You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by sh...@apache.org on 2016/02/05 10:46:31 UTC
[2/2] kylin git commit: KYLIN-1401 Passwords in kylin.properties
should be enctrypted
KYLIN-1401 Passwords in kylin.properties should be enctrypted
Project: http://git-wip-us.apache.org/repos/asf/kylin/repo
Commit: http://git-wip-us.apache.org/repos/asf/kylin/commit/eb5deb31
Tree: http://git-wip-us.apache.org/repos/asf/kylin/tree/eb5deb31
Diff: http://git-wip-us.apache.org/repos/asf/kylin/diff/eb5deb31
Branch: refs/heads/1.x-staging
Commit: eb5deb31e88f398258828f15542d68187c90ee8d
Parents: d19eb0d
Author: shaofengshi <sh...@apache.org>
Authored: Fri Feb 5 17:46:07 2016 +0800
Committer: shaofengshi <sh...@apache.org>
Committed: Fri Feb 5 17:46:07 2016 +0800
----------------------------------------------------------------------
.../kylin/rest/security/PasswordPlaceholderConfigurer.java | 8 +++++++-
website/_docs/howto/howto_ldap_and_sso.md | 4 ++--
2 files changed, 9 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/kylin/blob/eb5deb31/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java b/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
index d7aa119..36b498c 100644
--- a/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
+++ b/server/src/main/java/org/apache/kylin/rest/security/PasswordPlaceholderConfigurer.java
@@ -77,7 +77,13 @@ public class PasswordPlaceholderConfigurer extends PropertyPlaceholderConfigurer
}
public static void main(String[] args) {
+ if (args.length != 1) {
+ System.out.println("Usage: java org.apache.kylin.rest.security.PasswordPlaceholderConfigurer <your_password>");
+ System.exit(1);
+ }
+
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
- System.out.println(bCryptPasswordEncoder.encode("MODELER"));
+ System.out.println("The hash of your password is: ");
+ System.out.println(bCryptPasswordEncoder.encode(args[0]));
}
}
http://git-wip-us.apache.org/repos/asf/kylin/blob/eb5deb31/website/_docs/howto/howto_ldap_and_sso.md
----------------------------------------------------------------------
diff --git a/website/_docs/howto/howto_ldap_and_sso.md b/website/_docs/howto/howto_ldap_and_sso.md
index a810371..1102559 100644
--- a/website/_docs/howto/howto_ldap_and_sso.md
+++ b/website/_docs/howto/howto_ldap_and_sso.md
@@ -13,12 +13,12 @@ Kylin supports LDAP authentication for enterprise or production deployment; This
#### Configure LDAP server info
-Firstly, provide LDAP URL, and username/password if the LDAP server is secured;
+Firstly, provide LDAP URL, and username/password if the LDAP server is secured; The password in kylin.properties need be salted; You can Google "Generate a BCrypt Password" or run org.apache.kylin.rest.security.PasswordPlaceholderConfigurer to get a hash of your password.
```
ldap.server=ldap://<your_ldap_host>:<port>
ldap.username=<your_user_name>
-ldap.password=<your_password>
+ldap.password=<your_password_hash>
```
Secondly, provide the user search patterns, this is by LDAP design, here is just a sample: