Hi, I’m using the active directory in order to control the access to zeppelin 0.7.0. My configuration of the shiro.ini is the following:
activeDirectoryRealm = org.apache.zeppelin.realm.ActiveDirectoryGroupRealm activeDirectoryRealm.systemUsername = foo activeDirectoryRealm.systemPassword = foo activeDirectoryRealm.searchBase = OU=Utenze Applicative,OU=Administration Accounts,OU=Services Accounts,DC=corp,DC=mycompany,DC=net activeDirectoryRealm.url = ldap://host:389 activeDirectoryRealm.authorizationCachingEnabled = false What I’m tring to achieve is to restrict the access only to the user that have a property equal to a given value (e.g. countryCode=UK), in other words I need to apply a filter to the query submitted by zeppelin at login time to the ldap server in order to leave out the user that does not have the right value for the property that I’m checking. I tried to modify the class ActiveDirectoryGroupRealm and in particular the method searchForUserName updating the value of the field searchFilter used by ldpaContext.search. Unfortunately this doesn’t affect because the method searchForUserName is never called. What can I do? Where the zeppelin query ldap using the search base in order to understand if a user that is trying to login has an entry associated? Thanks in advance Riccardo Riccardo Gianpaolo Corbella Data Reply Via Robert Koch, 1/4 20152 - Milano - ITALY phone: +39 02 535761 r.corbe...@reply.it<mailto:r.corbe...@reply.it> www.reply.it [Data Reply] ________________________________ -- The information transmitted is intended for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
