Issue solved!!!
WSGIScriptAlias / /etc/privacyidea/piapp.wsgi
I can’t define another scriptalias as the root directory… 
This is the correct error log
Syntax error on line 1 of /etc/apache2/sites-enabled/privacyidea.conf:
Invalid command ‘WSGIPythonHome’, perhaps misspelled or defined by a module
not included in the server configuration
Action ‘configtest’ failed.
The Apache error log may have more information.
failed!
Line 1:
WSGIPythonHome /opt/privacyidea/privacyidea-venv
Hi,
this is wired.
It should not bother about the DocumentRoot.
Which URL are you calling?
Kind regards
CorneliusAm 22.02.2015 um 13:47 schrieb Stefan Steuer:
in the Privacyidea.conf you have the line with the Documentroot
DocumentRoot /var/wwwBut there are no files - so the result is, when I try to open the
website with the patch which I definied in the WSGIScriptAlias I’ll
get the following error-code in the apache-logFile does not exist: /var/www/pi
–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/f159c173-f815-41c0-8bb8-0d1829fdcd45%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/f159c173-f815-41c0-8bb8-0d1829fdcd45%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
in the Privacyidea.conf you have the line with the Documentroot
DocumentRoot /var/www
But there are no files - so the result is, when I try to open the website
with the patch which I definied in the WSGIScriptAlias I’ll get the
following error-code in the apache-log
File does not exist: /var/www/pi
Obviously this is an Apache issue.
You are writing “conf.d/orts.conf” but it looks like a “sites-available”?
If you want to run both applications on one port on one server you must
only have one VIrtualHost definition.
I.e. you need to have one link in
/etc/apache2/sites-available/
listening on port 443 with ONE certificate.
In this VirtualHost defintion you might have
WSGIScriptAlias /pi /pathto/wsgi/scirp
ScriptAlias /otrs/ ....
Alias /otrs-web/....
Kind regards
CorneliusAm 22.02.2015 um 18:27 schrieb Stefan Steuer:
Yes - OTRS and privacyIDEA are on the same host.
apache.conf: default config.
privacyidea.conf as posted.
conf.d/otrs.conf
# -- # added for OTRS (http://otrs.org/) # -- ScriptAlias /otrs/ "/opt/otrs/bin/cgi-bin/" Alias /otrs-web/ "/opt/otrs/var/httpd/htdocs/" <IfModule mod_perl.c> # Setup environment and preload modules Perlrequire /opt/otrs/scripts/apache2-perl-startup.pl # Reload Perl modules when changed on disk PerlModule Apache2::Reload PerlInitHandler Apache2::Reload # general mod_perl2 options <Location /otrs> # ErrorDocument 403 /otrs/customer.pl ErrorDocument 403 /otrs/index.pl SetHandler perl-script PerlResponseHandler ModPerl::Registry Options +ExecCGI PerlOptions +ParseHeaders PerlOptions +SetupEnv <IfModule mod_version.c> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion> </IfModule> <IfModule !mod_version.c> Order allow,deny Allow from all </IfModule> <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/javascript text/css text/xml application/json text/json </IfModule> </Directory> <Directory "/opt/otrs/var/httpd/htdocs/"> AllowOverride None <IfModule mod_version.c> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion> </IfModule> <IfModule !mod_version.c> Order allow,deny Allow from all </IfModule> <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/javascript text/css text/xml application/json text/json </IfModule> # Make sure CSS and JS files are read as UTF8 by the browsers. AddCharset UTF-8 .css AddCharset UTF-8 .js # Set explicit mime type for woff fonts since it is relatively new and apache may not know about it. AddType application/font-woff .woff </Directory> <IfModule mod_headers.c> # Cache css-cache for 30 days <Directory "/opt/otrs/var/httpd/htdocs/skins/*/*/css-cache"> <FilesMatch "\.(css|CSS)$"> Header set Cache-Control "max-age=2592000 must-revalidate" <FilesMatch "\.(css|CSS)$"> Header set Cache-Control "max-age=2592000 must-revalidate" </FilesMatch> </Directory> # Cache css thirdparty for 4 hours, including icon fonts <Directory "/opt/otrs/var/httpd/htdocs/skins/*/*/css/thirdparty"> <FilesMatch "\.(css|CSS|woff|svg)$"> Header set Cache-Control "max-age=14400 must-revalidate" </FilesMatch> </Directory> # Cache js-cache for 30 days <Directory "/opt/otrs/var/httpd/htdocs/js/js-cache"> <FilesMatch "\.(js|JS)$"> Header set Cache-Control "max-age=2592000 must-revalidate" </FilesMatch> </Directory> # Cache js thirdparty for 4 hours <Directory "/opt/otrs/var/httpd/htdocs/js/thirdparty/"> <FilesMatch "\.(js|JS)$"> Header set Cache-Control "max-age=14400 must-revalidate" </FilesMatch> </Directory> </IfModule> # Limit the number of requests per child to avoid excessive memory usage MaxRequestsPerChild 4000–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/e4be1154-3c3e-4f55-b37a-b713fe8891e2%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/e4be1154-3c3e-4f55-b37a-b713fe8891e2%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
This is my privacyidea.conf - site is enabled.
WSGIPythonHome /opt/privacyidea/privacyidea-venv/
ServerAdmin webmaster@localhost
# You might want to change this
ServerName localhost
DocumentRoot /var/www
<Directory />
# For Apache 2.4 you need to set this:
# Require all granted
Options FollowSymLinks
AllowOverride None
</Directory>
# We can run several instances on different paths with different
configurations
WSGIScriptAlias /pi/ /etc/privacyidea/piapp.wsgi#
# The daemon is running as user ‘privacyidea’
# This user should have access to the encKey database encryption file
WSGIDaemonProcess privacyidea processes=1 threads=15
display-name=%{GROUP} user=privacyidea
WSGIProcessGroup privacyidea
WSGIPassAuthorization On
ErrorLog /var/log/apache2/error.log
LogLevel warn
LogFormat "%h %l %u %t %>s \"%m %U %H\" %b \"%{Referer}i\"
“%{User-agent}i”" privacyIDEA
CustomLog /var/log/apache2/ssl_access.log privacyIDEA
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine off
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/privacyideaserver.pem
SSLCertificateKeyFile /etc/ssl/private/privacyideaserver.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
I just checked,
You must not use
“require all granted”, since probably you are running apache 2.2
The other stuff should work, so we need to check your apache config.
Kind regards
CorneliusAm 22.02.2015 um 13:47 schrieb Stefan Steuer:
in the Privacyidea.conf you have the line with the Documentroot
DocumentRoot /var/wwwBut there are no files - so the result is, when I try to open the
website with the patch which I definied in the WSGIScriptAlias I’ll
get the following error-code in the apache-logFile does not exist: /var/www/pi
–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/f159c173-f815-41c0-8bb8-0d1829fdcd45%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/f159c173-f815-41c0-8bb8-0d1829fdcd45%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
Hi Stefan,
it depends on how you configured the apache vhost.
The URL is determined by the WSGIScriptAlias in your config.
I.e. be default it is /, but you could set it to any other path.
Kind regards
CorneliusAm 22.02.2015 um 11:49 schrieb Stefan Steuer:
Hi,
you should add to the manual, that the user has to add the
directory /var/log/privacyidea/ manually.What is the url for the admin control panel after I installed the
package successful?You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/60b6c40f-c38a-40f0-af55-23f5995c2d8b%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/60b6c40f-c38a-40f0-af55-23f5995c2d8b%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
he last problem is that I’ll get a blank page while opening the otrs-login
screen.
Apache error log:
ERROR: OTRS-CGI-98 Perl: 5.14.2 OS: linux Time: Sun Feb 22 17:10:33 2015
Message: Can’t load backend module Kernel::System::Auth::privacyIDEA!
RemoteAddress: xxx
RequestURI: /otrs/index.pl
Traceback (5256):
Module: Kernel::System::Auth::new Line: 69
Module: Kernel::System::ObjectManager::_ObjectBuild Line: 222
Module: Kernel::System::ObjectManager::Get Line: 176
Module: Kernel::System::Web::InterfaceAgent::Run Line: 721
Module:
ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_index_2epl::handler
Line: 41
Module: (eval) (v1.99) Line: 204
Module: ModPerl::RegistryCooker::run (v1.99) Line: 204
Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 170
Module: ModPerl::Registry::handler (v1.99) Line: 31
Config.pm> $Self->{‘AuthModule’} = ‘Kernel::System::Auth::privacyIDEA’;
$Self->{‘AuthModule::privacyIDEA::URL’} = "
Obviously your apache configuration is interfering.
As mentioned, I assume, that your are running OTRS in the same Apache host?
How does your apache config look like?
Then you need to run privacyIDEA with the wsgiscript alias. Otherwise
the path /otrs/index.pl would be grapped by the WSGI script.
Kind regards
COrneliusAm 22.02.2015 um 18:03 schrieb Stefan Steuer:
any idea regarding the blank otrs login screen?
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/5f29a27e-3c5a-4195-ab4c-84134a328b3b%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/5f29a27e-3c5a-4195-ab4c-84134a328b3b%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
When you need an access to my test enviroment - I can send you the
credentials via pnOn Sunday, February 22, 2015 at 2:42:54 PM UTC+1, Cornelius Kölbel wrote:
You should specify
WSGIScriptAlias /pi /etc…
(without a trailing slash - otherwise you need to call explicitly
https://yourmachine/pi/)But on top of this it looks like, that little error found its way back in,
when specifying a path at the WSGIScriptAlias.I need to look into it.
Kind regards
CorneliusAm 22.02.2015 um 14:34 schrieb Stefan Steuer:
This is my privacyidea.conf - site is enabled.
WSGIPythonHome /opt/privacyidea/privacyidea-venv/
ServerAdmin webmaster@localhost
# You might want to change this
ServerName localhostDocumentRoot /var/www <Directory /> # For Apache 2.4 you need to set this: # Require all granted Options FollowSymLinks AllowOverride None </Directory> # We can run several instances on different paths with differentconfigurations
WSGIScriptAlias /pi/ /etc/privacyidea/piapp.wsgi
#
# The daemon is running as user ‘privacyidea’
# This user should have access to the encKey database encryption file
WSGIDaemonProcess privacyidea processes=1 threads=15
display-name=%{GROUP} user=privacyidea
WSGIProcessGroup privacyidea
WSGIPassAuthorization OnErrorLog /var/log/apache2/error.log LogLevel warn LogFormat "%h %l %u %t %>s \"%m %U %H\" %b \"%{Referer}i\""%{User-agent}i"" privacyIDEA
CustomLog /var/log/apache2/ssl_access.log privacyIDEA# SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine off # If both key and certificate are stored in the same file, onlythe
# SSLCertificateFile directive is needed.SSLCertificateFile /etc/ssl/certs/privacyideaserver.pem
SSLCertificateKeyFile /etc/ssl/private/privacyideaserver.key
<FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0–
You received this message because you are subscribed to the Google Groups
“privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/7157c04d-df2b-4381-ad72-5c9392fade91%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/7157c04d-df2b-4381-ad72-5c9392fade91%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
oh you’re right
So i enabled the site and tried to reload the apache2… failed.
apache2 errorlog:
[Sun Feb 22 11:47:51 2015] [error] [client ] File does not exist:
/var/www/privacyidea
[Sun Feb 22 11:47:52 2015] [error] [client ] File does not exist:
/var/www/favicon.ico
[Sun Feb 22 11:53:23 2015] [error] [client ] File does not exist:
/var/www/privacyidea
[Sun Feb 22 11:53:27 2015] [error] [client ] File does not exist:
/var/www/pi
[Sun Feb 22 11:54:40 2015] [error] [client ] File does not exist:
/var/www/privacyidea-venv
[Sun Feb 22 13:14:15 2015] [error] [client ] File does not exist:
/var/www/productionOn Sunday, February 22, 2015 at 1:09:22 PM UTC+1, Cornelius Kölbel wrote:
Hi Stefan,
it depends on how you configured the apache vhost.
The URL is determined by the WSGIScriptAlias in your config.
I.e. be default it is /, but you could set it to any other path.Kind regards
CorneliusAm 22.02.2015 um 11:49 schrieb Stefan Steuer:
Hi,
you should add to the manual, that the user has to add the directory
/var/log/privacyidea/ manually.What is the url for the admin control panel after I installed the
package successful?You received this message because you are subscribed to the Google Groups
“privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/60b6c40f-c38a-40f0-af55-23f5995c2d8b%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/60b6c40f-c38a-40f0-af55-23f5995c2d8b%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
You should specify
WSGIScriptAlias /pi /etc…
(without a trailing slash - otherwise you need to call explicitly
https://yourmachine/pi/)
But on top of this it looks like, that little error found its way back
in, when specifying a path at the WSGIScriptAlias.
I need to look into it.
Kind regards
CorneliusAm 22.02.2015 um 14:34 schrieb Stefan Steuer:
This is my privacyidea.conf - site is enabled.
WSGIPythonHome /opt/privacyidea/privacyidea-venv/
ServerAdmin webmaster@localhost
# You might want to change this
ServerName localhostDocumentRoot /var/www <Directory /> # For Apache 2.4 you need to set this: # Require all granted Options FollowSymLinks AllowOverride None </Directory> # We can run several instances on different paths with differentconfigurations
WSGIScriptAlias /pi/ /etc/privacyidea/piapp.wsgi
#
# The daemon is running as user ‘privacyidea’
# This user should have access to the encKey database encryption file
WSGIDaemonProcess privacyidea processes=1 threads=15
display-name=%{GROUP} user=privacyidea
WSGIProcessGroup privacyidea
WSGIPassAuthorization OnErrorLog /var/log/apache2/error.log LogLevel warn LogFormat "%h %l %u %t %>s \"%m %U %H\" %b \"%{Referer}i\""%{User-agent}i"" privacyIDEA
CustomLog /var/log/apache2/ssl_access.log privacyIDEA# SSL Engine Switch: # Enable/Disable SSL for this virtual host. SSLEngine off # If both key and certificate are stored in the same file, only the # SSLCertificateFile directive is needed.SSLCertificateFile /etc/ssl/certs/privacyideaserver.pem
SSLCertificateKeyFile /etc/ssl/private/privacyideaserver.key
<FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/7157c04d-df2b-4381-ad72-5c9392fade91%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/7157c04d-df2b-4381-ad72-5c9392fade91%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
Thanks, done.
Kind regards
CorneliusAm 22.02.2015 um 11:41 schrieb Stefan Steuer:
Hi,
I received the following error-code while the commandpi-manage.py createdb
(privacyidea-venv)root@mfaotrs:/# pi-manage.py createdb The configuration name is: production Additional configuration can be read from the file /etc/privacyidea/pi.cfg Traceback (most recent call last): File "/opt/privacyidea/privacyidea-venv/bin/pi-manage.py", line 44, in <module> app = create_app(config_name='production') File "/opt/privacyidea/privacyidea-venv/local/lib/python2.7/site-packages/privacyidea/app.py", line 109, in create_app maxBytes=10000000) File "/usr/lib/python2.7/logging/handlers.py", line 117, in __init__ BaseRotatingHandler.__init__(self, filename, mode, encoding, delay) File "/usr/lib/python2.7/logging/handlers.py", line 64, in __init__ logging.FileHandler.__init__(self, filename, mode, encoding, delay) File "/usr/lib/python2.7/logging/__init__.py", line 901, in __init__ StreamHandler.__init__(self, self._open()) File "/usr/lib/python2.7/logging/__init__.py", line 924, in _open stream = open(self.baseFilename, self.mode) IOError: [Errno 2] No such file or directory: '/var/log/privacyidea/privacyidea.log'–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/4ee67a90-62c9-44b9-8f22-d3ffcd8a5d50%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/4ee67a90-62c9-44b9-8f22-d3ffcd8a5d50%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
Yes - OTRS and privacyIDEA are on the same host.
apache.conf: default config.
privacyidea.conf as posted.
conf.d/otrs.conf
–>>
added for OTRS (http://otrs.org/)
–
ScriptAlias /otrs/ “/opt/otrs/bin/cgi-bin/”
Alias /otrs-web/ “/opt/otrs/var/httpd/htdocs/”
# Setup environment and preload modulesPerlrequire /opt/otrs/scripts/apache2-perl-startup.pl# Reload Perl modules when changed on diskPerlModule Apache2::Reload PerlInitHandler Apache2::Reload# general mod_perl2 options<Location /otrs>ErrorDocument 403 /otrs/customer.pl
ErrorDocument 403 /otrs/index.pl SetHandler perl-script PerlResponseHandler ModPerl::Registry Options +ExecCGI PerlOptions +ParseHeaders PerlOptions +SetupEnv<IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion> </IfModule> <IfModule !mod_version.c> Order allow,deny Allow from all </IfModule><IfModule mod_deflate.c>AddOutputFilterByType DEFLATE text/html text/javascript text/csstext/xml application/json text/json
</IfModule><Directory “/opt/otrs/var/httpd/htdocs/”>
AllowOverride None<IfModule mod_version.c><IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> <IfVersion >= 2.4> Require all granted </IfVersion> </IfModule> <IfModule !mod_version.c> Order allow,deny Allow from all </IfModule><IfModule mod_deflate.c>AddOutputFilterByType DEFLATE text/html text/javascript text/csstext/xml application/json text/json
</IfModule># Make sure CSS and JS files are read as UTF8 by the browsers.AddCharset UTF-8 .css AddCharset UTF-8 .js# Set explicit mime type for woff fonts since it is relatively newand apache may not know about it.
AddType application/font-woff .woff# Cache css-cache for 30 days <Directory "/opt/otrs/var/httpd/htdocs/skins/*/*/css-cache"> <FilesMatch "\.(css|CSS)$"> Header set Cache-Control "max-age=2592000 must-revalidate" <FilesMatch "\.(css|CSS)$">Header set Cache-Control "max-age=2592000 must-revalidate" </FilesMatch> </Directory># Cache css thirdparty for 4 hours, including icon fonts<Directory "/opt/otrs/var/httpd/htdocs/skins/*/*/css/thirdparty"> <FilesMatch "\.(css|CSS|woff|svg)$"> Header set Cache-Control "max-age=14400 must-revalidate" </FilesMatch> </Directory># Cache js-cache for 30 days<Directory "/opt/otrs/var/httpd/htdocs/js/js-cache"> <FilesMatch "\.(js|JS)$"> Header set Cache-Control "max-age=2592000 must-revalidate" </FilesMatch> </Directory># Cache js thirdparty for 4 hours<Directory "/opt/otrs/var/httpd/htdocs/js/thirdparty/"> <FilesMatch "\.(js|JS)$"> Header set Cache-Control "max-age=14400 must-revalidate" </FilesMatch> </Directory>Limit the number of requests per child to avoid excessive memory usage
MaxRequestsPerChild 4000
The OTRS Error log is empty.
only in the apache log are entriesOn Monday, February 23, 2015 at 2:54:44 PM UTC+1, Cornelius Kölbel wrote:
What does the OTRS error log say?
And I think otrs writes to the apache error log, can you see anything
there?Kind regards
CorneliusAm 23.02.2015 um 14:52 schrieb Stefan Steuer:
Same result.
