Hey,
I have set up Zeppelin to use Shiro Authentication. It uses PAM (using
sshd) to limit access to users who can connect to the machine Zeppelin is
running on via ssh.
All users seem to be assigned to no role (as they should be) by default,
but how do I explicitly assign someone to a role.
I wa
What are user jzyc's uid and gid on the system?
I'm no Linux PAM guru, but :
"auth requisite pam_succeed_if.so uid >= 1000"
and
"account sufficient pam_succeed_if.so uid < 1000 quiet"
seem to be in contradiction with each other, and being in
/etc/pam.d/zeppelin, it wouldn't affect ssh.
Cheers!
-
I copy shiro.ini.template to shiro.ini
modify shiro.ini
#[users]
#admin = password1, admin
#user1 = password2, role1, role2
#user2 = password3, role3
#user3 = password4, role2
#A sample PAM configuration
pamRealm=org.apache.zeppelin.realm.PamRealm
pamRealm.service=zeppe
I copy shiro.ini.template to shiro.ini
modify shiro.ini
#[users]
#admin = password1, admin
#user1 = password2, role1, role2
#user2 = password3, role3
#user3 = password4, role2
#A sample PAM configuration
pamRealm=org.apache.zeppelin.realm.PamRealm
pamRealm.service=zeppe
That's the goal of shiro. Any extension should be working fine.
You could test thiro-libpam4j with a toy project to validate your local
env and conf, and then only apply the configs on zeppelin.
On 09/06/16 11:15, Polina Marasanova wrote:
Hello,
Probably it will be stupid question: is it pos
Hello,
Probably it will be stupid question: is it possible to do configure Apache
Shiro to use PAM file?
I found this project on github and it might be useful
https://github.com/plaflamme/shiro-libpam4j
Cheers
Polina
