Hi Xiang, thanks for reporting this, and your suggestion is good, we should improve it in both document and the tool.
2016-02-04 0:51 GMT+08:00 Jian Zhong <[email protected]>: > user can use this to generate encoded password, would appreciate it if you > can create a jira and contribute any cli tool to improve this, thanks > > On Thu, Feb 4, 2016 at 12:49 AM, Jian Zhong <[email protected]> > wrote: > >> PasswordPlaceholderConfigurer#encrypt will get right password. >> >> from PasswordPlaceholderConfigure#resolvePlaceholder you can see any >> placeholder with 'password' need encrypt. >> >> On Wed, Feb 3, 2016 at 10:01 PM, Wu XIANG <[email protected]> wrote: >> >>> thanks jian, >>> >>> I managed to integrate LDAP by invoke "PasswordPlaceholderConfigurer# >>> encrypt" to encrypt my passwords. I'm not sure if it's the correct way. >>> >>> If encryption is needed, is it possible to expose " >>> PasswordPlaceholderConfigurer#encrypt" as a CLI tool or just make " >>> PasswordPlaceholderConfigurer#key" configurable ? >>> >>> thanks >>> wu >>> >>> >>> On Wed, Feb 3, 2016 at 8:38 PM, Jian Zhong <[email protected]> >>> wrote: >>> >>>> Will update to doc,thank you >>>> >>>> >>>> On Wednesday, February 3, 2016, Jian Zhong <[email protected]> >>>> wrote: >>>> >>>>> Yes, encrypted is required. >>>>> >>>>> >>>>> >>>>> On Wednesday, February 3, 2016, Wu XIANG <[email protected]> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> I'm configuring LDAP integration for Kylin. However, I got the >>>>>> following error when I start Kylin server: >>>>>> >>>>>> *"Invalid bean definition with name 'ldapSource' defined in class >>>>>> path resource [kylinSecurity.xml]: Input length must be multiple of 16 >>>>>> when >>>>>> decrypting with padded cipher"* >>>>>> >>>>>> After a little bit of digging, I found this was due to " >>>>>> *PasswordPlaceholderConfigurer*", which tries to decrypt passwords >>>>>> in kylin.properties file. Does this mean passwords like " >>>>>> ldap.password" in kylin.properties should be encrypted ? If so, I >>>>>> hope it's documented in tutorial. >>>>>> >>>>>> // PasswordPlaceholderConfigurer.java:Line71 >>>>>> >>>>>> protected String resolvePlaceholder(String placeholder, Properties >>>>>> props) { >>>>>> >>>>>> if (placeholder.toLowerCase().contains("password")) { >>>>>> >>>>>> return decrypt(props.getProperty(placeholder)); >>>>>> >>>>>> } else { >>>>>> >>>>>> return props.getProperty(placeholder); >>>>>> >>>>>> } >>>>>> >>>>>> } >>>>>> >>>>>> >>>>>> p.s. >>>>>> >>>>>> Kylin Branch: v1.2-release >>>>>> >>>>>> >>>>>> thanks >>>>>> *wu* >>>>>> >>>>> >>> >>> >>> -- >>> >>> *wu* >>> >> >> > -- Best regards, Shaofeng Shi
