Apache Kylin : Analytical Data Warehouse for Big Data

Page tree

Welcome to Kylin Wiki.

When you deploy Kylin for more users, switch to LDAP authentication is recommended. In the test environment, you can update the password of the default user and add new users according to the following methods.

Before kylin 3.0.0-beta

In kylin versions before 3.0.0, Kylin uses a simple, configuration based user registry by default. There are three pre-defined test users users in kylinSecurity.xml, their password encrypted value is hard-coded in `kylinSecurity.xml`, they are 'ADMIN:KYLIN', 'ANALYST:ANALYST', 'MODELER:MODELER'.

To modify the password, you need firstly get the new password’s encrypted value (with BCrypt), and then set it in kylinSecurity.xml. Here is a sample with password ‘ABCDE’:

1、Get the new password’s encrypted value (with BCrypt)

Encrypt password
${KYLIN_HOME}/bin/kylin.sh org.apache.kylin.rest.security.PasswordPlaceholderConfigurer BCrypt ABCDE

2、The encrypted password will be output to cmd

Encrypted password
BCrypt encrypted password is: 

3、Then you can set it into `kylinSecurity.xml`

vi ./tomcat/webapps/kylin/WEB-INF/classes/kylinSecurity.xml

4、Replace the origin encrypted password with the new one

User info
<bean class="org.springframework.security.core.userdetails.User" id="adminUser">
      <constructor-arg value="ADMIN"/>
      <constructor-arg ref="adminAuthorities"/>

5、Restart Kylin to take effective. If you have multiple Kylin server as a cluster, do the same on each instance.

6、New users can also use similar methods.

Kylin 3.0.0-beta and later

In kylin3.0.0 and later, the three built-in user names and passwords are not changed, but they are no longer stored in the `kylinSecurity.xml`, but in the metadata under /user. You can learn more detail from this JIRA:  KYLIN-4122 - Getting issue details... STATUS

If you want to modify the password or add users in kylin3.0.0 and later, you can operate on system page in kylin web ui

1、Add new user

2、Modify user password

  • No labels