Repository: zeppelin Updated Branches: refs/heads/master 968bda800 -> effc28a1f
[ZEPPELIN-2659] Let WebEnvironment initialize SecurityManager. ### What is this PR for? This commit disables generating a Shiro `SecurityManager` from the `IniSecurityManagerFactory`, and instead let's the `WebEnvironment` instantiate the `SecurityManager`. The `initParameter` "staticSecurityManagerEnabled" ensures this `SecurityManager` is set and available for use. Overall, this prevents the double parsing of `shiro.ini`, which can cause double instantiation. This is particularly thorny with things like EHCache, which need uniquely named caches, and will throw an exception if a cache with the same name already exists. ### What type of PR is it? [Bug Fix ] ### Todos ### What is the Jira issue? [ZEPPELIN-2659](https://issues.apache.org/jira/browse/ZEPPELIN-2659) ### How should this be tested? - Enable Shiro by copying the shiro.ini.template to shiro.ini. Attempt logging in as a user. - Enable WebSessions and EHCache by adding the following lines to the `[main]` section of shiro.ini, and attempt logging in. ``` [main] ... sessionManager = org.apache.shiro.web.session.mgt.DefaultWebSessionManager securityManager.sessionManager = $sessionManager sessionDAO = org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO securityManager.sessionManager.sessionDAO = $sessionDAO cacheManager = org.apache.shiro.cache.ehcache.EhCacheManager securityManager.cacheManager = $cacheManager ``` ### Screenshots (if appropriate) ### Questions: * Does the licenses files need update? * No. * Is there breaking changes for older versions? * No. * Does this needs documentation? * No. Author: Jonathan Tinkham <jonathantink...@fico.com> Closes #2453 from sctincman/ZEPPELIN-2659 and squashes the following commits: d4e0979 [Jonathan Tinkham] ZEPPELIN-2659 Let WebEnvironment initialize SecurityManager. Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/effc28a1 Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/effc28a1 Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/effc28a1 Branch: refs/heads/master Commit: effc28a1f15d3b714b3b9013c524fbb798282cb9 Parents: 968bda8 Author: Jonathan Tinkham <jonathantink...@fico.com> Authored: Thu Jun 29 15:33:05 2017 -0600 Committer: Lee moon soo <m...@apache.org> Committed: Sun Jul 2 20:04:38 2017 +0900 ---------------------------------------------------------------------- .../main/java/org/apache/zeppelin/server/ZeppelinServer.java | 5 +++-- .../main/java/org/apache/zeppelin/utils/SecurityUtils.java | 7 ++----- 2 files changed, 5 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/zeppelin/blob/effc28a1/zeppelin-server/src/main/java/org/apache/zeppelin/server/ZeppelinServer.java ---------------------------------------------------------------------- diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/server/ZeppelinServer.java b/zeppelin-server/src/main/java/org/apache/zeppelin/server/ZeppelinServer.java index 826ae5f..7453470 100644 --- a/zeppelin-server/src/main/java/org/apache/zeppelin/server/ZeppelinServer.java +++ b/zeppelin-server/src/main/java/org/apache/zeppelin/server/ZeppelinServer.java @@ -328,8 +328,9 @@ public class ZeppelinServer extends Application { String shiroIniPath = conf.getShiroPath(); if (!StringUtils.isBlank(shiroIniPath)) { webapp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString()); - SecurityUtils.initSecurityManager(shiroIniPath); - webapp.addFilter(ShiroFilter.class, "/api/*", EnumSet.allOf(DispatcherType.class)); + SecurityUtils.setIsEnabled(true); + webapp.addFilter(ShiroFilter.class, "/api/*", EnumSet.allOf(DispatcherType.class)) + .setInitParameter("staticSecurityManagerEnabled", "true"); webapp.addEventListener(new EnvironmentLoaderListener()); } } http://git-wip-us.apache.org/repos/asf/zeppelin/blob/effc28a1/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java ---------------------------------------------------------------------- diff --git a/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java b/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java index 19eb980..b2029ec 100644 --- a/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java +++ b/zeppelin-server/src/main/java/org/apache/zeppelin/utils/SecurityUtils.java @@ -52,11 +52,8 @@ public class SecurityUtils { private static boolean isEnabled = false; private static final Logger log = LoggerFactory.getLogger(SecurityUtils.class); - public static void initSecurityManager(String shiroPath) { - IniSecurityManagerFactory factory = new IniSecurityManagerFactory("file:" + shiroPath); - SecurityManager securityManager = factory.getInstance(); - org.apache.shiro.SecurityUtils.setSecurityManager(securityManager); - isEnabled = true; + public static void setIsEnabled(boolean value) { + isEnabled = value; } public static Boolean isValidOrigin(String sourceHost, ZeppelinConfiguration conf)
