Auth Policy Server/wforce/weakforced

Daniel Miller dmiller at amfes.com
Fri Aug 4 22:48:33 EEST 2017


On 8/3/2017 6:11 AM, Teemu Huovila wrote:
>
> On 02.08.2017 23:35, Daniel Miller wrote:
>> Is there explicit documentation available for the (probably trivial) configuration needed for Dovecot and Wforce?  I'm probably missing something that should be perfectly obvious...
>>
>> Wforce appears to start without errors.  I added a file to dovecot's conf.d:
>>
>> 95-policy.conf:
>> auth_policy_server_url = http://localhost:8084/
>> auth_policy_hash_nonce = this_is_my_super_secret_something
>>
>> Looking at the Wforce console I see:
>>
>> WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication failed
>>
>> In wforce.conf I have the (default):
>>
>> webserver("0.0.0.0:8084", "--WEBPWD")
>>
>> Do I need to change the "--WEBPWD"?  Do I need to specify something in the Dovecot config?
> You could try putting an actual password, in plain text, where --WEBPWD is. Then add that base64 encoded to dovecot setting auth_policy_server_api_header.
>
I knew it would be something like that.  I've made some changes but I'm 
still not there.  I presently have:

webserver("0.0.0.0:8084", "--WEBPWD ultra-secret-secure-safe")
in wforce.conf (and I've tried with and without the --WEBPWD)

and

auth_policy_server_api_header = Authorization: Basic 
dWx0cmEtc2VjcmV0LXNlY3VyZS1zYWZl
in 95-policy.conf for dovecot

Obviously I'm still formatting something wrong.

Daniel



More information about the dovecot mailing list