I think that the auth/privacyidea.pm is not compatible with OTRS4On Monday, February 23, 2015 at 2:28:02 PM UTC+1, Cornelius Kölbel wrote:
OK, I was not aware, that you already activated the privacyIDEA module
in OTRS.So you need to change this to the correct URL - I think in your case it
might be:https://localhost/pi/validate/simplecheckKind regards
Cornelius–
You received this message because you are subscribed to the Google Groups
“privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/deaa6563-7427-4405-bbcb-487acfaac18f%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/deaa6563-7427-4405-bbcb-487acfaac18f%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
What does the OTRS error log say?
And I think otrs writes to the apache error log, can you see anything there?
Kind regards
CorneliusAm 23.02.2015 um 14:52 schrieb Stefan Steuer:
Same result.
I think that the auth/privacyidea.pm is not compatible with OTRS4On Monday, February 23, 2015 at 2:28:02 PM UTC+1, Cornelius Kölbel wrote:
OK, I was not aware, that you already activated the privacyIDEA module in OTRS. So you need to change this to the correct URL - I think in your case it might be: https://localhost/pi/validate/simplecheck <https://localhost/pi/validate/simplecheck> Kind regards Cornelius–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/deaa6563-7427-4405-bbcb-487acfaac18f%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/deaa6563-7427-4405-bbcb-487acfaac18f%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.
Same result.
I think that the auth/privacyidea.pm is not compatible with OTRS4On Monday, February 23, 2015 at 2:28:02 PM UTC+1, Cornelius Kölbel wrote:
OK, I was not aware, that you already activated the privacyIDEA module in
OTRS.So you need to change this to the correct URL - I think in your case it
might be:https://localhost/pi/validate/simplecheckKind regards
Cornelius
now I’d input the two lines into the /opt/otrs/Kernel/Config/Default.pm
result: blank page
Apache Error log:
[Mon Feb 23 15:18:50 2015] privacyIDEA.pm: Bareword found where operator
expected at /opt/otrs//Kernel/System/Auth/privacyIDEA.pm line 5, near ““en”
class”
[Mon Feb 23 15:18:50 2015] privacyIDEA.pm: (Missing operator before
class?)
[Mon Feb 23 15:18:50 2015] privacyIDEA.pm: Bareword found where operator
expected at /opt/otrs//Kernel/System/Auth/privacyIDEA.pm line 12, near
“privacyidea”
[Mon Feb 23 15:18:50 2015] privacyIDEA.pm: (Missing operator before
privacyidea?)
ERROR: OTRS-CGI-98 Perl: 5.14.2 OS: linux Time: Mon Feb 23 15:18:50 2015
Message: Unrecognized character \xC2; marked by ← HERE after at master
← HERE near column 49 at /opt/otrs//Kernel/System/Auth/privacyIDEA.pm
line 12.
RemoteAddress: xxxxxx
RequestURI: /otrs/index.pl
Traceback (5403):
Module: Kernel::System::Auth::new Line: 69
Module: Kernel::System::ObjectManager::_ObjectBuild Line: 222
Module: Kernel::System::ObjectManager::Get Line: 176
Module: Kernel::System::Web::InterfaceAgent::Run Line: 721
Module:
ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_index_2epl::handler
Line: 41
Module: (eval) (v1.99) Line: 204
Module: ModPerl::RegistryCooker::run (v1.99) Line: 204
Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 170
Module: ModPerl::Registry::handler (v1.99) Line: 31
ERROR: OTRS-CGI-98 Perl: 5.14.2 OS: linux Time: Mon Feb 23 15:18:50 2015
Message: Can’t load backend module Kernel::System::Auth::privacyIDEA!
RemoteAddress: xxxx
RequestURI: /otrs/index.pl
Traceback (5403):
Module: Kernel::System::Auth::new Line: 69
Module: Kernel::System::ObjectManager::_ObjectBuild Line: 222
Module: Kernel::System::ObjectManager::Get Line: 176
Module: Kernel::System::Web::InterfaceAgent::Run Line: 721
Module:
ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_index_2epl::handler
Line: 41
Module: (eval) (v1.99) Line: 204
Module: ModPerl::RegistryCooker::run (v1.99) Line: 204
Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 170
Module: ModPerl::Registry::handler (v1.99) Line: 31On Monday, February 23, 2015 at 3:04:44 PM UTC+1, Stefan Steuer wrote:
The OTRS Error log is empty.
only in the apache log are entriesOn Monday, February 23, 2015 at 2:54:44 PM UTC+1, Cornelius Kölbel wrote:
What does the OTRS error log say?
