provisoner
provisoner copied to clipboard
shamblett
Still not working in modx 2.2
It appears that the original issue of Access Denied when trying to use this in versions above 2.1.3 is still there. What was the 2.2 fix that was made in Jan. Should this be fully functional now?
Hi Adam,
The fix in Jan was just to get Provisioner to work in 2.2, in fact it was a small extJS incompatibility that stopped Provisioner loading, nothing to do with the access denied problem as such.
What's needed here IMHO is a separate 3rd party(or core provided) auth module, so components like Provisioner can auth themseleve's(login etc.) to the core revo install and allow proper external access.
Provisioner piggybacks onto the normal login functionality by using CURL functions, this has been effectively blocked by updates to 2.1.3 and above to stop XSS attacks in the manager.
This module could be used by any 3rd party of course, not just Provisioner with controls to allow/deny access based on type/site/IP etc as any other auth system.
I've known what's need here for a while, just not had the time to look at this in any depth.
Steve
On 16 February 2012 20:48, Adam Smith < [email protected]
wrote:
It appears that the original issue of Access Denied when trying to use this in versions above 2.1.3 is still there. What was the 2.2 fix that was made in Jan. Should this be fully functional now?
Reply to this email directly or view it on GitHub: https://github.com/shamblett/provisoner/issues/49
"Talk is cheap. Show me the code."
- Linus Torvalds
Steve Hamblett
Hi,
Not as yet.
Steve
On 13 March 2012 10:14, silentworks < [email protected]
wrote:
any update on this issue?
Reply to this email directly or view it on GitHub: https://github.com/shamblett/provisoner/issues/49#issuecomment-4470512
"Talk is cheap. Show me the code."
- Linus Torvalds
Steve Hamblett
I am guessing this won't happen anytime soon unless the MODx core team adds in a OAuth type method of access MODx from outside.
Hi,
Yes, this would be the best route, I'm sure more people than me could use this, I could write one for Provisioner but a more general solution would be better, maybe raise this on the forums.
Steve
On 13 March 2012 17:00, silentworks < [email protected]
wrote:
I am guessing this won't happen anytime soon unless the MODx core team adds in a OAuth type method of access MODx from outside.
Reply to this email directly or view it on GitHub: https://github.com/shamblett/provisoner/issues/49#issuecomment-4477861
"Talk is cheap. Show me the code."
- Linus Torvalds
Steve Hamblett
Any idea of if/when this might happen? Provisioner sounds like such a useful tool, it would have saved me loads of time and headaches this week if I could have used it!
Hi,
Not at the moment, not from the Provisioner side, has anyone raised a ticket on this in Redmine I wonder, may be if someone asked for an auth module we could get some feedback from the core devs.
Steve
On 13 May 2012 09:21, clanceyp < [email protected]
wrote:
Any idea of if/when this might happen? Provisioner sounds like such a useful tool, it would have saved me loads of time and headaches this week if I could have used it!
Reply to this email directly or view it on GitHub: https://github.com/shamblett/provisoner/issues/49#issuecomment-5674781
"Talk is cheap. Show me the code."
- Linus Torvalds
Steve Hamblett
Pretty sure we've got a slightly hacked but working provisioner floating around somewhere internally that needs some minor cleaning... great tool :)
EDIT: .. or not, just checking with the fellow devs, but it seems we didn't have it fixed for 2.2 yet.
@Mark-H remember all that talking about how kevin should finally do that evo migration tool (@modxpo)? Here it is, more or less, so why not put a little bit of energy in a new auth method for 2.2+ instead of crafting a whole new tool to migrate old evo sites (that probably should be redesigned/refactored anyway)? I'm just lucky to have an "old" 2.1.1 site I need to migrate just now...will try and prey =P
I'll let Kevin know! :P
All kidding aside, we have used Provisioner internally before and devised some ideas to make it better (batch importing was high up on the list; it simply didn't work with a 15K resource site :P) but the problem we have is that we only have so many people and to do lists that grow faster than we can work. We'll take all the help we can get, so if you or somebody else has a great idea on how to build that external auth, I'd suggest checking out the develop branch on the revo repo, building it and sending a pull request. ;)
@Mark-H =), wasn't ment like that, but if some guys are forcing kevin to "finally do that migration tool" (pointing at you ryan =D) he should probably build that auth mechanism (which btw would be a great feature anyways...) and then improve provisioner instead of writing it from the ground up...right?
And if I could, I would do it, but that's just way outside of my skill level^^
Mmmh, just tried provisioner for the first (and maybe last) time =)...sadly it could not login into the remote site (which as I told runs 2.1.1pl), the one I'm trying to connect from is a 2.2.4pl site...so am I understanding this wrong and this "configuration" cannot work...I understood it in that way, that you cannot login into sites higher than 2.1.3, but not that provisioner is completely not working in sites higher than 2.2, is that not true???
the error says "login aborted - unknown error" when taking domain.tld/manager (which according to the documentation is bullshit...) so I took domain.tld/connectors which gave me an "access denied" error =)...great...2 times reread the docs...basically I seem to stupid to use this thing =P...so I'll go and do it manually =/, happy copy/paste times