Repository: zeppelin Updated Branches: refs/heads/master f83d012a2 -> 90decd2a1
[DOCS] Remove outdated 'Security Setup' section in SECURITY-README ### What is this PR for? [SECURITY-README.md](https://github.com/apache/zeppelin/blob/master/SECURITY-README.md) was added by #53 when Shiro auth was implemented for the first time. But I think we need to keep "Security Setup" information in one source; [Official docs website](https://zeppelin.apache.org/docs/0.7.0-SNAPSHOT/security/shiroauthentication.html#security-setup) and guide ppl to see this official docs page so that `SECURITY-README.md` can only contain dev related contents (not step by step setup guide). ### What type of PR is it? Documentation ### What is the Jira issue? N/A ### How should this be tested? Just clicking "View" would be enough I guess :) ### Questions: * Does the licenses files need update? N/A * Is there breaking changes for older versions? N/A * Does this needs documentation? N/A Author: AhyoungRyu <fbdkdu...@hanmail.net> Closes #1829 from AhyoungRyu/remove/duplicatedSection and squashes the following commits: d4b80b8 [AhyoungRyu] Minor update 8ce33be [AhyoungRyu] Remove note sentence 3e867ac [AhyoungRyu] Fix wired numbering d908da9 [AhyoungRyu] Remove outdated 'Security Setup' section in SECURITY-README Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/90decd2a Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/90decd2a Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/90decd2a Branch: refs/heads/master Commit: 90decd2a1facdc99a9de262670879c0d92c5b29d Parents: f83d012 Author: AhyoungRyu <fbdkdu...@hanmail.net> Authored: Tue Jan 3 12:00:23 2017 +0900 Committer: ahyoungryu <ahyoung...@apache.org> Committed: Wed Jan 4 11:01:54 2017 +0900 ---------------------------------------------------------------------- SECURITY-README.md | 7 +------ docs/security/shiroauthentication.md | 10 +++++----- 2 files changed, 6 insertions(+), 11 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/zeppelin/blob/90decd2a/SECURITY-README.md ---------------------------------------------------------------------- diff --git a/SECURITY-README.md b/SECURITY-README.md index 4a6ca94..4ef7440 100644 --- a/SECURITY-README.md +++ b/SECURITY-README.md @@ -16,12 +16,7 @@ limitations under the License. To connect to Zeppelin, users will be asked to enter their credentials. Once logged, a user has access to all notes including other users notes. This a a first step toward full security as implemented by this pull request (https://github.com/apache/zeppelin/pull/53). -# Security setup -1. Secure the HTTP channel: Comment the line "/** = anon" and uncomment the line "/** = authc" in the file conf/shiro.ini. Read more about he shiro.ini file format at the following URL http://shiro.apache.org/configuration.html#Configuration-INISections. -2. Secure the Websocket channel : Set to property "zeppelin.anonymous.allowed" to "false" in the file conf/zeppelin-site.xml. You can start by renaming conf/zeppelin-site.xml.template to conf/zeppelin-site.xml -3. Start Zeppelin : bin/zeppelin.sh -4. point your browser to http://localhost:8080 -5. Login using one of the user/password combinations defined in the conf/shiro.ini file. +Please check [Shiro authentication in Apache Zeppelin](https://zeppelin.apache.org/docs/snapshot/security/shiroauthentication.html) in our official website for more detailed information(e.g. How to setup the security, How to configure user groups and permissions, and etc). # Implementation notes ## Vocabulary http://git-wip-us.apache.org/repos/asf/zeppelin/blob/90decd2a/docs/security/shiroauthentication.md ---------------------------------------------------------------------- diff --git a/docs/security/shiroauthentication.md b/docs/security/shiroauthentication.md index de015b9..edf202f 100644 --- a/docs/security/shiroauthentication.md +++ b/docs/security/shiroauthentication.md @@ -41,10 +41,10 @@ cp conf/shiro.ini.template conf/shiro.ini For the further information about `shiro.ini` file format, please refer to [Shiro Configuration](http://shiro.apache.org/configuration.html#Configuration-INISections). -### 3. Secure the Websocket channel +### 2. Secure the Websocket channel Set to property **zeppelin.anonymous.allowed** to **false** in `conf/zeppelin-site.xml`. If you don't have this file yet, just copy `conf/zeppelin-site.xml.template` to `conf/zeppelin-site.xml`. -### 4. Start Zeppelin +### 3. Start Zeppelin ``` bin/zeppelin-daemon.sh start (or restart) @@ -52,7 +52,7 @@ bin/zeppelin-daemon.sh start (or restart) Then you can browse Zeppelin at [http://localhost:8080](http://localhost:8080). -### 5. Login +### 4. Login Finally, you can login using one of the below **username/password** combinations. <center><img src="../assets/themes/zeppelin/img/docs-img/zeppelin-login.png"></center> @@ -161,7 +161,7 @@ zeppelinHubRealm.zeppelinhubUrl = https://www.zeppelinhub.com securityManager.realms = $zeppelinHubRealm ``` -> Note: ZeppelinHub is not releated to apache Zeppelin project. +> Note: ZeppelinHub is not releated to Apache Zeppelin project. ## Secure your Zeppelin information (optional) By default, anyone who defined in `[users]` can share **Interpreter Setting**, **Credential** and **Configuration** information in Apache Zeppelin. @@ -180,7 +180,7 @@ In this case, only who have `admin` role can see **Interpreter Setting**, **Cred If you want to grant this permission to other users, you can change **roles[ ]** as you defined at `[users]` section. <br/> -> **NOTE :** All of the above configurations are defined in the `conf/shiro.ini` file. This documentation is originally from [SECURITY-README.md](https://github.com/apache/zeppelin/blob/master/SECURITY-README.md). +> **NOTE :** All of the above configurations are defined in the `conf/shiro.ini` file. ## Other authentication methods
