You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@superset.apache.org by GitBox <gi...@apache.org> on 2017/10/26 15:56:41 UTC

[GitHub] andor-pierdelacabeza opened a new issue #3724: SECRET_KEY encrypts database secrets without warning, possibly breaking web interface if changed

andor-pierdelacabeza opened a new issue #3724: SECRET_KEY encrypts database secrets without warning, possibly breaking web interface if changed
URL: https://github.com/apache/incubator-superset/issues/3724
 
 
   Make sure these boxes are checked before submitting your issue - thank you!
   
   - [X] I have checked the superset logs for python stacktraces and included it here as text if any
   - [X] I have reproduced the issue with at least the latest released version of superset
   - [X] I have checked the issue tracker for the same issue and I haven't found one similar
   
   
   ### Superset version
   0.20.4
   
   ### Expected results
   Usually, on web apps, app secrets are just used for generating cookies (see `secrets.secret_key_base` in Rails, `SECRET_KEY` in Django, or Wordpress security keys and salts), so you can happily use different ones for `dev` and `production` environments, or change them if you see fit or any of your configuration files has leaked. The only problem you'll have is logged users will lose their session, but they can login again.
   
   As Superset configuration doesn't specify any other use for this secret, the **expected result** for changing this value would be **losing connected sessions**.
   
   ### Actual results
   * When accessing to any menu that connects so databases (e.g. a dashboard or a slice), we get a unicode exception, as in issues #2600 or #2966 .
   * Then, if you figure out that's not an Unicode error, but an encryption one, and you want to overwrite/change stored passwords on the Database Sources configuration, you'll get a similar Unicode error, so, not being able to edit MySQL connections.
   * Unless you manually edit the database, removing password blobs from connections, you won't be able to do it.
   
   ### Steps to reproduce
   * Add a database source and or dashboard
   * Change your SECRET_KEY in your config file
   * Restart Superset
   * Open a slice or dashboard
   * EXCEPTION
   
   ### Recommended ~~fix~~ behaviour
   * Docs should WARN about backing up secret key (I can do that if docs are in source)
   * Exception should be captured with a more obvious error
   * Database Sources configuration menu should be accessible, also capturing the error and showing a message that passwords are not accessible, and allow overwriting that password with a new one that will be encoded with the new secret_key
   
   
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services