zeppelin-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ahyoung...@apache.org
Subject zeppelin git commit: [DOCS] Remove outdated 'Security Setup' section in SECURITY-README
Date Wed, 04 Jan 2017 02:02:07 GMT
Repository: zeppelin
Updated Branches:
  refs/heads/master f83d012a2 -> 90decd2a1

[DOCS] Remove outdated 'Security Setup' section in SECURITY-README

### What is this PR for?
[SECURITY-README.md](https://github.com/apache/zeppelin/blob/master/SECURITY-README.md) was
added by #53 when Shiro auth was implemented for the first time. But I think we need to keep
"Security Setup" information in one source; [Official docs website](https://zeppelin.apache.org/docs/0.7.0-SNAPSHOT/security/shiroauthentication.html#security-setup)
and guide ppl to see this official docs page so that `SECURITY-README.md` can only contain
dev related contents (not step by step setup guide).

### What type of PR is it?

### What is the Jira issue?

### How should this be tested?
Just clicking "View" would be enough I guess :)

### Questions:
* Does the licenses files need update? N/A
* Is there breaking changes for older versions? N/A
* Does this needs documentation? N/A

Author: AhyoungRyu <fbdkdud93@hanmail.net>

Closes #1829 from AhyoungRyu/remove/duplicatedSection and squashes the following commits:

d4b80b8 [AhyoungRyu] Minor update
8ce33be [AhyoungRyu] Remove note sentence
3e867ac [AhyoungRyu] Fix wired numbering
d908da9 [AhyoungRyu] Remove outdated 'Security Setup' section in SECURITY-README

Project: http://git-wip-us.apache.org/repos/asf/zeppelin/repo
Commit: http://git-wip-us.apache.org/repos/asf/zeppelin/commit/90decd2a
Tree: http://git-wip-us.apache.org/repos/asf/zeppelin/tree/90decd2a
Diff: http://git-wip-us.apache.org/repos/asf/zeppelin/diff/90decd2a

Branch: refs/heads/master
Commit: 90decd2a1facdc99a9de262670879c0d92c5b29d
Parents: f83d012
Author: AhyoungRyu <fbdkdud93@hanmail.net>
Authored: Tue Jan 3 12:00:23 2017 +0900
Committer: ahyoungryu <ahyoungryu@apache.org>
Committed: Wed Jan 4 11:01:54 2017 +0900

 SECURITY-README.md                   |  7 +------
 docs/security/shiroauthentication.md | 10 +++++-----
 2 files changed, 6 insertions(+), 11 deletions(-)

index 4a6ca94..4ef7440 100644
@@ -16,12 +16,7 @@ limitations under the License.
 To connect to Zeppelin, users will be asked to enter their credentials. Once logged, a user
has access to all notes including other users notes.
 This a a first step toward full security as implemented by this pull request (https://github.com/apache/zeppelin/pull/53).
-# Security setup
-1. Secure the HTTP channel: Comment the line "/** = anon" and uncomment the line "/** = authc"
in the file conf/shiro.ini. Read more about he shiro.ini file format at the following URL
-2. Secure the Websocket channel : Set to property "zeppelin.anonymous.allowed" to "false"
in the file conf/zeppelin-site.xml. You can start by renaming conf/zeppelin-site.xml.template
to conf/zeppelin-site.xml
-3. Start Zeppelin : bin/zeppelin.sh
-4. point your browser to http://localhost:8080
-5. Login using one of the user/password combinations defined in the conf/shiro.ini file.
+Please check [Shiro authentication in Apache Zeppelin](https://zeppelin.apache.org/docs/snapshot/security/shiroauthentication.html)
in our official website for more detailed information(e.g. How to setup the security, How
to configure user groups and permissions, and etc).
 # Implementation notes
 ## Vocabulary

diff --git a/docs/security/shiroauthentication.md b/docs/security/shiroauthentication.md
index de015b9..edf202f 100644
--- a/docs/security/shiroauthentication.md
+++ b/docs/security/shiroauthentication.md
@@ -41,10 +41,10 @@ cp conf/shiro.ini.template conf/shiro.ini
 For the further information about  `shiro.ini` file format, please refer to [Shiro Configuration](http://shiro.apache.org/configuration.html#Configuration-INISections).
-### 3. Secure the Websocket channel
+### 2. Secure the Websocket channel
 Set to property **zeppelin.anonymous.allowed** to **false** in `conf/zeppelin-site.xml`.
If you don't have this file yet, just copy `conf/zeppelin-site.xml.template` to `conf/zeppelin-site.xml`.
-### 4. Start Zeppelin
+### 3. Start Zeppelin
 bin/zeppelin-daemon.sh start (or restart)
@@ -52,7 +52,7 @@ bin/zeppelin-daemon.sh start (or restart)
 Then you can browse Zeppelin at [http://localhost:8080](http://localhost:8080).
-### 5. Login
+### 4. Login
 Finally, you can login using one of the below **username/password** combinations.
 <center><img src="../assets/themes/zeppelin/img/docs-img/zeppelin-login.png"></center>
@@ -161,7 +161,7 @@ zeppelinHubRealm.zeppelinhubUrl = https://www.zeppelinhub.com
 securityManager.realms = $zeppelinHubRealm
-> Note: ZeppelinHub is not releated to apache Zeppelin project.
+> Note: ZeppelinHub is not releated to Apache Zeppelin project.
 ## Secure your Zeppelin information (optional)
 By default, anyone who defined in `[users]` can share **Interpreter Setting**, **Credential**
and **Configuration** information in Apache Zeppelin.
@@ -180,7 +180,7 @@ In this case, only who have `admin` role can see **Interpreter Setting**,
 If you want to grant this permission to other users, you can change **roles[ ]** as you defined
at `[users]` section.
-> **NOTE :** All of the above configurations are defined in the `conf/shiro.ini` file.
This documentation is originally from [SECURITY-README.md](https://github.com/apache/zeppelin/blob/master/SECURITY-README.md).
+> **NOTE :** All of the above configurations are defined in the `conf/shiro.ini` file.
 ## Other authentication methods

View raw message