Hi, Yes of course.
Currently as far as I understand Authentication and authorization is implemented by making use of Apache Shiro, correct? The intention here is to detach or not-bind Zeppelin to a specific solution by making use of standard protocols for Authentication and Authorization. Example use case: [cid:[email protected]] ------------------------------------------------------- Mário Batista NOKIA Product Owner MN GS DE Tools NPO Automation ------------------------------------------------------- From: Jongyoul Lee [mailto:[email protected]] Sent: Monday, March 20, 2017 11:22 AM To: [email protected] Cc: [email protected] Subject: Re: Zeppelin should support standard protocols for authN and AuthZ Hi, Can you explain or give me an idea for it more detail? On Mon, Mar 20, 2017 at 7:02 PM, mbatista <[email protected]<mailto:[email protected]>> wrote: In order to make Zeppelin more easy to integrate in the modern cloud environments where authentication and authorization are done by having a centralized server for all the apps, Zeppelin shall support standard protocols for IAM purposes. Regarding authentication -OpenId connect protocol Authorization -UMA protocol (user access management), which is a OAuth2.0 profile. This allows Resources owners to write their access control policies on the Authorization server and make the policy enforcement point in Zeppelin itself, for instance. A common language for policy expression can be XACML or the emerging ALFA language. -- View this message in context: http://apache-zeppelin-users-incubating-mailing-list.75479.x6.nabble.com/Zeppelin-should-support-standard-protocols-for-authN-and-AuthZ-tp5247.html Sent from the Apache Zeppelin Users (incubating) mailing list mailing list archive at Nabble.com. -- 이종열, Jongyoul Lee, 李宗烈 http://madeng.net
