Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-1840

Fully qualified username can not be used for login when principalSuffix is defined

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 0.7.0
    • Fix Version/s: 0.7.0
    • Component/s: security
    • Labels:

      Description

      When Zeppelin is configured against Active Directory for user authentication, by default, fully qualified user names are allowed. E.g. user1@DOMAIN.COM

      User can be spared from typing the long domain name each time by specifying "activeDirectoryGroupRealm.principalSuffix = @DOMAIN.COM" in shiro.ini. Now user can just specify short username i.e. "user1" during login.

      Problem:
      When principalSuffix is defined in shiro.ini, only the short username are allowed and any attempt with fully qualified user name will result in the login error.

      Excepted Behavior:
      Zeppelin UI should allow both username formats (short and fully qualified) when principalSuffix is defined

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                vrathor-hw Vipin Rathor
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: