[
https://issues.apache.org/jira/browse/KYLIN-4271?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16983219#comment-16983219
]
wu.kehua edited comment on KYLIN-4271 at 11/27/19 7:10 AM:
-----------------------------------------------------------
Hi [~mwu_], thanks for you reply.
Yes, we had configure a certicate, and add "javax.net.ssl.trustStore" jvm
parameter, it will be ok, so I think we should add the jvm parameter in
kylin.properties, which will be more convenient in use.
was (Author: wkh8011):
Hi [~mwu_], thanks for you reply.
Yes, we had configure a certicate, it will be ok, so I think we should add the
jvm parameter in kylin.properties, which will be more convenient in use.
> Support for LDAPs authentication of Kylin
> -----------------------------------------
>
> Key: KYLIN-4271
> URL: https://issues.apache.org/jira/browse/KYLIN-4271
> Project: Kylin
> Issue Type: Improvement
> Components: Security
> Affects Versions: v3.0.0
> Reporter: wu.kehua
> Assignee: wu.kehua
> Priority: Major
> Attachments: kylin.log
>
>
> Kylin's user authentication is normal when connecting to an LDAP server with
> the LDAP protocol enabled. However, the LDAP protocol is transmitted in plain
> text and there are security risks. Therefore, the LDAP server that uses the
> LDAPs protocol needs to be enabled. The LDAPs protocol supports encrypted
> transmission. After configuring the LDAP related configuration in
> kylin.properties, Kylin server cannot connect to the LDAP server for user
> authentication.
> The Kylin log shows the error log, as follows, you can also see the detail
> log in attachment.
> {code:java}
> Root exception is javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException:
> PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
