The module has been updated and split into two different branches: one, that requires a simple modification of one core file, and another one, that does not require such a thing.
Please refer to the documentation included in this release before using the module.
File Added: mantis.integration_20070418.zip
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Download link is near the bottom under Attached Files:
(You must scroll all the way to the right since the download link is actually
off screen due to a long unbroken line in an earlier post)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
So, we're trying this with dotProject 2.1.1 and Mantis 1.1.0 (soon to be 1.1.1 - it may fix some SOAP issues). So far the Mantis tab in our dotProject project only says:
Error: [800] Invalid user and/or pass at client.php:123
How should one define the user creds? We tried the 'setCredentials' function (mantis.config.ssl.php line 30), which complained that it was missing argument 2, so we hard set the name/password in the class definition (xmlrpc.inc.php). Still not working.
Our Mantis instance is running over https (got the cert working), and both use LDAP for authentication. We created a mantis user in LDAP and in Mantis.
Any suggestions?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi, I've absolutely no idea whether it'll work it LDAP. It've been a good nine months since I last looked at this code and as far as I can remember a requirement was that user/pass in both applications are identical. But this uses a feature in Mantis 'plain text login' which I don't know if it's available in conjunction with LDAP. Probably not.
I can't really offer you an advice, because I haven't worked with dotProject and Mantis for the past 8-9 months and I won't be any time soon, which is kinda sad, because dP is cool.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi!
To webservices:
I had a dotProject 2.1rc1 installation working with Mantis 1.0.x (I cant remember). When I updated to Mantis 1.1.0, it stopped working, giving the message you posted. After some investigation I found it was because the new Mantis version had fixed a bug that dotProject was using to login with the MD5 hash of the password. http://www.mantisbt.org/changelog.php
"2007.10.23 - 1.1.0rc2
- 0008467: [security] Users can login using the MD5 hash of the password (vboctor) - resolved."
You can bypass this "fix" just commenting one line in the file /mantis/core/authentication_api.php. Look for this piece of code around line 210:
if \( LDAP == $t\_configured\_login\_method \) \{
return ldap\_authenticate\( $p\_user\_id, $p\_test\_password \);
\}
$t\_password = user\_get\_field\( $p\_user\_id, 'password' \);
$t\_login\_methods = Array\(MD5, CRYPT, PLAIN\);
foreach \( $t\_login\_methods as $t\_login\_method \) \{
\# pass the stored password in as the salt
if \( auth\_process\_plain\_password\( $p\_test\_password, $t\_password, $t\_login\_method \) == $t\_password \) \{
\# Do not support migration to PLAIN, since this would be a crazy thing to do.
\# Also if we do, then a user will be able to login by providing the MD5 value
\# that is copied from the database. See \#8467 for more details.
if \( $t\_configured\_login\_method \!= PLAIN && $t\_login\_method == PLAIN \) \{
-->> you have to comment this line: //continue;
}
\# Check for migration to another login method and test whether the password was encrypted
\# with our previously insecure implemention of the CRYPT method
if \( \( $t\_login\_method \!= $t\_configured\_login\_method \) ||
\( \( CRYPT == $t\_configured\_login\_method \) && substr\( $t\_password, 0, 2 \) == substr\( $p\_test\_password, 0, 2 \) \) \) \{
user\_set\_password\( $p\_user\_id, $p\_test\_password, true \);
\}
return true;
\}
\}
return false;
\}
"
You have to comment the "continue;". However, you should be aware this is a security risk as you can login just knowing the hash of a password. I have not found a way to do it without enabling this feature/bug since dotproject Mantis integration module cant know the password in cleartext.
I hope this can solve your problem, even if it is just a workaround.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
No I can confirm that it doesn't work with LDAP authentication enabled in Mantis. If disabled then it's working fine. You can keep the LDAP auth in dotproject though.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
We're toying with the idea of re-implementing this module with SOAP, as Mantis' SOAP API has been moved into the core, and looks more-or-less stable (and more importantly, actively supported). If no extras are required for installing/supporting the module, maybe more folks would be interested in using it, or pitching in with development.
