You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kylin.apache.org by "wu.kehua (Jira)" <ji...@apache.org> on 2019/11/27 06:36:00 UTC

[jira] [Created] (KYLIN-4271) Support for LDAPs authentication of Kylin

wu.kehua created KYLIN-4271:
-------------------------------

             Summary: Support for LDAPs authentication of Kylin
                 Key: KYLIN-4271
                 URL: https://issues.apache.org/jira/browse/KYLIN-4271
             Project: Kylin
          Issue Type: New Feature
          Components: Security
    Affects Versions: v3.0.0
            Reporter: wu.kehua
            Assignee: wu.kehua


Kylin's user authentication is normal when connecting to an LDAP server with the LDAP protocol enabled. However, the LDAP protocol is transmitted in plain text and there are security risks. Therefore, the LDAP server that uses the LDAPs protocol needs to be enabled. The LDAPs protocol supports encrypted transmission. After configuring the LDAP related configuration in kylin.properties, Kylin server cannot connect to the LDAP server for user authentication.

The Kylin log shows the error log, as follows, you can also see the detail log in attachment.
{code:java}
Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: 
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
{code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)