On 04.08.2017 23:10, Daniel Miller wrote: > On 8/4/2017 12:48 PM, Daniel Miller wrote: >> On 8/3/2017 6:11 AM, Teemu Huovila wrote: >>> >>> On 02.08.2017 23:35, Daniel Miller wrote: >>>> Is there explicit documentation available for the (probably trivial) >>>> configuration needed for Dovecot and Wforce? I'm probably missing >>>> something that should be perfectly obvious... >>>> >>>> Wforce appears to start without errors. I added a file to dovecot's >>>> conf.d: >>>> >>>> 95-policy.conf: >>>> auth_policy_server_url = http://localhost:8084/ >>>> auth_policy_hash_nonce = this_is_my_super_secret_something >>>> >>>> Looking at the Wforce console I see: >>>> >>>> WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication >>>> failed >>>> >>>> In wforce.conf I have the (default): >>>> >>>> webserver("0.0.0.0:8084", "--WEBPWD") >>>> >>>> Do I need to change the "--WEBPWD"? Do I need to specify something in the >>>> Dovecot config? >>> You could try putting an actual password, in plain text, where --WEBPWD is. >>> Then add that base64 encoded to dovecot setting >>> auth_policy_server_api_header. >>> >> I knew it would be something like that. I've made some changes but I'm >> still not there. I presently have: >> >> webserver("0.0.0.0:8084", "--WEBPWD ultra-secret-secure-safe") >> in wforce.conf (and I've tried with and without the --WEBPWD) >> >> and >> >> auth_policy_server_api_header = Authorization: Basic >> dWx0cmEtc2VjcmV0LXNlY3VyZS1zYWZl >> in 95-policy.conf for dovecot >> >> Obviously I'm still formatting something wrong. >> > I think I've got something working a little better. I'm using: > webserver("0.0.0.0:8084", "ultra-secret-secure-safe") > (so I remove the --WEBPWD - that's a placeholder, not a argument declaration) > > and for dovecot, the base64 encoding needs to be "wforce:password" instead of > just the password. > > Now I have to see what else needs to be tweaked. > > Daniel Glad you got it working. Lua comments, prefixed with "--" can indeed be a bit misleading. My sloppy answer omitting HTTP Basic auth hash contents did not help either.
br, Teemu
