Our idoit installation allows to use the API without login, using the API key only.
Since I want to share the idoitcli invocation scripts, it should be sufficient to use the API key in the credentials file. But it is not, idoitcli complains (see below).
I'd like to see idoitcli working without logon. Sharing scrips nearly always includes config files laying around anywhere, and since they are not even encrypted, everyone can read each other's credentials. This is especially bad when using SSO...
Actual behavior
12:38 user@host:~/.idoitcli> idoitcli show vsrvr.intranet.my.corp
One or more errors found in configuration settings:
Configuration setting "api.username" is too short. Minimum length is 1 character(s).
Configuration setting "api.password" is too short. Minimum length is 1 character(s).
Cannot proceed unless you fix your configuration
If I use "x" and "y", respectively, I get
No proper configuration for i-doit API calls: i-doit responded with an error: Authentication error [error: Either your username or password is invalid.]
Since username and password are not required, this data should not not be transmitted and thus this error should now show.
Steps to reproduce the behavior
Empty the password and username entries. Or enter non-fitting data. And use idoitcli afterwards.
Environment
Question
Answer
idoitcli version
idoitcli 0.7
PHP version
PHP 7.2.5
i-doit version
i-doit 1.11.1 PRO
i-doit API add-on version
1.9
Server logs
Excerpt taken from /var/log/apache2/error.log:
no access to the system
Excerpt taken from /var/www/html/i-doit/log/api_*.log:
no access to this system. Might be /srv/www/... on SLES instead ;)
Expected behavior
Our idoit installation allows to use the API without login, using the API key only.
Since I want to share the idoitcli invocation scripts, it should be sufficient to use the API key in the credentials file. But it is not, idoitcli complains (see below).
I'd like to see idoitcli working without logon. Sharing scrips nearly always includes config files laying around anywhere, and since they are not even encrypted, everyone can read each other's credentials. This is especially bad when using SSO...
Actual behavior
If I use "x" and "y", respectively, I get
Since username and password are not required, this data should not not be transmitted and thus this error should now show.
Steps to reproduce the behavior
Empty the password and username entries. Or enter non-fitting data. And use idoitcli afterwards.
Environment
idoitcli
versionServer logs
Excerpt taken from
/var/log/apache2/error.log
:Excerpt taken from
/var/www/html/i-doit/log/api_*.log
:P.S.: according to https://kb.i-doit.com/pages/viewpage.action?pageId=7831613, a user login is not required, it can be configured off.