search for: wforcewebserver

...missing something that should be perfectly obvious... Wforce appears to start without errors. I added a file to dovecot's conf.d: 95-policy.conf: auth_policy_server_url = http://localhost:8084/ auth_policy_hash_nonce = this_is_my_super_secret_something Looking at the Wforce console I see: WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication failed In wforce.conf I have the (default): webserver("0.0.0.0:8084", "--WEBPWD") Do I need to change the "--WEBPWD"? Do I need to specify something in the Dovecot config? -- Daniel

...force:super' | base64 d2ZvcmNlOnN1cGVy vm-weakforced:~# cat /etc/dovecot/conf.d/95-policy.conf auth_policy_server_url = http://localhost:8084/ auth_policy_hash_nonce = some random string auth_policy_server_api_header = "Authorization: Basic d2ZvcmNlOnN1cGVy With the same result... > WforceWebserver: HTTP Request "/" from 127.0.0.1:39752: Web Authentication failed WforceWebserver: HTTP Request "/" from 127.0.0.1:39752: Web Authentication failed WforceWebserver: HTTP Request "/" from 127.0.0.1:39752: Web Authentication failed I'm not considering some detail...

...t; > vm-weakforced:~# cat /etc/dovecot/conf.d/95-policy.conf > auth_policy_server_url = http://localhost:8084/ > auth_policy_hash_nonce = some random string > auth_policy_server_api_header = "Authorization: Basic d2ZvcmNlOnN1cGVy > > With the same result... > > > WforceWebserver: HTTP Request "/" from 127.0.0.1:39752: Web > Authentication failed > WforceWebserver: HTTP Request "/" from 127.0.0.1:39752: Web > Authentication failed > WforceWebserver: HTTP Request "/" from 127.0.0.1:39752: Web > Authentication failed > >...

...er: vm-weakforced:~# doveadm auth login usuario Password: passdb: usuario auth succeeded extra fields: ? user=usuario userdb extra fields: ? usuario ? system_groups_user=usuario ? uid=1000 ? gid=1000 ? home=/home/usuario Answer of Weakforced is always "...authentication failed": WforceWebserver: HTTP Request "/" from 127.0.0.1:39720: Web Authentication failed And Dovecot logs don't show anything else: ... Jan 15 16:50:50 vm-weakforced dovecot: auth: Debug: auth client connected (pid=967) Jan 15 16:50:50 vm-weakforced dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#01...

So for auth_policy_server_api_header. is the value of our_password come from the hashed response or the plain-text password? What else am I doing wrong? Mar 7 09:20:53 olddsm wforce[17763]: WforceWebserver: HTTP Request "/" from 127.0.0.1:56416: Web Authentication failed curl -X POST -H "Content-Type: application/json" --data '{"login?:?ouruser?, "remote": "127.0.0.1", "pwhash?:?hashed-password?}? http://127.0.0.1:8084/?command=allow -u wforce:s...

...s... > > Wforce appears to start without errors. I added a file to dovecot's conf.d: > > 95-policy.conf: > auth_policy_server_url = http://localhost:8084/ > auth_policy_hash_nonce = this_is_my_super_secret_something > > Looking at the Wforce console I see: > > WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication failed > > In wforce.conf I have the (default): > > webserver("0.0.0.0:8084", "--WEBPWD") > > Do I need to change the "--WEBPWD"? Do I need to specify something in the Dovecot co...

...dovecot's >>> conf.d: >>> >>> 95-policy.conf: >>> auth_policy_server_url = http://localhost:8084/ >>> auth_policy_hash_nonce = this_is_my_super_secret_something >>> >>> Looking at the Wforce console I see: >>> >>> WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web >>> Authentication failed >>> >>> In wforce.conf I have the (default): >>> >>> webserver("0.0.0.0:8084", "--WEBPWD") >>> >>> Do I need to change the "--WEBP...

...March 2019 16:41 Robert Kudyba via dovecot <dovecot at dovecot.org> wrote: > > > So for auth_policy_server_api_header. is the value of our_password come from the hashed response or the plain-text password? What else am I doing wrong? > > Mar 7 09:20:53 olddsm wforce[17763]: WforceWebserver: HTTP Request "/" from 127.0.0.1:56416: Web Authentication failed > > curl -X POST -H "Content-Type: application/json" --data '{"login?:?ouruser?, "remote": "127.0.0.1", "pwhash?:?hashed-password?}? http://127.0.0.1:8084/?command=allow -u...

...: usuario auth succeeded > extra fields: > ? user=usuario > > userdb extra fields: > ? usuario > ? system_groups_user=usuario > ? uid=1000 > ? gid=1000 > ? home=/home/usuario > > Answer of Weakforced is always "...authentication failed": > > WforceWebserver: HTTP Request "/" from 127.0.0.1:39720: Web > Authentication failed > > And Dovecot logs don't show anything else: > ... > Jan 15 16:50:50 vm-weakforced dovecot: auth: Debug: auth client > connected (pid=967) > Jan 15 16:50:50 vm-weakforced dovecot: auth: Debug...

I took suggestions from https://forge.puppet.com/fraenki/wforce to set these in /etc/dovecot/conf.d/95-auth.conf auth_policy_server_url = http://localhost:8084/ auth_policy_hash_nonce = our_password auth_policy_server_api_header = "Authorization: Basic hash_from_running_echo-n_base64" auth_policy_server_timeout_msecs = 2000 auth_policy_hash_mech = sha256 auth_policy_request_attributes =