Run zeppelin interpreter process as web front end user

  • Enable shiro auth in shiro.ini
user1 = password1, role1
user2 = password2, role2
  • Enable password-less ssh for the user you want to impersonate (say user1).
adduser user1
#ssh-keygen (optional if you don't already have generated ssh-key.
ssh user1@localhost mkdir -p .ssh
cat ~/.ssh/ | ssh user1@localhost 'cat >> .ssh/authorized_keys'
  • Alternatively instead of password-less, user can override ZEPPELINIMPERSONATECMD in
  • Start zeppelin server.


  • Go to interpreter setting page, and enable "User Impersonate" in any of the interpreter (in my example its shell interpreter)

  • Test with a simple paragraph


Note that usage of "User Impersonate" option will enable Spark interpreter to use --proxy-user option with current user by default. If you want to disable --proxy-user option, then refer to ZEPPELIN_IMPERSONATE_SPARK_PROXY_USER variable in conf/