BookmarkSubscribeRSS Feed
japsas100
Pyrite | Level 9
Hello,

Can we use below special characters in sas internal account password (sastrust,sasdm,sasevs)?

Like &@$:;_%^

I have used these special characters in password but getting the unauthorized user password error when I run proc http.

We are using the 9.4 M1 and also tried the degug with sas configuration file but no luck.

I have also opened the SAS Track.

Please advise?
4 REPLIES 4
japelin
Rhodochrosite | Level 12

Excuse me, but have you been able to isolate whether it is really a problem with the password string, or with your sas account, or with the site you are trying to access with proc http?

 

If it is a problem with the special symbols in the password, are you double coating the password when specifying it in proc http? Why don't you use single quotation marks?
Use single quotation marks when you don't want to expand or reference a macro.

 

Kurt_Bremser
Super User

My instinct(!) tells me to not use these characters in particular:

%&?;:/

as they have special meaning within the HTTP protocol. I would also refrain from using quotes, as that makes handling such strings in any programming environment harder.

Since these are for internal, technical users of the SAS system, why do you need to use them in PROC HTTP? I never accessed these users with anything but the SAS Management Console.

 

Note that a random 8-character password consisting of upper/lowercase letters, digits and underlines will provide so many permutations (63**8) that brute-forcing it with 1000 tries per second would still take close to 8000 years.

gwootton
SAS Super FREQ
You probably need to URL encode the password. For example:

1 %let pass=%nrstr(&@$:;_%^);
2 %let pass=%sysfunc(urlencode(&pass));
3 %put &pass;
%26@$%3A%3B_%25%5E
--
Greg Wootton | Principal Systems Technical Support Engineer
Sajid01
Meteorite | Level 14

Hello @japsas100 
No reason why one should not. But better keep the level of complexity manageable.



suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 4 replies
  • 1785 views
  • 0 likes
  • 5 in conversation