Uploaded image for project: 'Zeppelin'
  1. Zeppelin
  2. ZEPPELIN-3107

ShiroFilter does not kick in for urls which do not contain /api* in the path

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 0.7.3
    • Fix Version/s: 0.7.3
    • Component/s: zeppelin-server
    • Labels:
      None
    • Environment:

      centos , linux environment
      Heavy server with > 8 GB ram
      zeppelin version is 0.7.3

      Description

      I am trying to enable Oauth on Zeppelin using shiro - buji-pac4j, Oauth is
      working, but shiroFilter works only urls like http://myhomelink/api but not
      for http://myhomelink, so i modified /api* to /*, it started working,
      basically this is the original code in zeppelinServer.java

      if (!StringUtils.isBlank(shiroIniPath))

      { webapp.setInitParameter("shiroConfigLocations", new File(shiroIniPath).toURI().toString()); SecurityUtils.initSecurityManager(shiroIniPath); webapp.addFilter(ShiroFilter.class, "/api/*", EnumSet.allOf(DispatcherType.class)); webapp.addEventListener(new EnvironmentLoaderListener()); }

      Shiro URLs is as below
      [urls]

      1. This section is used for url-based security.
      2. You can secure interpreter, configuration and credential information by
        urls. Comment or uncomment the below urls that you want to hide.
      3. anon means the access is anonymous.
      4. authc means Form based Auth Security
        /api/version = anon
        /callback = callbackFilter
        /api/login/logout = logoutFilter
        /** = formClientSecurityFilter
        /** = oidcSecurityFilter

      Request the experts to help me udnerstand how to ensure shiroFilter is
      getting applied to all the URLS.
      What is the necesssity of keeping it /api* instead of /*

      Regs
      Srikanth G N

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              srikgn Srikanth G N
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: