I think I’m getting closer:
/var/log/messages shows:
Mar 7 12:01:35 olddsm wforce[22993]: WforceWebserver: HTTP Request "/" from
127.0.0.1:59188: Web Authentication failed
Mar 7 12:02:43 olddsm wforce[22993]: allowLog too many different failed
password attempts by IP: allow="-1" remote="127.0
In weakforced you have
webserver("0.0.0.0:8084", "THIS-IS-THE-PASSWORD-FOR-WFORCE")
Thus, you make the base64 blob as
~$ echo -n wforce:THIS-IS-THE-PASSWORD-FOR-WFORCE | base64
d2ZvcmNlOlRISVMtSVMtVEhFLVBBU1NXT1JELUZPUi1XRk9SQ0U=
And in dovecot you put
auth_policy_server_api_header = Authoriz
So for auth_policy_server_api_header. is the value of our_password come from
the hashed response or the plain-text password? What else am I doing wrong?
Mar 7 09:20:53 olddsm wforce[17763]: WforceWebserver: HTTP Request "/" from
127.0.0.1:56416: Web Authentication failed
curl -X POST -H "Conte
wforce is the username always.
auth_policy_hash_nonce should be set to a pseudorandom value that is
shared by your server(s). Weakforced does not need it for anything.
auth_policy_server_api_header should be set to Authorization: Basic
without the < >.
Aki
On 6.3.2019 20.42, Robert Kudyba via
I took suggestions from https://forge.puppet.com/fraenki/wforce to set
these in /etc/dovecot/conf.d/95-auth.conf
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = our_password
auth_policy_server_api_header = "Authorization: Basic
hash_from_running_echo-n_base64"
auth_policy_
On 6 March 2019 18:25 Robert Kudyba via dovecot wrote:
We have dovecot-1:2.3.3-1.fc29.x86_64 running on Fedora 29. I'd like to test wforce, from
https://githu
We have dovecot-1:2.3.3-1.fc29.x86_64 running on Fedora 29. I'd like to
test wforce, from https://github.com/PowerDNS/weakforced.
I see instructions at the Authentication policy support page,
https://wiki2.dovecot.org/Authentication/Policy
I see the Required Minimum Configuration:
auth_policy_ser
