PasswordPlaceholderConfigurer#encrypt will get right password. from PasswordPlaceholderConfigure#resolvePlaceholder you can see any placeholder with 'password' need encrypt.
On Wed, Feb 3, 2016 at 10:01 PM, Wu XIANG <[email protected]> wrote: > thanks jian, > > I managed to integrate LDAP by invoke "PasswordPlaceholderConfigurer# > encrypt" to encrypt my passwords. I'm not sure if it's the correct way. > > If encryption is needed, is it possible to expose " > PasswordPlaceholderConfigurer#encrypt" as a CLI tool or just make " > PasswordPlaceholderConfigurer#key" configurable ? > > thanks > wu > > > On Wed, Feb 3, 2016 at 8:38 PM, Jian Zhong <[email protected]> wrote: > >> Will update to doc,thank you >> >> >> On Wednesday, February 3, 2016, Jian Zhong <[email protected]> >> wrote: >> >>> Yes, encrypted is required. >>> >>> >>> >>> On Wednesday, February 3, 2016, Wu XIANG <[email protected]> wrote: >>> >>>> Hi all, >>>> >>>> I'm configuring LDAP integration for Kylin. However, I got the >>>> following error when I start Kylin server: >>>> >>>> *"Invalid bean definition with name 'ldapSource' defined in class path >>>> resource [kylinSecurity.xml]: Input length must be multiple of 16 when >>>> decrypting with padded cipher"* >>>> >>>> After a little bit of digging, I found this was due to " >>>> *PasswordPlaceholderConfigurer*", which tries to decrypt passwords in >>>> kylin.properties file. Does this mean passwords like "ldap.password" >>>> in kylin.properties should be encrypted ? If so, I hope it's documented in >>>> tutorial. >>>> >>>> // PasswordPlaceholderConfigurer.java:Line71 >>>> >>>> protected String resolvePlaceholder(String placeholder, Properties >>>> props) { >>>> >>>> if (placeholder.toLowerCase().contains("password")) { >>>> >>>> return decrypt(props.getProperty(placeholder)); >>>> >>>> } else { >>>> >>>> return props.getProperty(placeholder); >>>> >>>> } >>>> >>>> } >>>> >>>> >>>> p.s. >>>> >>>> Kylin Branch: v1.2-release >>>> >>>> >>>> thanks >>>> *wu* >>>> >>> > > > -- > > *wu* >