And I think otrs writes to the apache error log, can you see anything
there?Kind regards
CorneliusAm 23.02.2015 um 14:52 schrieb Stefan Steuer:
Same result.
I think that the auth/privacyidea.pm is not compatible with OTRS4On Monday, February 23, 2015 at 2:28:02 PM UTC+1, Cornelius Kölbel wrote:
OK, I was not aware, that you already activated the privacyIDEA module
in OTRS.So you need to change this to the correct URL - I think in your case it
might be:https://localhost/pi/validate/simplecheckKind regards
Cornelius–
You received this message because you are subscribed to the Google Groups
“privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/deaa6563-7427-4405-bbcb-487acfaac18f%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/deaa6563-7427-4405-bbcb-487acfaac18f%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
Just looking into it.Am 23.02.2015 um 16:10 schrieb Stefan Steuer:
mhm… any idea?
On Monday, February 23, 2015 at 3:57:01 PM UTC+1, Cornelius Kölbel wrote:
Hi, to my knowledge Logging in OTRS 3 was performed this way: https://github.com/privacyidea/privacyidea/blob/master/authmodules/OTRS/privacyIDEA.pm#L36 <https://github.com/privacyidea/privacyidea/blob/master/authmodules/OTRS/privacyIDEA.pm#L36> See: http://otrs.perl-services.de/docs/otrs/rel-3_0/kernel_system_log.html <http://otrs.perl-services.de/docs/otrs/rel-3_0/kernel_system_log.html> But it looks like, as if it still should exist int 4: http://otrs.perl-services.de/docs/otrs/rel-4_0/kernel_system_log.html <http://otrs.perl-services.de/docs/otrs/rel-4_0/kernel_system_log.html> Am 23.02.2015 um 15:42 schrieb Stefan Steuer:[Mon Feb 23 15:39:03 2015] [error] [Mon Feb 23 15:39:03 2015] -e: No LogObject! at /opt/otrs//Kernel/System/Auth/privacyIDEA.pm line 24.\n [Mon Feb 23 15:39:05 2015] [error] [Mon Feb 23 15:39:05 2015] -e: No LogObject! at /opt/otrs//Kernel/System/Auth/privacyIDEA.pm line 24.\n [Mon Feb 23 15:41:37 2015] [error] [Mon Feb 23 15:41:37 2015] -e: No LogObject! at /opt/otrs//Kernel/System/Auth/privacyIDEA.pm line 24.\n On Monday, February 23, 2015 at 3:40:45 PM UTC+1, Stefan Steuer wrote: Okay... i just found the issue... when I downloaded the file with wget he added some courios google content.... Now I'll get an error 500 (apache error) which I can fix - hopefully ;) -- You received this message because you are subscribed to the Google Groups "privacyidea" group. To unsubscribe from this group and stop receiving emails from it, send an email to privacyidea...@googlegroups.com <javascript:>. To post to this group, send email to priva...@googlegroups.com <javascript:>. To view this discussion on the web visit https://groups.google.com/d/msgid/privacyidea/3bb20cb1-a0a4-4b21-b1da-d30fe0410b0f%40googlegroups.com <https://groups.google.com/d/msgid/privacyidea/3bb20cb1-a0a4-4b21-b1da-d30fe0410b0f%40googlegroups.com?utm_medium=email&utm_source=footer>. For more options, visit https://groups.google.com/d/optout <https://groups.google.com/d/optout>.–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com
mailto:privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com
mailto:privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/447e0f2c-45a7-4a0c-8486-244281675173%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/447e0f2c-45a7-4a0c-8486-244281675173%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout.