kylin-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jian Zhong <hellowode...@gmail.com>
Subject Re: Kylin LDAP encryption
Date Wed, 03 Feb 2016 16:51:49 GMT
user can use this to generate encoded password, would appreciate it if you
can create a jira and contribute any cli tool to improve this, thanks

On Thu, Feb 4, 2016 at 12:49 AM, Jian Zhong <hellowode110@gmail.com> wrote:

> PasswordPlaceholderConfigurer#encrypt will get right password.
>
> from PasswordPlaceholderConfigure#resolvePlaceholder you can see any
> placeholder with 'password' need encrypt.
>
> On Wed, Feb 3, 2016 at 10:01 PM, Wu XIANG <w.xiang7@gmail.com> wrote:
>
>> thanks jian,
>>
>>   I managed to integrate LDAP by invoke "PasswordPlaceholderConfigurer#
>> encrypt" to encrypt my passwords. I'm not sure if it's the correct way.
>>
>>   If encryption is needed, is it possible to expose "
>> PasswordPlaceholderConfigurer#encrypt" as a CLI tool or just make "
>> PasswordPlaceholderConfigurer#key" configurable ?
>>
>> thanks
>> wu
>>
>>
>> On Wed, Feb 3, 2016 at 8:38 PM, Jian Zhong <hellowode110@gmail.com>
>> wrote:
>>
>>> Will update to doc,thank you
>>>
>>>
>>> On Wednesday, February 3, 2016, Jian Zhong <hellowode110@gmail.com>
>>> wrote:
>>>
>>>> Yes, encrypted is required.
>>>>
>>>>
>>>>
>>>> On Wednesday, February 3, 2016, Wu XIANG <w.xiang7@gmail.com> wrote:
>>>>
>>>>> Hi all,
>>>>>
>>>>>    I'm configuring LDAP integration for Kylin. However, I got the
>>>>> following error when I start Kylin server:
>>>>>
>>>>> *"Invalid bean definition with name 'ldapSource' defined in class path
>>>>> resource [kylinSecurity.xml]: Input length must be multiple of 16 when
>>>>> decrypting with padded cipher"*
>>>>>
>>>>>    After a little bit of digging, I found this was due to "
>>>>> *PasswordPlaceholderConfigurer*", which tries to decrypt passwords in
>>>>> kylin.properties file. Does this mean passwords like "ldap.password"
>>>>> in kylin.properties should be encrypted ? If so, I hope it's documented
in
>>>>> tutorial.
>>>>>
>>>>>   // PasswordPlaceholderConfigurer.java:Line71
>>>>>
>>>>> protected String resolvePlaceholder(String placeholder, Properties
>>>>> props) {
>>>>>
>>>>>   if (placeholder.toLowerCase().contains("password")) {
>>>>>
>>>>>       return decrypt(props.getProperty(placeholder));
>>>>>
>>>>>   } else {
>>>>>
>>>>>       return props.getProperty(placeholder);
>>>>>
>>>>>   }
>>>>>
>>>>> }
>>>>>
>>>>>
>>>>> p.s.
>>>>>
>>>>> Kylin Branch: v1.2-release
>>>>>
>>>>>
>>>>> thanks
>>>>> *wu*
>>>>>
>>>>
>>
>>
>> --
>>
>> *wu*
>>
>
>

Mime
View raw message