We have some example code working, connecting to Mantis via SOAP, finding the project, verifying access for the current dotProject user, and returning a list of bugs. I've never written against the dp APIs, so there's a bit of a learning curve, but next I'll dig into the code for creating/importing tasks and issues.
Anyone have thoughts/ideas/warnings?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Please, release it using the standard SF release mechanism so it appears in the list of files to download. Its easy to do and then I think you'll see more people realising this exists! thanks.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm trying to use this module on:
- dotproject 2.1.1
- mantis 1.1.2
- php 5, mysql 5, apache 2, linux.
I've installed the core branch, and all file permissions were set to www-data. Also I'm using an administrator with the same login and password in both applications.
Whenever I activate the "mantis integration" checkbox in the project form and try to save, I get this message:
"Project updated
Access Denied
You have attemped to access an item in dotproject without the sufficient permissions to do so. Please contact the dotproject System Administrator."
It looks like dotproject can't access mantis stuff, but I've tried every permission twists I knew.
Thanks for any help you could provide.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Logged In: YES
user_id=1765620
Originator: YES
The module has been updated and split into two different branches: one, that requires a simple modification of one core file, and another one, that does not require such a thing.
Please refer to the documentation included in this release before using the module.
File Added: mantis.integration_20070418.zip
mantis integration module v.1
Logged In: NO
Hi, I meet the following errors but don't know how to get over then. If you're kind to give me some instructions, thank you!
---GOT---
HTTP/1.1 200 OK
Date: Thu, 19 Jul 2007 11:39:28 GMT
Server: Apache/1.3.33 (Win32) PHP/4.3.10
X-Powered-By: PHP/4.3.10
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Expires: Thu, 19 Jul 2007 11:39:28 GMT
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link rel="stylesheet" type="text/css" href="http://localhost/mantis/xmlrpc/dotproject/css/default.css" />
<script type="text/javascript" language="JavaScript"><!--
if(document.layers) {document.write("<style>td{padding:0px;}<\/style>")}
// --></script>
<meta http-equiv="Content-type" content="text/html;charset=GBK" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Cache-Control" content="no-cache" />
<meta http-equiv="Pragma-directive" content="no-cache" />
<meta http-equiv="Cache-Directive" content="no-cache" />
<meta http-equiv="Expires" content="Thu, 19 Jul 2007 11:39:28 GMT" />
<title>ºþ±±¹«ÖÚÏîÄ¿ÎÊÌâ¸ú×Ù¹ÜÀíϵͳ</title>
<script type="text/JavaScript" src="javascript/common.js"></script>
</head>
<body>
<div align="Left"><a href="http://www.mantisbt.org" title="Mantis Bugtracker"><img border="0" width="980" height="46" alt="Mantis Bugtracker" src="images/mantis_logo.gif" /></a></div><br /><div align="center"><table class="width50" cellspacing="1"><tr><td class="form-title">APPLICATION ERROR #801</td></tr><tr><td><p class="center" style="color:red">ûÓÐÕÒµ½Óû§¡£</p></td></tr><tr><td><p class="center">ÇëÔÚÄãµÄä¯ÀÀÆ÷ÖÐʹÓá°ºóÍË¡±°´Å¥À´·µ»Øµ½ÉÏÒ»Ò³Ã棬ÕâÑùÄú¿ÉÒÔÕÒµ½·¢ÉúÁËʲôÎÊÌâ»òÕß½øÐбðµÄ²Ù×÷£»Äú»¹¿ÉÒÔµã»÷µ¼º½À¸ÖеÄÑ¡ÏîÖ±½ÓÌøתµ½Ò»¸öеÄÇø¶Î¡£</p></td></tr></table></div> <br />
<hr size="1" />
<table border="0" width="100%" cellspacing="0" cellpadding="0"><tr valign="top"><td> <address>Copyright © 2000 - 2005 Teradata </address>
<address><a href="mailto:Javawan@gmail.com">Javawan@gmail.com</a></address>
