You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by sh...@apache.org on 2016/02/05 10:46:31 UTC

[2/2] kylin git commit: KYLIN-1401 Passwords in kylin.properties should be enctrypted

KYLIN-1401 Passwords in kylin.properties should be enctrypted

Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/eb5deb31
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/eb5deb31
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/eb5deb31

Branch: refs/heads/1.x-staging
Commit: eb5deb31e88f398258828f15542d68187c90ee8d
Parents: d19eb0d
Author: shaofengshi <sh...@apache.org>
Authored: Fri Feb 5 17:46:07 2016 +0800
Committer: shaofengshi <sh...@apache.org>
Committed: Fri Feb 5 17:46:07 2016 +0800

----------------------------------------------------------------------
 .../kylin/rest/security/PasswordPlaceholderConfigurer.java   | 8 +++++++-
 website/_docs/howto/howto_ldap_and_sso.md                    | 4 ++--
 2 files changed, 9 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/kylin/blob/eb5deb31/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java b/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
index d7aa119..36b498c 100644
--- a/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
+++ b/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
@@ -77,7 +77,13 @@ public class PasswordPlaceholderConfigurer extends PropertyPlaceholderConfigurer
     }
 
     public static void main(String[] args) {
+        if (args.length != 1) {
+            System.out.println("Usage: java org.apache.kylin.rest.security.PasswordPlaceholderConfigurer <your_password>");
+            System.exit(1);
+        }
+        
         BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
-        System.out.println(bCryptPasswordEncoder.encode("MODELER"));
+        System.out.println("The hash of your password is: ");
+        System.out.println(bCryptPasswordEncoder.encode(args[0]));
     }
 }

http://git-wip-us.apache.org/repos/asf/kylin/blob/eb5deb31/website/_docs/howto/howto_ldap_and_sso.md
----------------------------------------------------------------------
diff --git a/website/_docs/howto/howto_ldap_and_sso.md b/website/_docs/howto/howto_ldap_and_sso.md
index a810371..1102559 100644
--- a/website/_docs/howto/howto_ldap_and_sso.md
+++ b/website/_docs/howto/howto_ldap_and_sso.md
@@ -13,12 +13,12 @@ Kylin supports LDAP authentication for enterprise or production deployment; This
 
 #### Configure LDAP server info
 
-Firstly, provide LDAP URL, and username/password if the LDAP server is secured;
+Firstly, provide LDAP URL, and username/password if the LDAP server is secured; The password in kylin.properties need be salted; You can Google "Generate a BCrypt Password" or run org.apache.kylin.rest.security.PasswordPlaceholderConfigurer to get a hash of your password.
 
 ```
 ldap.server=ldap://<your_ldap_host>:<port>
 ldap.username=<your_user_name>
-ldap.password=<your_password>
+ldap.password=<your_password_hash>
 ```
 
 Secondly, provide the user search patterns, this is by LDAP design, here is just a sample: