subject:"Auth Policy Server\/wforce\/weakforced"

Re: Auth Policy Server/wforce/weakforced

2017-08-08 Thread Teemu Huovila



On 04.08.2017 23:10, Daniel Miller wrote:
> On 8/4/2017 12:48 PM, Daniel Miller wrote:
>> On 8/3/2017 6:11 AM, Teemu Huovila wrote:
>>>
>>> On 02.08.2017 23:35, Daniel Miller wrote:
 Is there explicit documentation available for the (probably trivial) 
 configuration needed for Dovecot and Wforce?  I'm probably missing 
 something that should be perfectly obvious...

 Wforce appears to start without errors.  I added a file to dovecot's 
 conf.d:

 95-policy.conf:
 auth_policy_server_url = http://localhost:8084/
 auth_policy_hash_nonce = this_is_my_super_secret_something

 Looking at the Wforce console I see:

 WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication 
 failed

 In wforce.conf I have the (default):

 webserver("0.0.0.0:8084", "--WEBPWD")

 Do I need to change the "--WEBPWD"?  Do I need to specify something in the 
 Dovecot config?
>>> You could try putting an actual password, in plain text, where --WEBPWD is. 
>>> Then add that base64 encoded to dovecot setting 
>>> auth_policy_server_api_header.
>>>
>> I knew it would be something like that.  I've made some changes but I'm 
>> still not there.  I presently have:
>>
>> webserver("0.0.0.0:8084", "--WEBPWD ultra-secret-secure-safe")
>> in wforce.conf (and I've tried with and without the --WEBPWD)
>>
>> and
>>
>> auth_policy_server_api_header = Authorization: Basic 
>> dWx0cmEtc2VjcmV0LXNlY3VyZS1zYWZl
>> in 95-policy.conf for dovecot
>>
>> Obviously I'm still formatting something wrong.
>>
> I think I've got something working a little better.  I'm using:
> webserver("0.0.0.0:8084", "ultra-secret-secure-safe")
> (so I remove the --WEBPWD - that's a placeholder, not a argument declaration)
> 
> and for dovecot, the base64 encoding needs to be "wforce:password" instead of 
> just the password.
> 
> Now I have to see what else needs to be tweaked.
> 
> Daniel
Glad you got it working. Lua comments, prefixed with "--" can indeed be a bit 
misleading. My sloppy answer omitting HTTP Basic auth hash contents did not 
help either.

br,
Teemu

Re: Auth Policy Server/wforce/weakforced

2017-08-04 Thread Daniel Miller


On 8/4/2017 12:48 PM, Daniel Miller wrote:

On 8/3/2017 6:11 AM, Teemu Huovila wrote:


On 02.08.2017 23:35, Daniel Miller wrote:
Is there explicit documentation available for the (probably trivial) 
configuration needed for Dovecot and Wforce?  I'm probably missing 
something that should be perfectly obvious...


Wforce appears to start without errors.  I added a file to dovecot's 
conf.d:


95-policy.conf:
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = this_is_my_super_secret_something

Looking at the Wforce console I see:

WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web 
Authentication failed


In wforce.conf I have the (default):

webserver("0.0.0.0:8084", "--WEBPWD")

Do I need to change the "--WEBPWD"?  Do I need to specify something 
in the Dovecot config?
You could try putting an actual password, in plain text, where 
--WEBPWD is. Then add that base64 encoded to dovecot setting 
auth_policy_server_api_header.


I knew it would be something like that.  I've made some changes but 
I'm still not there.  I presently have:


webserver("0.0.0.0:8084", "--WEBPWD ultra-secret-secure-safe")
in wforce.conf (and I've tried with and without the --WEBPWD)

and

auth_policy_server_api_header = Authorization: Basic 
dWx0cmEtc2VjcmV0LXNlY3VyZS1zYWZl

in 95-policy.conf for dovecot

Obviously I'm still formatting something wrong.


