Neil Cook

If you can add some tests for the authentication code I'd be happy to merge.

Use --zookeeper zookeeper:2181 instead and it will work. That is what is listed in docker-compose.yml: KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181

I would say this is a feature request rather than a bug report. Given that a multitude of things will fail if all the wforce instances have different configs, (like...

Just to stress, and I might make this more explicit in the docs: wforce clusters expect all cluster nodes to have to same config. I'm not going to spend a...

> The situation affecting us was during a config upgrade. To roll out a new config to all hosts, it was done progressively to keep the service up, but the...

This is an interesting potential feature. I think that caching is key here, because there's no particular reason to suppose that C++ LDAP lookups will be much faster than Lua...

BTW @sshipway are you aware of the ability to lookup arbitrary LDAP data from Dovecot and pass that information to weakforce? That may give you what you want, without the...

This behaviour is by design. Keys don't get removed so that they can efficiently be reused if needed. I don't think it's a good idea to remove keys unless there's...

Hmm, I'm loath to give an official way to tell the client to use MFA by adding additional return codes. The way I handle this in the weakforce-policy repo is...

> Is weakforce-policy repo public? No, it's a proprietary repo that is part of the "commercial" version of wforce sold by Open-Xchange (as "OX Abuse Shield").