http://coldfusion.com logo
Join Slack
Powered by
i am upgrading my commandbox docker image and afte...
# box-products
t
i am upgrading my commandbox docker image and after the update i am getting "access is protected" errors. I can access the server admin but not the web, the only place I am setting a password for the admin is in the cfconfig.json file wiht an 
adminPassword
key. is there another setting I need to set? (lucee engine btw)
b
Can you show a screenshot of what you're seeing?
Also, look at the container logs from when the server is starting and show is the cfconfig section.
t
message has been deleted
message has been deleted
b
Seems like it's getting set
Can you show us what you're seeing which isn't working?
t
yeah, but when the container starts I can log into the server admin but not the web
message has been deleted
b
You put in the password?
t
yes
that is the page after i enter it and it shows the error
b
Are you on the latest CFConfig?
t
I am not sure what you mean by that, I am using the latest jdk11 tagged image from dockerhub
b
CFConfig is a standalone library that has a release cycle outside of the docker images
When the docker images are built, they include whatever the latest version of CFConfig was out at the time
So there's a good chance there has been a CFConfig release since the docker images were last built
In order to see what version of CFConfig is installed in the container, you can SSH in and run
Copy code
box list --system
And you can update it with something like
Copy code
RUN box install commandbox-cfconfig --force
in your docker file
t
says commandbox-cfconfig 1.6.11
ok, adding that
b
You can see what the latest version is on ForgeBox
Or run
Copy code
box forgebox show commandbox-cfconfig
t
same error
looks like i need to dive deep into cfconfig, last known working version was 1.3.1 for me
b
Ok, so at least we know you're on the latest version
If it doesn't work, I'm not sure why. I don't really ever use the web context so I rarely test that
t
I use the web for tenant datasource management
could there be some security setting form commandbox that would strip access to the web vs the server admin?
b
no
t
the prior version of comandbox was 5.3.1+00392
b
I wouldn't really expect CommandBox itself to have anything to do with that. CFConfig is responsible for setting the password.
I just tested this locally and it seems to work fine
I have a global env called 
cfconfig_adminPassword
and I see this when I start up a Lucee server
Copy code
| √ | Loading CFConfig into server
   |   |-------------------------------------------
   |   | Found box environment variable [cfconfig_adminPassword]
   |   | Importing into [luceeserver]...
   |   | [adminPassword] set.
   |   | No Web context admin password found. Setting your admin password to the same as your Server context password.
   |   | [adminPassword] set.
And I can log into both the server and the web context admin with the same password.
t
i'll try that, I am doing it via an env var inside the value of the adminPassword key of the cfconfig.json file
nope, still no worky
trying various verisons of lucee
b
My guess is you have something else setting it
But without seeing what JSON files you have going on, I'm not sure
I'm already a bit confused about the two different console screenshots you sent
I'm not sure which one is the real one
t
the black bg was from the docker build command, the white was from the startup of the container
b
So if your JSON files that were present when the container started up also had a password in them, they would override what the 
cfconfig_adminPassword
env var set when building the container
You'll need to review your JSON files and see what's in them
t
i see, testing something
so since I am not actually setting the admin password in my dockerfile generation, i think it might be setting both the server and web passwords to a random password, then when I start the container with a password it changes the password for the server but since the web is already set it doesn't touch it
b
That doesn't make any sense based on your output above
message has been deleted
☝️ Here you clearly have an explicit env var which is getting picked up and imported
So, whatever is in that env var is what's in the server and web contexs when the container is built
t
and that variable is not set to anything
b
What do you mean? Like it's am empty string?
t
no, just not set
b
I don't understand what you mean. Clearly it's set or it wouldn't be in the output above
t
message has been deleted
that's my cfconfig.json file, the env var CFADMIN_PASSWORD does not exist during build time
b
☝️ This has nothing to do with the 
cfconfig_adminPassword
env var mentioned in the screenshot above
t
but it does during run time
b
Your web context pass is probably whatever you're setting it to at build time
t
well, i changed my runtime container to use CFCONFIG_ADMINPASSWORD
b
As your JSON file at runtime is only going ot affect the server context
t
yep, and at build time it is blank
b
The web context will be left alone if it already has a password in it
Still not clear what you mean by "it" in your last sentence
t
it seems that sometime between my prior verison of comandbox and this one (cfconfig related i'm sure) it started leaving the web password be if it had been prior set (even if the current container has a new password)
b
You've got so many env vars and JSON files I really can't help much
Yeah, I'm not sure what behavior you had before, but the current behavior, so far as I can tell, is correct and desired
The "hey, forgot to set your password" check isn't going to kick in if the web context already has a passowrd
Otherwise, it would be overwriting something you may not want touched
t
as far as I can tell, there is no method to update the web's password via cfconfig if it has already been set in a previous step of the build
b
that's not true at all
If you want to explicitly set a web context password, there are several ways to do it
t
via the cfconfig.json file?
sorry, i was unclear prior
b
Have you checked the docs. All the existing behavior is covered here
You can set a web context password via an ad-hoc env var like so
Copy code
cfconfig_web_adminPassword=myPass
Or you can put it in a file named by convention, this:
Copy code
.cfconfig-web.json
Or you can specify a web context JSON file in 
cfconfig.web
in 
server.json
Or you can specify a 
box_server_cfconfig_web
env var that points to a web JSON files
There's 4 ways to do it!
But if you've already set some other admin password into the web context previously, and then at runtime, you ONLY specify a server context password, CFConfig isn't going to touch your existing web context password
At least not as of the latest version. if it did in the past, that was a bug 🙂
t
ahha, i had seen that, but i was trying to add it as a key 'web_admin_password' in my cfconfig file. i didn't see that i needed a separate web config file, which makes sense
b
The only time CFConfig will "copy over" a password from one context to another is if you haven't set one at all before
Yes, a given JSON file will only be imported into a single target server home.
t
thank you very much
b
Basically all config that is possible in the server context is also possible in the web context and vice versa
So it's not like password is the only thing in both places!
👍 1
5 Views
Open in Slack
PreviousNext
Powered by