Auth Policy Server/wforce/weakforced
Daniel Miller
dmiller at amfes.com
Fri Aug 4 22:48:33 EEST 2017
On 8/3/2017 6:11 AM, Teemu Huovila wrote:
>
> On 02.08.2017 23:35, Daniel Miller wrote:
>> Is there explicit documentation available for the (probably trivial) configuration needed for Dovecot and Wforce? I'm probably missing something that should be perfectly obvious...
>>
>> Wforce appears to start without errors. I added a file to dovecot's conf.d:
>>
>> 95-policy.conf:
>> auth_policy_server_url = http://localhost:8084/
>> auth_policy_hash_nonce = this_is_my_super_secret_something
>>
>> Looking at the Wforce console I see:
>>
>> WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication failed
>>
>> In wforce.conf I have the (default):
>>
>> webserver("0.0.0.0:8084", "--WEBPWD")
>>
>> Do I need to change the "--WEBPWD"? Do I need to specify something in the Dovecot config?
> You could try putting an actual password, in plain text, where --WEBPWD is. Then add that base64 encoded to dovecot setting auth_policy_server_api_header.
>
I knew it would be something like that. I've made some changes but I'm
still not there. I presently have:
webserver("0.0.0.0:8084", "--WEBPWD ultra-secret-secure-safe")
in wforce.conf (and I've tried with and without the --WEBPWD)
and
auth_policy_server_api_header = Authorization: Basic
dWx0cmEtc2VjcmV0LXNlY3VyZS1zYWZl
in 95-policy.conf for dovecot
Obviously I'm still formatting something wrong.
Daniel
More information about the dovecot
mailing list