</td><td><div align="right"><a href="http://www.mantisbt.org" title="Powered by Mantis Bugtracker"><img src="images/mantis_logo_button.gif" width="88" height="35" alt="Powered by Mantis Bugtracker" border="0" /></a></div></td></tr></table></body>
</html>
---END---
HEADER: date: Thu, 19 Jul 2007 11:39:28 GMT
HEADER: server: Apache/1.3.33 (Win32) PHP/4.3.10
HEADER: x-powered-by: PHP/4.3.10
HEADER: pragma: no-cache
HEADER: cache-control: post-check=0, pre-check=0
HEADER: expires: Thu, 19 Jul 2007 11:39:28 GMT
HEADER: connection: close
HEADER: content-type: text/html
XML error: not well-formed (invalid token) at line 14, column 8Error: [2] Invalid return payload: enable debugging to examine incoming payload (XML error: not well-formed (invalid token) at line 14, column 8) at client.php:124
Logged In: YES
user_id=1848784
Originator: NO
Hi, I meet the following errors but don't know how to get over them. If
you're kind to give me some instructions, thank you!
---GOT---
HTTP/1.1 200 OK
Date: Thu, 19 Jul 2007 11:39:28 GMT
Server: Apache/1.3.33 (Win32) PHP/4.3.10
X-Powered-By: PHP/4.3.10
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Expires: Thu, 19 Jul 2007 11:39:28 GMT
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<link rel="stylesheet" type="text/css"
href="http://localhost/mantis/xmlrpc/dotproject/css/default.css" />
<script type="text/javascript" language="JavaScript"><!--
if(document.layers)
{document.write("<style>td{padding:0px;}<\/style>")}
// --></script>
<meta http-equiv="Content-type" content="text/html;charset=GBK" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Cache-Control" content="no-cache" />
<meta http-equiv="Pragma-directive" content="no-cache" />
<meta http-equiv="Cache-Directive" content="no-cache" />
<meta http-equiv="Expires" content="Thu, 19 Jul 2007 11:39:28 GMT" />
<title>ºþ±±¹«ÖÚÏîÄ¿ÎÊÌâ¸ú×Ù¹ÜÀíϵͳ</title>
<script type="text/JavaScript" src="javascript/common.js"></script>
</head>
<body>
<div align="Left"><a href="http://www.mantisbt.org" title="Mantis
Bugtracker"><img border="0" width="980" height="46" alt="Mantis Bugtracker"
src="images/mantis_logo.gif" /></a></div><br /><div align="center"><table
class="width50" cellspacing="1"><tr><td class="form-title">APPLICATION
ERROR #801</td></tr><tr><td><p class="center"
style="color:red">ûÓÐÕÒµ½Óû§¡£</p></td></tr><tr><td><p
class="center">ÇëÔÚÄãµÄä¯ÀÀÆ÷ÖÐʹÓá°ºóÍË¡±°´Å¥À´·µ»Øµ½ÉÏÒ»Ò³Ã棬ÕâÑùÄú¿ÉÒÔÕÒµ½·¢ÉúÁËʲôÎÊÌâ»òÕß½øÐбðµÄ²Ù×÷£»Äú»¹¿ÉÒÔµã»÷µ¼º½À¸ÖеÄÑ¡ÏîÖ±½ÓÌøתµ½Ò»¸öеÄÇø¶Î¡£</p></td></tr></table></div> <br
/>
<hr size="1" />
<table border="0" width="100%" cellspacing="0" cellpadding="0"><tr
valign="top"><td> <address>Copyright © 2000 - 2005 Teradata
</address>
<address><a
href="mailto:Javawan@gmail.com">Javawan@gmail.com</a></address>
</td><td><div align="right"><a href="http://www.mantisbt.org"
title="Powered by Mantis Bugtracker"><img
src="images/mantis_logo_button.gif" width="88" height="35" alt="Powered by
Mantis Bugtracker" border="0" /></a></div></td></tr></table></body>
</html>
---END---
HEADER: date: Thu, 19 Jul 2007 11:39:28 GMT
HEADER: server: Apache/1.3.33 (Win32) PHP/4.3.10
HEADER: x-powered-by: PHP/4.3.10
HEADER: pragma: no-cache
HEADER: cache-control: post-check=0, pre-check=0
HEADER: expires: Thu, 19 Jul 2007 11:39:28 GMT
HEADER: connection: close
HEADER: content-type: text/html
XML error: not well-formed (invalid token) at line 14, column 8Error: [2]
Invalid return payload: enable debugging to examine incoming payload (XML
error: not well-formed (invalid token) at line 14, column 8) at
client.php:124
Logged In: YES
user_id=1035167
Originator: NO
Where is the actual module for this?
