[
https://issues.apache.org/jira/browse/JAMES-3667?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benoit Tellier closed JAMES-3667.
---------------------------------
Resolution: Fixed
https://github.com/apache/james-project/pull/741 solved this.
> Verify user credentials via WebAdmin
> ------------------------------------
>
> Key: JAMES-3667
> URL: https://issues.apache.org/jira/browse/JAMES-3667
> Project: James Server
> Issue Type: Improvement
> Components: webadmin
> Affects Versions: master
> Reporter: Karsten Otto
> Priority: Major
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> Extend the WebAdmin interface with a route to verify a username/password
> combination:
> {code:java}
> curl -XPOST http://ip:port/users/usernameToBeUsed/verify \
> -d '{"password":"passwordToBeVerified"}' \
> -H "Content-Type: application/json"
> {code}
> The route reports 204 on success and 401 on failure. There is intentionally
> no distinction for non-existing users, to prevent a username oracle attack
> through this route.
> Adding such a feature is useful for integrating James with 3rd party
> services, e.g. a web admin GUI.
> T-Shirt size M.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscr...@james.apache.org
For additional commands, e-mail: server-dev-h...@james.apache.org
