correct comment in SECURITY-README and keep anonymous policy by defau…

…lt in zeppelin-site.xml.template
apache · Jan 1, 2016 · 96d1fac · 96d1fac
1 parent 6fd9982
commit 96d1fac
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/SECURITY-README.md b/SECURITY-README.md
@@ -21,7 +21,7 @@ This a a first step toward full security as implemented by this pull request (ht
 
 #Security setup
 1. Secure the HTTP channel: Comment the line "/** = anon" and uncomment the line "/** = authcBasic" in the file conf/shiro.ini. Read more about he shiro.ini file format at the following URL http://shiro.apache.org/configuration.html#Configuration-INISections.  
-2. Secure the Websocket channel : Set to property "zeppelin.anonymous.allowed" to "true" in the file conf/zeppelin-site.xml. You can start by renaming conf/zeppelin-site.xml.template to conf/zeppelin-site.xml
+2. Secure the Websocket channel : Set to property "zeppelin.anonymous.allowed" to "false" in the file conf/zeppelin-site.xml. You can start by renaming conf/zeppelin-site.xml.template to conf/zeppelin-site.xml
 3. Start Zeppelin : bin/zeppelin.sh
 4. point your browser to http://localhost:8080
 5. Login using one of the user/password combinations defined in the conf/shiro.ini file.

diff --git a/conf/zeppelin-site.xml.template b/conf/zeppelin-site.xml.template
@@ -182,7 +182,7 @@
 
 <property>
   <name>zeppelin.anonymous.allowed</name>
-  <value>false</value>
+  <value>true</value>
   <description>Anonymous user allowed by default</description>
 </property>