You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kylin.apache.org by "Wu Xiang (JIRA)" <ji...@apache.org> on 2016/02/04 09:30:40 UTC
[jira] [Created] (KYLIN-1401) Passwords in kylin.properties should
be enctrypted
Wu Xiang created KYLIN-1401:
-------------------------------
Summary: Passwords in kylin.properties should be enctrypted
Key: KYLIN-1401
URL: https://issues.apache.org/jira/browse/KYLIN-1401
Project: Kylin
Issue Type: Bug
Components: Client - CLI
Affects Versions: v1.2
Reporter: Wu Xiang
Fix For: 1.2
When integrating LDAP authentication in Kylin, people might run into the following error message. One possible reason is that Kylin actually requires passwords in kylin.properties be encrypted.
{quote}
Invalid bean definition with name 'ldapSource' defined in class path resource \[kylinSecurity.xm\]: Input length must be multiple of 16 when decrypting with padded cipher
{quote}
Related code for passwords decryption is as follows:
{code:title=PasswordPlaceholderConfigurer.java|borderStyle=solid}
protected String resolvePlaceholder(String placeholder, Properties props) {
if (placeholder.toLowerCase().contains("password")) {
return decrypt(props.getProperty(placeholder));
} else {
return props.getProperty(placeholder);
}
}
{code}
Related discussion in mailing list: [Link|http://mail-archives.apache.org/mod_mbox/kylin-user/201602.mbox/%3CCAJxfx2ANpe0rG1Vm1R_Sdh4XZuNP3FCswXmv1_xFUVSpdOkH_A%40mail.gmail.com%3E]
In this ticket, I would propose a CLI tool for password encryption for Kylin, and add related documentation in [How to Enable Security with LDAP and SSO|http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)