New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
4.5.0 breaks uri's with username/password #1038
Comments
Seeing the same after upgrading to 4.5.0. |
What version of the redis-server are you running? |
Is this related? #1025 (I'm on Redis 6.0.3, and seeing this.) https://my.diffend.io/gems/redis/4.4.0/4.5.0 I was on 4.4.0, and locked my gem to that, to have the functionality back. (We are using This works in 4.4.0 and not in 4.5.0:
|
Can you try passing |
@fatkodima Sorry, The redis server is running 6.0.9. |
I'm sorry but I can't repro:
If you are able to repo, could you modify the gem code so that you see what the Also is there any non-alphanumeric character in your password? Could be an URL escaping issue. |
I'm wondering if this change could have caused it: 17ba094 Prior to that change, a WRONGPASS CommandError would have been caught and auth would be attempted again as |
Yes, it's likely as it's the only auth related change. It's just weird I can't repro. But it seems that |
Yeah, I'm pretty sure that's it. I can connect if I leave off the username. |
Erf, yes that's it.... Ok, I'll work on a fix. But this sucks, we test multiple redis server versions for this exact reason, I didn't except such difference in a tiny release like this. |
Ah nevermind, I forgot to recreate the user. Still can't repro even with 6.0.3 |
In My password, I had numbers and alphanumeric |
Ah, so the password is valid, but the username doesn't correspond to anything? That's what you mean? I suppose you get this URL form some kind of redis as a service? |
I suppose I can re-introduce the old behavior of falling back to connecting without password, but that's quite dirty, in some way I feel like I'm re-introducing a bug. |
I'm looking at an existing server which was configured with this url, so I'm not entirely sure how it was constructed and didn't think to look at it too closely since it worked with redis-cli. But clearly the url is incorrect if the username is invalid and it just happened to work due to the old fallback behavior. It could be fine to consider this a bugfix and leave it in, but other people might also be bitten by this so maybe it's safer to consider this a breaking change and put it in a major version. That's up to the project maintainers. I appreciate you taking a look at this so quickly and let me know if you need any more info or help. 👍 |
Yeah, I'll see if I can cut a release which restore the behavior but emit some kind of warning. |
Correct. I think our rediscloud URL was probably initially generated back when we were on heroku, which generates a URL with |
PR is here: #1041 I have to go away from my keyboard for a bit, but I'll cut a |
|
For anyone using rediscloud there is a section in their docs explaning how you can create role based access (and disable the default user) https://docs.redis.com/latest/rs/security/passwords-users-roles/#configuring-roles-and-users |
Hi,
I haven't had time to fully debug this, but noticed that uri's with username/password seem broken in the 4.5.0 version.
Steps I ran to repro
I can connect with the same url using
redis-cli
I can try to provide more info if needed. Thanks!
The text was updated successfully, but these errors were encountered: