aminghadersohi opened a new pull request, #35875: URL: https://github.com/apache/superset/pull/35875
### SUMMARY Remove all hardcoded "admin" username fallbacks from the MCP service to improve security and configuration clarity. **Changes:** - Remove `MCP_ADMIN_USERNAME` config (unused, consolidated into `MCP_DEV_USERNAME`) - Remove "admin" fallback from `auth.py` config lookups - Simplify error messages to be concise (no config variable spam in logs) - Update `README.md` and `mcp_config.py` documentation **Why:** - Hardcoded "admin" fallbacks are a security risk - Service should fail fast with clear errors when misconfigured - No need for separate admin/dev username configs ### BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF N/A - Backend configuration change only ### TESTING INSTRUCTIONS 1. Start Superset with MCP service 2. Verify service fails with clear error if `MCP_DEV_USERNAME` not configured 3. Set `MCP_DEV_USERNAME` in `superset_config.py` and verify service works 4. Check error messages are concise (no config variable spam) ### ADDITIONAL INFORMATION - [ ] Has associated issue: - [ ] Required feature flags: - [ ] Changes UI - [ ] Includes DB Migration - [ ] Introduces new feature or API - [ ] Removes existing feature or API -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
