apache
Not accepting `*` in a database account password
Bug description
A postgres database connection with valid credentials does not work because there is a special character in the password(*).
We tried escaping the password string directly in the URL and in the DB with no change in behavior.
How to reproduce the bug
- Add database connection with a password containing
* - Try to load schemas in SQL Lab
- get an error
Screenshots/recordings
No response
Superset version
3.1.1
Python version
3.10
Node version
I don't know
Browser
Chrome
Additional context
Only error message in logs we get is when requesting schemas when exploring in sqllab.
DatabaseRestApi.schemas.error
All of the sqlalchemy libs we use.
flask-sqlalchemy 2.5.1
marshmallow-sqlalchemy 0.28.2
sqlalchemy-dremio 3.0.3
sqlalchemy-utils 0.38.3
sqlalchemy 1.4.51
Checklist
- [X] I have searched Superset docs and Slack and didn't find a solution to my problem.
- [X] I have searched the GitHub issue tracker and didn't find a similar bug report.
- [X] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section.
Pinging @dpgaspar @betodealmeida in case there's good reason for not accepting that particular character.
When using tools like Amazon RDS with a Secrets Manager that is rotating the RDS credentials for you, you cannot enforce how strong the password will be. This is going to be a problem in large enterprise environments that have very strict password policies.
I also encounter the same issue, particularly when the * is at the end of password in the SQLAlchemy URI.
I have the same problem with a password with a % character in it. I've tried using a backslash to escape it and URL-encoding it, to no avail.
Facing the same issue. Hit problems with both * and %. Any potential updates on this?
