Moon, Polina, Unfortunately the Shiro password hasher won't help.
Polina's use case is encrypting password of AD/LDAP that Zeppelin uses to connect to an AD/LDAP. The shiro password hasher encrypts the password that zeppelin stores when AD/LDAP is not used and user accounts are kept in shiro itself. Zeppelin-530 tracks this requirement. thanks, Vinay On Wed, Aug 3, 2016 at 10:14 AM, moon soo Lee <m...@apache.org> wrote: > You can check > > http://shiro.apache.org/configuration.html#Configuration-EncryptingPasswords > http://shiro.apache.org/command-line-hasher.html > > It looks useful to encrypt user's password. Document says it works for any > other type of resources as well. I didn't tried it but hope it works your > case, too. > > Thanks, > moon > > On Mon, Aug 1, 2016 at 10:08 PM Polina Marasanova < > polina.marasan...@quantium.com.au> wrote: > >> Hi everyone, >> >> I'm using Zeppelin with Active Directory authentication. Our LDAP server >> requires authentication as well. >> The problem that in shiro.ini ldap password is still visible and user can >> browse it via %sh interpreter >> >> activeDirectoryRealm.systemUsername = my_login >> activeDirectoryRealm.systemPassword = secret >> >> What would be a good way to secure ldap password? >> >> Cheers, >> >> Polina Marasanova > >
