You can check http://shiro.apache.org/configuration.html#Configuration-EncryptingPasswords http://shiro.apache.org/command-line-hasher.html
It looks useful to encrypt user's password. Document says it works for any other type of resources as well. I didn't tried it but hope it works your case, too. Thanks, moon On Mon, Aug 1, 2016 at 10:08 PM Polina Marasanova < polina.marasan...@quantium.com.au> wrote: > Hi everyone, > > I'm using Zeppelin with Active Directory authentication. Our LDAP server > requires authentication as well. > The problem that in shiro.ini ldap password is still visible and user can > browse it via %sh interpreter > > activeDirectoryRealm.systemUsername = my_login > activeDirectoryRealm.systemPassword = secret > > What would be a good way to secure ldap password? > > Cheers, > > Polina Marasanova
