AW: Re: PrivacyIDEA - BasicAuth

No realm filter necessary.This should be OK. Turn on debug an look into the log.You could also debug through the program.
Kind regardsCornelius

Cornelius Kölbel +49 151 2960 1417
NetKnights GmbHHttp://NetKnights. It
+49 561 3166 797-------- Ursprüngliche Nachricht --------Von: Tilmann Datum: 15.09.16 13:01 (GMT+01:00) An: privacyidea Betreff: [privacyidea] Re: PrivacyIDEA - BasicAuth
Yes, i defined the following policy in the scope WebUi
{ “default_tokentype”: “totp”, “remote_user”: “allowed”, “tokenwizard”: true }
Is that right? Is it nesseseary to set a filter to Realm, user-resolver or something else?
Regards, Timann

Am Montag, 12. September 2016 22:08:06 UTC+2 schrieb Tilmann:

PrivacyIDEA - Install BasicAuth Hi, I try to activate the Basic Authentication for SSO purpose for the WebUI. If I change the AuthType in the apache config file „privacyidea.conf“ to basic the login dialog appears but the authentication failed. In the apache error log I receive the following Message. /var/log/httpd/error_log:[Mon Sep 12 21:11:34.936915 2016] [:error] [pid 1483] [client] mod_wsgi (pid=1483): Exception occurred processing WSGI script ‘/opt/privacyIDEA/lib/python2.7/site-packages/authmodules/apache2/’.[Mon Sep 12 21:11:34.936989 2016] [:error] [pid 1483] [client] Traceback (most recent call last):[Mon Sep 12 21:11:34.937046 2016] [:error] [pid 1483] [client] File “/opt/privacyIDEA/lib/python2.7/site-packages/authmodules/apache2/”, line 66, in check_password[Mon Sep 12 21:11:34.937129 2016] [:error] [pid 1483] [client] value = rd.get(key)[Mon Sep 12 21:11:34.937146 2016] [:error] [pid 1483] [client] File “/opt/privacyIDEA/lib/python2.7/site-packages/redis/”, line 863, in get[Mon Sep 12 21:11:34.937698 2016] [:error] [pid 1483] [client] return self.execute_command(‘GET’, name)[Mon Sep 12 21:11:34.937725 2016] [:error] [pid 1483] [client] File “/opt/privacyIDEA/lib/python2.7/site-packages/redis/”, line 570, in execute_command[Mon Sep 12 21:11:34.937745 2016] [:error] [pid 1483] [client] connection.send_command(*args)[Mon Sep 12 21:11:34.937757 2016] [:error] [pid 1483] [client] File “/opt/privacyIDEA/lib/python2.7/site-packages/redis/”, line 556, in send_command[Mon Sep 12 21:11:34.937958 2016] [:error] [pid 1483] [client] self.send_packed_command(self.pack_command(args))[Mon Sep 12 21:11:34.938001 2016] [:error] [pid 1483] [client] File “/opt/privacyIDEA/lib/python2.7/site-packages/redis/”, line 532, in send_packed_command[Mon Sep 12 21:11:34.938041 2016] [:error] [pid 1483] [client] self.connect()[Mon Sep 12 21:11:34.938052 2016] [:error] [pid 1483] [client] File “/opt/privacyIDEA/lib/python2.7/site-packages/redis/”, line 436, in connect[Mon Sep 12 21:11:34.938065 2016] [:error] [pid 1483] [client] raise ConnectionError(self._error_message(e))[Mon Sep 12 21:11:34.938081 2016] [:error] [pid 1483] [client] ConnectionError: Error 111 connecting to localhost:6379. Connection refused. /etc/httpd/conf.d/privacyidea.conf:TraceEnable offServerSignature OffServerTokens ProdWSGIPythonHome /opt/privacyIDEAWSGISocketPrefix /var/run/wsgi ServerAdmin support@xxx.xy ServerName Servername1 RewriteEngine On RewriteCond %{HTTPS} !=On RewriteRule (.) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] ServerAdmin support@xxx.xy ServerName Servername DocumentRoot /var/www # For Apache 2.4 you need to set this: # Require all granted Options FollowSymLinks AllowOverride None SSLRequireSSL AuthType Basic AuthName “OTP WebUi Login” AuthBasicProvider wsgi WSGIAuthUserScript /opt/privacyIDEA/lib/python2.7/site-packages/authmodules/apache2/ require valid-user <Location /validate/check> Require all granted Options FollowSymLinks AllowOverride None <Location /ttype> Require all granted Options FollowSymLinks AllowOverride None # The daemon is running as user ‘privacyidea’ # This user should have access to the encKey database encryption file WSGIDaemonProcess privacyidea python-path=/etc/privacyidea:/opt/privacyIDEA/lib/python2.7/site-packages processes=1 threads=15 display-name=%{GROUP} user=privacyidea WSGIPassAuthorization On WSGIProcessGroup privacyidea WSGIPassAuthorization On WSGIScriptAlias / /etc/privacyidea/privacyideaapp.wsgi SSLEngine On SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder On SSLCipherSuite EECDH+AES256:DHE+AES256:EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:AES256-SHA:!aNULL:!eNULL:!EXP:!LOW:!MD5 SSLCertificateFile /etc/pki/tls/certs/privacyideaserver.pem SSLCertificateKeyFile /etc/pki/tls/private/privacyideaserver.key Software Versions:PrivacyIDEA 2.14centos-release-7-2.1511.el7.centos.2.10.x86_64Python 2.7.5Apache/2.4.6 (CentOS) Could you please tell me, what is wrong? Thanks in advance! Tilmann

Please read the blog post about getting help

For professional services and consultancy regarding two factor authentication please visit

In an enterprise environment you should get a SERVICE LEVEL AGREEMENT which suites your needs for SECURITY, AVAILABILITY and LIABILITY:

You received this message because you are subscribed to the Google Groups “privacyidea” group.

To unsubscribe from this group and stop receiving emails from it, send an email to

To post to this group, send email to

Visit this group at

To view this discussion on the web visit

For more options, visit