You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kylin.apache.org by "Shaofeng SHI (JIRA)" <ji...@apache.org> on 2017/04/20 05:13:04 UTC
[jira] [Resolved] (KYLIN-2416) Max LDAP password length is 15 chars
[ https://issues.apache.org/jira/browse/KYLIN-2416?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shaofeng SHI resolved KYLIN-2416.
---------------------------------
Resolution: Duplicate
Fix Version/s: v2.0.0
This issue is fixed with KYLIN-2305, you can download Kylin 2.0 beta to verify.
> Max LDAP password length is 15 chars
> ------------------------------------
>
> Key: KYLIN-2416
> URL: https://issues.apache.org/jira/browse/KYLIN-2416
> Project: Kylin
> Issue Type: Bug
> Environment: HDP 2.5.3
> Kylin 1.6.0
> Reporter: Berry Ă–sterlund
> Fix For: v2.0.0
>
>
> Hi
> Max length of the LDAP password is 15 chars. 16 chars and more will give this error during startup of Kylin.
> {quote}
> 2017-01-24 07:12:06,110 WARN [localhost-startStop-1] support.XmlWebApplicationContext:487 : Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'ldapSource' defined in class path resource [kylinSecurity.xml]: Input length must be multiple of 16 when decrypting with padded cipher; nested exception is java.lang.RuntimeException: Input length must be multiple of 16 when decrypting with padded cipher
> 2017-01-24 07:12:06,111 ERROR [localhost-startStop-1] context.ContextLoader:331 : Context initialization failed
> org.springframework.beans.factory.BeanDefinitionStoreException: Invalid bean definition with name 'ldapSource' defined in class path resource [kylinSecurity.xml]: Input length must be multiple of 16 when decrypting with padded cipher; nested exception is java.lang.RuntimeException: Input length must be multiple of 16 when decrypting with padded cipher
> at org.springframework.beans.factory.config.PlaceholderConfigurerSupport.doProcessProperties(PlaceholderConfigurerSupport.java:209)
> at org.springframework.beans.factory.config.PropertyPlaceholderConfigurer.processProperties(PropertyPlaceholderConfigurer.java:222)
> at org.springframework.beans.factory.config.PropertyResourceConfigurer.postProcessBeanFactory(PropertyResourceConfigurer.java:84)
> at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:699)
> at org.springframework.context.support.AbstractApplicationContext.invokeBeanFactoryPostProcessors(AbstractApplicationContext.java:674)
> at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:461)
> at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:410)
> at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:306)
> at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:112)
> at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:5068)
> at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5584)
> at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)
> at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:899)
> at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:875)
> at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:652)
> at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:1092)
> at org.apache.catalina.startup.HostConfig$DeployWar.run(HostConfig.java:1984)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.RuntimeException: Input length must be multiple of 16 when decrypting with padded cipher
> at org.apache.kylin.rest.security.PasswordPlaceholderConfigurer.decrypt(PasswordPlaceholderConfigurer.java:84)
> at org.apache.kylin.rest.security.PasswordPlaceholderConfigurer.resolvePlaceholder(PasswordPlaceholderConfigurer.java:90)
> at org.springframework.beans.factory.config.PropertyPlaceholderConfigurer.resolvePlaceholder(PropertyPlaceholderConfigurer.java:162)
> at org.springframework.beans.factory.config.PropertyPlaceholderConfigurer$PropertyPlaceholderConfigurerResolver.resolvePlaceholder(PropertyPlaceholderConfigurer.java:272)
> at org.springframework.util.PropertyPlaceholderHelper.parseStringValue(PropertyPlaceholderHelper.java:146)
> at org.springframework.util.PropertyPlaceholderHelper.replacePlaceholders(PropertyPlaceholderHelper.java:125)
> at org.springframework.beans.factory.config.PropertyPlaceholderConfigurer$PlaceholderResolvingStringValueResolver.resolveStringValue(PropertyPlaceholderConfigurer.java:257)
> at org.springframework.beans.factory.config.BeanDefinitionVisitor.resolveStringValue(BeanDefinitionVisitor.java:282)
> at org.springframework.beans.factory.config.BeanDefinitionVisitor.resolveValue(BeanDefinitionVisitor.java:204)
> at org.springframework.beans.factory.config.BeanDefinitionVisitor.visitPropertyValues(BeanDefinitionVisitor.java:141)
> at org.springframework.beans.factory.config.BeanDefinitionVisitor.visitBeanDefinition(BeanDefinitionVisitor.java:82)
> at org.springframework.beans.factory.config.PlaceholderConfigurerSupport.doProcessProperties(PlaceholderConfigurerSupport.java:206)
> ... 21 more
> Caused by: javax.crypto.IllegalBlockSizeException: Input length must be multiple of 16 when decrypting with padded cipher
> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:934)
> at com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:845)
> at com.sun.crypto.provider.AESCipher.engineDoFinal(AESCipher.java:446)
> at javax.crypto.Cipher.doFinal(Cipher.java:2165)
> at org.apache.kylin.rest.security.PasswordPlaceholderConfigurer.decrypt(PasswordPlaceholderConfigurer.java:81)
> {quote}
> It's very easy to verify.
> java org.apache.kylin.rest.security.PasswordPlaceholderConfigurer AES 123456789012345
> AES encrypted password is:
> pLKuoHlKbRg+55tny8n2YA==
> If I put this string into ldap.password, Kylin starts up without errors (I can ofc not login, because the password is wrong.)
>
> java org.apache.kylin.rest.security.PasswordPlaceholderConfigurer AES 1234567890123456
> AES encrypted password is:
> RSvxLxIHAugtd/LBQFpGF+9fW0wb6YVnsEYgogo9w/w=
> If I put this string into ldap.password, Kylin failes to start with the "Input length must be multiple of 16 when decrypting with padded cipher" error
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)