Logged In: YES
user_id=1806417
Originator: NO
Yes where do we download this please????
Logged In: YES
user_id=1875559
Originator: NO
Great module--thank you!
Small update: if using with https need to edit line 329 in index.php
change
echo 'http://'.
to
echo $cnf['mantismethod'] . '://'.
to make links use https as set in config
Logged In: YES
user_id=1505333
Originator: NO
Refering to some previous posts, I'm also wondering where can I download module files?
Can anyone give me a helping hand?
Logged In: YES
user_id=1875559
Originator: NO
Download link is near the bottom under Attached Files:
(You must scroll all the way to the right since the download link is actually
off screen due to a long unbroken line in an earlier post)
Logged In: YES
user_id=1965357
Originator: NO
Where the download file?
Logged In: YES
user_id=1987729
Originator: NO
So, we're trying this with dotProject 2.1.1 and Mantis 1.1.0 (soon to be 1.1.1 - it may fix some SOAP issues). So far the Mantis tab in our dotProject project only says:
Error: [800] Invalid user and/or pass at client.php:123
How should one define the user creds? We tried the 'setCredentials' function (mantis.config.ssl.php line 30), which complained that it was missing argument 2, so we hard set the name/password in the class definition (xmlrpc.inc.php). Still not working.
Our Mantis instance is running over https (got the cert working), and both use LDAP for authentication. We created a mantis user in LDAP and in Mantis.
Any suggestions?
Logged In: YES
user_id=1765620
Originator: YES
Hi, I've absolutely no idea whether it'll work it LDAP. It've been a good nine months since I last looked at this code and as far as I can remember a requirement was that user/pass in both applications are identical. But this uses a feature in Mantis 'plain text login' which I don't know if it's available in conjunction with LDAP. Probably not.
I can't really offer you an advice, because I haven't worked with dotProject and Mantis for the past 8-9 months and I won't be any time soon, which is kinda sad, because dP is cool.
Logged In: YES
user_id=1502050
Originator: NO
Hi!
To webservices:
I had a dotProject 2.1rc1 installation working with Mantis 1.0.x (I cant remember). When I updated to Mantis 1.1.0, it stopped working, giving the message you posted. After some investigation I found it was because the new Mantis version had fixed a bug that dotProject was using to login with the MD5 hash of the password.
http://www.mantisbt.org/changelog.php
"2007.10.23 - 1.1.0rc2
- 0008467: [security] Users can login using the MD5 hash of the password (vboctor) - resolved."
