correct comment in SECURITY-README and keep anonymous policy by default in zeppelin-site.xml.template

hayssams · hayssams · commit 96d1fac50a2c · 2016-01-01T11:53:37.000+02:00
diff --git a/SECURITY-README.md b/SECURITY-README.md
@@ -21,7 +21,7 @@ This a a first step toward full security as implemented by this pull request (ht
 
 #Security setup
 1. Secure the HTTP channel: Comment the line "/** = anon" and uncomment the line "/** = authcBasic" in the file conf/shiro.ini. Read more about he shiro.ini file format at the following URL http://shiro.apache.org/configuration.html#Configuration-INISections.  
-2. Secure the Websocket channel : Set to property "zeppelin.anonymous.allowed" to "true" in the file conf/zeppelin-site.xml. You can start by renaming conf/zeppelin-site.xml.template to conf/zeppelin-site.xml
+2. Secure the Websocket channel : Set to property "zeppelin.anonymous.allowed" to "false" in the file conf/zeppelin-site.xml. You can start by renaming conf/zeppelin-site.xml.template to conf/zeppelin-site.xml
 3. Start Zeppelin : bin/zeppelin.sh
 4. point your browser to http://localhost:8080
 5. Login using one of the user/password combinations defined in the conf/shiro.ini file.
diff --git a/conf/zeppelin-site.xml.template b/conf/zeppelin-site.xml.template
@@ -182,7 +182,7 @@
 
 <property>
   <name>zeppelin.anonymous.allowed</name>
-  <value>false</value>
+  <value>true</value>
   <description>Anonymous user allowed by default</description>
 </property>
 
