You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kylin.apache.org by "Wu Xiang (JIRA)" <ji...@apache.org> on 2016/02/04 09:34:39 UTC
[jira] [Updated] (KYLIN-1401) Passwords in kylin.properties should
be enctrypted
[ https://issues.apache.org/jira/browse/KYLIN-1401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Wu Xiang updated KYLIN-1401:
----------------------------
Issue Type: Improvement (was: Bug)
> Passwords in kylin.properties should be enctrypted
> --------------------------------------------------
>
> Key: KYLIN-1401
> URL: https://issues.apache.org/jira/browse/KYLIN-1401
> Project: Kylin
> Issue Type: Improvement
> Components: Client - CLI
> Affects Versions: v1.2
> Reporter: Wu Xiang
> Fix For: 1.2
>
>
> When integrating LDAP authentication in Kylin, people might run into the following error message. One possible reason is that Kylin actually requires passwords in kylin.properties be encrypted.
> {quote}
> Invalid bean definition with name 'ldapSource' defined in class path resource \[kylinSecurity.xm\]: Input length must be multiple of 16 when decrypting with padded cipher
> {quote}
> Related code for passwords decryption is as follows:
> {code:title=PasswordPlaceholderConfigurer.java|borderStyle=solid}
> protected String resolvePlaceholder(String placeholder, Properties props) {
> if (placeholder.toLowerCase().contains("password")) {
> return decrypt(props.getProperty(placeholder));
> } else {
> return props.getProperty(placeholder);
> }
> }
> {code}
> Related discussion in mailing list: [Link|http://mail-archives.apache.org/mod_mbox/kylin-user/201602.mbox/%3CCAJxfx2ANpe0rG1Vm1R_Sdh4XZuNP3FCswXmv1_xFUVSpdOkH_A%40mail.gmail.com%3E]
> In this ticket, I would propose a CLI tool for password encryption for Kylin, and add related documentation in [How to Enable Security with LDAP and SSO|http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)