add doc

prabhjyotsingh · prabhjyotsingh · commit 05c9e14ec215 · 2018-06-05T14:40:03.000+05:30
Change-Id: Icac0d2e9072370241f0c52e6a6794f31028f1aee
diff --git a/docs/setup/security/shiro_authentication.md b/docs/setup/security/shiro_authentication.md
@@ -104,6 +104,9 @@ To learn more about Apache Shiro Realm, please check [this documentation](http:/
 
 We also provide community custom Realms.
 
+**Note**: When using any of the below realms the default 
+      password-based (IniRealm) authentication needs to be disabled.
+
 ### Active Directory
 
 ```
@@ -267,13 +270,15 @@ If you want to grant this permission to other users, you can change **roles[ ]**
 
 ### Apply multiple roles in Shiro configuration
 By default, Shiro will allow access to a URL if only user is part of "**all the roles**" defined like this:
+
 ```
 [urls]
 
 /api/interpreter/** = authc, roles[admin, role1]
 ```
 
 If there is a need that user with "**any of the defined roles**" should be allowed, then following Shiro configuration can be used:
+
 ```
 [main]
 anyofroles = org.apache.zeppelin.utils.AnyOfRolesAuthorizationFilter
