin.incubator.apache.org</link>
-        <lastBuildDate>2016-05-18T14:19:55-07:00</lastBuildDate>
-        <pubDate>2016-05-18T14:19:55-07:00</pubDate>
+        <lastBuildDate>2016-05-18T14:30:55-07:00</lastBuildDate>
+        <pubDate>2016-05-18T14:30:55-07:00</pubDate>
         <ttl>1800</ttl>
 
 

Modified: incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/security/authentication.html
URL: http://svn.apache.org/viewvc/incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/security/authentication.html?rev=1744456&r1=1744455&r2=1744456&view=diff
==============================================================================
--- incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/security/authentication.html (original)
+++ incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/security/authentication.html Wed May 18 21:30:47 2016
@@ -197,34 +197,35 @@ Here are instructions how to accomplish
 <ol>
 <li><p>Install NGINX server on your server instance</p>
 
-<p>You can install NGINX server with same machine where zeppelin installed or separate machine where it is dedicated to serve as proxy server.</p>
+<p>You can install NGINX server with same box where zeppelin installed or separate box where it is dedicated to serve as proxy server.</p>
 <div class="highlight"><pre><code class="text language-text" data-lang="text">$ apt-get install nginx
-</code></pre></div></li>
+</code></pre></div>
+<p><em>Important: On pre 1.3.13 version of NGINX, Proxy for Websocket may not fully works. Please use latest version of NGINX. See: <a href="https://www.nginx.com/blog/websocket-nginx/">NGINX documentation</a></em></p></li>
 <li><p>Setup init script in NGINX</p>
 
 <p>In most cases, NGINX configuration located under <code>/etc/nginx/sites-available</code>. Create your own configuration or add your existing configuration at <code>/etc/nginx/sites-available</code>.</p>
 <div class="highlight"><pre><code class="text language-text" data-lang="text">$ cd /etc/nginx/sites-available
-$ touch my-basic-auth
+$ touch my-zeppelin-auth-setting
 </code></pre></div>
-<p>Now add this script into <code>my-basic-auth</code> file. You can comment out <code>optional</code> lines If you want serve Zeppelin under regular HTTP 80 Port.</p>
+<p>Now add this script into <code>my-zeppelin-auth-setting</code> file. You can comment out <code>optional</code> lines If you want serve Zeppelin under regular HTTP 80 Port.</p>
 <div class="highlight"><pre><code class="text language-text" data-lang="text">upstream zeppelin {
-    server [YOUR-ZEPPELIN-SERVER-IP]:8080;
+    server [YOUR-ZEPPELIN-SERVER-IP]:[YOUR-ZEPPELIN-SERVER-PORT];   # For security, It is highly recommended to make this address/port as non-public accessible
 }
 
 # Zeppelin Website
 server {
     listen [YOUR-ZEPPELIN-WEB-SERVER-PORT];
-    listen 443 ssl;  # optional, to serve HTTPS connection
-    server_name [YOUR-ZEPPELIN-SERVER-HOST];    # for example: zeppelin.mycompany.com
+    listen 443 ssl;                                      # optional, to serve HTTPS connection
+    server_name [YOUR-ZEPPELIN-SERVER-HOST];             # for example: zeppelin.mycompany.com
 
     ssl_certificate [PATH-TO-YOUR-CERT-FILE];            # optional, to serve HTTPS connection
     ssl_certificate_key [PATH-TO-YOUR-CERT-KEY-FILE];    # optional, to serve HTTPS connection
 
     if ($ssl_protocol = &quot;&quot;) {
-        rewrite ^ https://$host$request_uri? permanent;        # optional, force to use HTTPS
+        rewrite ^ https://$host$request_uri? permanent;  # optional, to force use of HTTPS
     }
 
-    location / {
+    location / {    # For regular websever support
         proxy_pass http://zeppelin;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -235,7 +236,7 @@ server {
         auth_basic_user_file /etc/nginx/.htpasswd;
     }
 
-    location /ws {
+    location /ws {  # For websocket support
         proxy_pass http://zeppelin;
         proxy_http_version 1.1;
         proxy_set_header Upgrade websocket;
@@ -245,25 +246,22 @@ server {
 }
 </code></pre></div>
 <p>Then make a symbolic link to this file from <code>/etc/nginx/sites-enabled/</code> to enable configuration above when NGINX reloads.</p>
-<div class="highlight"><pre><code class="text language-text" data-lang="text">$ ln -s /etc/nginx/sites-enabled/my-basic-auth /etc/nginx/sites-available/my-basic-auth
+<div class="highlight"><pre><code class="text language-text" data-lang="text">$ ln -s /etc/nginx/sites-enabled/my-zeppelin-auth-setting /etc/nginx/sites-available/my-zeppelin-auth-setting
 </code></pre></div></li>
 <li><p>Setup user credential into <code>.htpasswd</code> file and restart server</p>
 
 <p>Now you need to setup <code>.htpasswd</code> file to serve list of authenticated user credentials for NGINX server.</p>
 <div class="highlight"><pre><code class="text language-text" data-lang="text">$ cd /etc/nginx
-$ htpasswd -c htpasswd [YOUR_ID]
-$ NEW passwd: [YOUR_PASSWORD]
-$ RE-type new passwd: [YOUR_PASSWORD_AGAIN]
+$ htpasswd -c htpasswd [YOUR-ID]
+$ NEW passwd: [YOUR-PASSWORD]
+$ RE-type new passwd: [YOUR-PASSWORD-AGAIN]
 </code></pre></div>
-<p>Or you can use your own apache <code>.htpasswd</code> files in other location by setup property <code>auth_basic_user_file</code></p>
+<p>Or you can use your own apache <code>.htpasswd</code> files in other location for setting up property: <code>auth_basic_user_file</code></p>
 
 <p>Restart NGINX server.</p>
 <div class="highlight"><pre><code class="text language-text" data-lang="text">$ service nginx restart
 </code></pre></div>
-<p>Then check HTTP Basic Authentication works in browser. If you can see regular basic auth popup and then able to login with credential you entered into <code>.htpasswd</code> you are good to go.</p>
-
-<p><img src="/assets/themes/zeppelin/img/screenshots/authentication-basic-auth-nginx-request.png" />
-<img src="/assets/themes/zeppelin/img/screenshots/authentication-basic-auth-nginx-https.png" /></p></li>
+<p>Then check HTTP Basic Authentication works in browser. If you can see regular basic auth popup and then able to login with credential you entered into <code>.htpasswd</code> you are good to go.</p></li>
 <li><p>More security consideration</p></li>
 </ol>
 

Modified: incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/sitemap.txt
URL: http://svn.apache.org/viewvc/incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/sitemap.txt?rev=1744456&r1=1744455&r2=1744456&view=diff
==============================================================================
--- incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/sitemap.txt (original)
+++ incubator/zeppelin/site/docs/0.6.0-incubating-SNAPSHOT/sitemap.txt Wed May 18 21:30:47 2016
@@ -2,6 +2,7 @@
 http://zeppelin.incubator.apache.org/atom.xml
 http://zeppelin.incubator.apache.org/development/howtocontribute.html
 http://zeppelin.incubator.apache.org/development/howtocontributewebsite.html
+http://zeppelin.incubator.apache.org/development/writingheliumapplication.html
 http://zeppelin.incubator.apache.org/development/writingzeppelininterpreter.html
 http://zeppelin.incubator.apache.org/displaysystem/back-end-angular.html
 http://zeppelin.incubator.apache.org/displaysystem/display.html