Karsten Otto created JAMES-3667:
-----------------------------------
Summary: Verify user credentials via WebAdmin
Key: JAMES-3667
URL: https://issues.apache.org/jira/browse/JAMES-3667
Project: James Server
Issue Type: Improvement
Components: webadmin
Affects Versions: master
Reporter: Karsten Otto
Extend the WebAdmin interface with a route to verify a username/password
combination:
{{curl -XPOST http://ip:port/users/usernameToBeUsed \}}
{{ -d '\{"password":"passwordToBeVerified"}' \}}
{{ -H "Content-Type: application/json"}}
The route reports 204 on success and 401 on failure. There is intentionally no
distinction for non-existing users, to prevent a username oracle attack through
this route.
Adding such a feature is useful for integrating James with 3rd party services,
e.g. a web admin GUI.
T-Shirt size M.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
