[
https://issues.apache.org/jira/browse/KYLIN-1401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Shaofeng SHI closed KYLIN-1401.
-------------------------------
> Passwords in kylin.properties should be enctrypted
> --------------------------------------------------
>
> Key: KYLIN-1401
> URL: https://issues.apache.org/jira/browse/KYLIN-1401
> Project: Kylin
> Issue Type: Improvement
> Components: Client - CLI
> Affects Versions: v1.2
> Reporter: Wu Xiang
> Assignee: Shaofeng SHI
> Priority: Major
> Fix For: v1.5.0
>
>
> When integrating LDAP authentication in Kylin, people might run into the
> following error message. One possible reason is that Kylin actually requires
> passwords in kylin.properties be encrypted.
> {quote}
> Invalid bean definition with name 'ldapSource' defined in class path resource
> \[kylinSecurity.xm\]: Input length must be multiple of 16 when decrypting
> with padded cipher
> {quote}
> Related code for passwords decryption is as follows:
> {code:title=PasswordPlaceholderConfigurer.java|borderStyle=solid}
> protected String resolvePlaceholder(String placeholder, Properties props)
> {
> if (placeholder.toLowerCase().contains("password")) {
> return decrypt(props.getProperty(placeholder));
> } else {
> return props.getProperty(placeholder);
> }
> }
> {code}
> Related discussion in mailing list:
> [Link|http://mail-archives.apache.org/mod_mbox/kylin-user/201602.mbox/%3CCAJxfx2ANpe0rG1Vm1R_Sdh4XZuNP3FCswXmv1_xFUVSpdOkH_A%40mail.gmail.com%3E]
> In this ticket, I would propose a CLI tool for password encryption for Kylin,
> and add related documentation in [How to Enable Security with LDAP and
> SSO|http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
