Logged-on users can receive various notifications from system via FossID Workbench messaging system. It can be configured so that the user gets an email message when user receives a message in FossID Workbench.
Several parameters need to be set in the fossid.conf configuration file. Please note that if a configuration parameter contains a non-alphanumeric character (such as space), it needs to be in quotes. Additionally, characters ?{}|&~!()^” have a special meaning in the value and need to be “escaped” (prepended with a backslash character “").
First, enable this email feature and set the transport method to deliver emails.
; Email
; Send email to user when receiving a message in WebApp inbox
;webapp_enable_email_sending=1
; Email transport
; The exact transport method to use to deliver emails. Valid values are: smtp, sendmail
;webapp_mailer_transport=smtp
If smtp is selected for transport method, following parameters need to be set.
; The host to connect to when using smtp as the transport.
;webapp_mailer_host=
; The port when using smtp as the transport. This defaults to 465 if encryption is ssl and 25 otherwise.
;webapp_mailer_port=
; The username when using smtp as the transport.
;webapp_mailer_username=
; The password when using smtp as the transport. This needs to be in quotes.
;webapp_mailer_password=""
; The encryption mode to use when using smtp as the transport.
; Valid values are tls, ssl, or leave commented (indicating no encryption).
;webapp_mailer_encryption=
; The authentication mode to use when using smtp as the transport.
; Valid values are plain, login, cram-md5, or null (leave commented).
;webapp_mailer_auth_mode=
; The email address which appears as sender for all emails from WebApp
;
;webapp_mailer_sender_address=
If sendmail is selected for transport method, following parameter needs to be set. Please note you need to install and configure sendmail on the system where the php-fpm service is running.
; Command to be executed by sendmail transport.
; Example:
; webapp_mailer_sendmail_command='/usr/sbin/sendmail -bs'
;
;webapp_mailer_sendmail_command="/usr/sbin/sendmail -bs"
Finally, there are a few parameters you can use to tweak the contents of the emails:
; FossID Workbench URL. This information is used to generate correct absolute URLs in emails. All links
; in emails will not work if this not set correctly.
; Example:
; webapp_base_url="https://mycompany.com/webapp/index.php"
;
;webapp_base_url=""
; Custom signature to be added to all emails sent from WebApp
; Default value is 'Please do not reply to this email. Check your notifications in FossID Workbench'
;
;webapp_mailer_email_signature=""
; The name which appears together with sender_address as sender for all emails from WebApp
;
;webapp_mailer_sender_display_name=""
Here is an example configuration with an smtp server running on smtp.example.com with email account alert@example.com. Note that the password should be in quotes.
webapp_enable_email_sending=1
webapp_mailer_transport=smtp
webapp_mailer_host=smtp.example.com
webapp_mailer_port=465
webapp_mailer_username=alert@example.com
webapp_mailer_password="test_password"
webapp_mailer_encryption=ssl
webapp_mailer_auth_mode=login
webapp_mailer_sender_address=alert@example.com
webapp_mailer_sender_display_name="Fossid Notifications"
webapp_base_url="https://fossid.example.com/webapp/index.php"
List of notifications
The below table shows an overview of the different Notifications Workbench sends, and which are sent by email if using Email Notifications.
| Event Name | Notification Sent To | Email Sent? | Conditions / Notes |
|---|---|---|---|
| Scan is Completed | User executing the Scan | Yes | |
| Scan is Failed | User executing the Scan | Yes | |
| Dependency Analysis Finished | User executing the Dependency Analysis | Yes | |
| (Report Export) Report is Finished | User generating the Report | Yes | |
| (Report Import) Report importation process has finished | User that imported a Report | Yes | |
| (Report Import) There has been an error importing the file | User that imported a Report | Yes | |
| New Vulnerabilities Found | Users with VIEW_SECURITY_INFORMATION permission |
Yes | |
| Component approval request was created | Users with PROJECTS_COMPONENT_APPROVER permission |
Yes | |
| Approval status of the component changed | • Users with PROJECTS_COMPONENT_APPROVER permission• User that created the Component Approval Request |
Yes | |
| Your password will expire in ‘n’ days. Please change your password | Logged-In User | No | This is sent if webapp_password_enforce_update=1 is set and the user’s password is older than 70 days but not expired (90 days). |