I think in authenticated mode, admin is necessary. What admin should take charge can be in the following 4 areas:
1. Interpreter setting. Admin can control a template for each interpreter, and each user's template extend this base template but can also customize his own setting. Besides that, admin can control which user can use which interpreter. Because some interpreter has some potential security issue, we should not allow everyone to use it (like shell interpreter) 2. Note and user management. Admin can control the permission of notes and users. Like which user can use which note. 3. Job management. 4. Not sure about helium. But I think admin should be responsible for helium plugins because plugins are external code which could bring some potential security issue. Besides that I have 2 concerns: 1. Is admin mandatory in shrio ? Is it possible that I enable shrio but no admin is defined ? 2. Should zeppelin take care of these or integrate the authorization of shiro and let shrio to take care of these ? e.g. We can treat interpreter and note as resource of shiro, and let shiro to control their permission and relationship. Alec Lee <alec.in...@gmail.com>于2017年2月23日周四 下午1:23写道: > We have multiple uses in our organization share same anonymous account, > which will potentially cause the problems, we hope to have true > authenticated mode. > > thanks > > AL > > On Feb 22, 2017, at 9:14 PM, Jongyoul Lee <jongy...@gmail.com> wrote: > > Hi folks, > > Recently, I've heard some new feature assumed that it needed the admin > account or similar role. But Apache Zeppelin doesn't have any admin feature > like hiding/showing menu and settings. I want to know how community thinks > about that feature. > > My first concern is that we have to consider two modes: anonymous and > authenticated. > > Feel free to start the discussion on pros and cons. > > Regards, > Jongyoul > > -- > 이종열, Jongyoul Lee, 李宗烈 > http://madeng.net > > >