You can bypass this "fix" just commenting one line in the file /mantis/core/authentication_api.php. Look for this piece of code around line 210:
"function auth_does_password_match( $p_user_id, $p_test_password ) {
$t_configured_login_method = config_get( 'login_method' );
if \( LDAP == $t\_configured\_login\_method \) \{ return ldap\_authenticate\( $p\_user\_id, $p\_test\_password \); \} $t\_password = user\_get\_field\( $p\_user\_id, 'password' \); $t\_login\_methods = Array\(MD5, CRYPT, PLAIN\); foreach \( $t\_login\_methods as $t\_login\_method \) \{ \# pass the stored password in as the salt if \( auth\_process\_plain\_password\( $p\_test\_password, $t\_password, $t\_login\_method \) == $t\_password \) \{ \# Do not support migration to PLAIN, since this would be a crazy thing to do. \# Also if we do, then a user will be able to login by providing the MD5 value \# that is copied from the database. See \#8467 for more details. if \( $t\_configured\_login\_method \!= PLAIN && $t\_login\_method == PLAIN \) \{-->> you have to comment this line: //continue;
}
\# Check for migration to another login method and test whether the password was encrypted \# with our previously insecure implemention of the CRYPT method if \( \( $t\_login\_method \!= $t\_configured\_login\_method \) || \( \( CRYPT == $t\_configured\_login\_method \) && substr\( $t\_password, 0, 2 \) == substr\( $p\_test\_password, 0, 2 \) \) \) \{ user\_set\_password\( $p\_user\_id, $p\_test\_password, true \); \} return true; \} \} return false; \}"
You have to comment the "continue;". However, you should be aware this is a security risk as you can login just knowing the hash of a password. I have not found a way to do it without enabling this feature/bug since dotproject Mantis integration module cant know the password in cleartext.
I hope this can solve your problem, even if it is just a workaround.
Logged In: NO
No I can confirm that it doesn't work with LDAP authentication enabled in Mantis. If disabled then it's working fine. You can keep the LDAP auth in dotproject though.
Logged In: YES
user_id=1987729
Originator: NO
We're toying with the idea of re-implementing this module with SOAP, as Mantis' SOAP API has been moved into the core, and looks more-or-less stable (and more importantly, actively supported). If no extras are required for installing/supporting the module, maybe more folks would be interested in using it, or pitching in with development.
We have some example code working, connecting to Mantis via SOAP, finding the project, verifying access for the current dotProject user, and returning a list of bugs. I've never written against the dp APIs, so there's a bit of a learning curve, but next I'll dig into the code for creating/importing tasks and issues.
Anyone have thoughts/ideas/warnings?
Logged In: YES
user_id=646277
Originator: NO
Please, release it using the standard SF release mechanism so it appears in the list of files to download. Its easy to do and then I think you'll see more people realising this exists! thanks.
Logged In: YES
user_id=2036417
Originator: NO
Hello,
Im interested for downloading this module, where can I donwload the attached file ?
Thank you.
Logged In: YES
user_id=1765620
Originator: YES
Just scroll to the very bottom of the page and than to the very right ... you'll see a download link.
Logged In: YES
user_id=2036417
Originator: NO
Many thanks.
Patrick
Logged In: YES
user_id=2088846
Originator: NO
Why can't i see the attachment?
Logged In: YES
user_id=1765620
Originator: YES
Just scroll to the very bottom of that page and than scroll vertically to the very right ...
Logged In: NO
thanks so much~~
weboholic
You are so nice~
Logged In: NO
could not see the attachment.
Logged In: YES
user_id=2146899
Originator: NO
Hi,
I'm trying to use this module on:
- dotproject 2.1.1
- mantis 1.1.2
- php 5, mysql 5, apache 2, linux.
I've installed the core branch, and all file permissions were set to www-data. Also I'm using an administrator with the same login and password in both applications.
Whenever I activate the "mantis integration" checkbox in the project form and try to save, I get this message:
"Project updated
Access Denied
You have attemped to access an item in dotproject without the sufficient permissions to do so. Please contact the dotproject System Administrator."
It looks like dotproject can't access mantis stuff, but I've tried every permission twists I knew.
Thanks for any help you could provide.
Logged In: YES
user_id=1901013
Originator: NO
Somebody knows from where it is possible to get Mantis Integration package? I cannot see it under dotProject mods.
Please help to get it!
Thank You in advance!
Dzintars Vilnis