I think I've got something working a little better.  I'm using:
webserver("0.0.0.0:8084", "ultra-secret-secure-safe")
(so I remove the --WEBPWD - that's a placeholder, not a argument 
declaration)


and for dovecot, the base64 encoding needs to be "wforce:password" 
instead of just the password.


Now I have to see what else needs to be tweaked.

Daniel

Re: Auth Policy Server/wforce/weakforced

2017-08-04 Thread Daniel Miller


On 8/3/2017 6:11 AM, Teemu Huovila wrote:


On 02.08.2017 23:35, Daniel Miller wrote:

Is there explicit documentation available for the (probably trivial) 
configuration needed for Dovecot and Wforce?  I'm probably missing something 
that should be perfectly obvious...

Wforce appears to start without errors.  I added a file to dovecot's conf.d:

95-policy.conf:
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = this_is_my_super_secret_something

Looking at the Wforce console I see:

WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication 
failed

In wforce.conf I have the (default):

webserver("0.0.0.0:8084", "--WEBPWD")

Do I need to change the "--WEBPWD"?  Do I need to specify something in the 
Dovecot config?

You could try putting an actual password, in plain text, where --WEBPWD is. 
Then add that base64 encoded to dovecot setting auth_policy_server_api_header.

I knew it would be something like that.  I've made some changes but I'm 
still not there.  I presently have:


webserver("0.0.0.0:8084", "--WEBPWD ultra-secret-secure-safe")
in wforce.conf (and I've tried with and without the --WEBPWD)

and

auth_policy_server_api_header = Authorization: Basic 
dWx0cmEtc2VjcmV0LXNlY3VyZS1zYWZl

in 95-policy.conf for dovecot

Obviously I'm still formatting something wrong.

Daniel

Re: Auth Policy Server/wforce/weakforced

2017-08-03 Thread Teemu Huovila



On 02.08.2017 23:35, Daniel Miller wrote:
> Is there explicit documentation available for the (probably trivial) 
> configuration needed for Dovecot and Wforce?  I'm probably missing something 
> that should be perfectly obvious...
> 
> Wforce appears to start without errors.  I added a file to dovecot's conf.d:
> 
> 95-policy.conf:
> auth_policy_server_url = http://localhost:8084/
> auth_policy_hash_nonce = this_is_my_super_secret_something
> 
> Looking at the Wforce console I see:
> 
> WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web Authentication 
> failed
> 
> In wforce.conf I have the (default):
> 
> webserver("0.0.0.0:8084", "--WEBPWD")
> 
> Do I need to change the "--WEBPWD"?  Do I need to specify something in the 
> Dovecot config? 
You could try putting an actual password, in plain text, where --WEBPWD is. 
Then add that base64 encoded to dovecot setting auth_policy_server_api_header.

hope this helps,
Teemu

Auth Policy Server/wforce/weakforced

2017-08-02 Thread Daniel Miller

Is there explicit documentation available for the (probably trivial) 
configuration needed for Dovecot and Wforce?  I'm probably missing 
something that should be perfectly obvious...


Wforce appears to start without errors.  I added a file to dovecot's conf.d:

95-policy.conf:
auth_policy_server_url = http://localhost:8084/
auth_policy_hash_nonce = this_is_my_super_secret_something

Looking at the Wforce console I see:

WforceWebserver: HTTP Request "/" from 127.0.0.1:45108: Web 
Authentication failed


In wforce.conf I have the (default):

webserver("0.0.0.0:8084", "--WEBPWD")

Do I need to change the "--WEBPWD"?  Do I need to specify something in 
the Dovecot config?


--
Daniel

Re: Auth Policy Server/wforce/weakforced

Re: Auth Policy Server/wforce/weakforced

Re: Auth Policy Server/wforce/weakforced

Re: Auth Policy Server/wforce/weakforced

Auth Policy Server/wforce/weakforced

5 matches

Site Navigation

Mail list logo

Footer information