Error 500 in login page

asaluena · April 7, 2022, 6:47am

Hi all!

After installation and configuration of privacyIdea in Apache Server, when i try to log as admin at webUI, the application returns:

500 Internal Server Error: The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there is an error in the application.

I followed this guide for installation: guide

When I read privacyidea.log i saw this:

[2022-04-07 08:29:57,250][17740][140490512025344][ERROR][privacyidea.app:1892] Exception on /auth [POST]
Traceback (most recent call last):
  File "/opt/privacyidea/lib/python3.7/site-packages/flask/app.py", line 2447, in wsgi_app
    response = self.full_dispatch_request()
  File "/opt/privacyidea/lib/python3.7/site-packages/flask/app.py", line 1952, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/opt/privacyidea/lib/python3.7/site-packages/flask/app.py", line 1821, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/opt/privacyidea/lib/python3.7/site-packages/flask/_compat.py", line 39, in reraise
    raise value
  File "/opt/privacyidea/lib/python3.7/site-packages/flask/app.py", line 1950, in full_dispatch_request
    rv = self.dispatch_request()
  File "/opt/privacyidea/lib/python3.7/site-packages/flask/app.py", line 1936, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/api/lib/prepolicy.py", line 155, in policy_wrapper
    return wrapped_function(*args, **kwds)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/api/lib/prepolicy.py", line 155, in policy_wrapper
    return wrapped_function(*args, **kwds)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/api/lib/prepolicy.py", line 155, in policy_wrapper
    return wrapped_function(*args, **kwds)
  [Previous line repeated 1 more time]
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/api/lib/postpolicy.py", line 109, in policy_wrapper
    response = wrapped_function(*args, **kwds)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/api/lib/postpolicy.py", line 109, in policy_wrapper
    response = wrapped_function(*args, **kwds)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/api/lib/postpolicy.py", line 109, in policy_wrapper
    response = wrapped_function(*args, **kwds)
  [Previous line repeated 3 more times]
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/lib/event.py", line 100, in event_wrapper
    f_result = func(*args, **kwds)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/api/auth.py", line 351, in get_auth_token
    g.client_ip)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/lib/log.py", line 155, in log_wrapper
    return func(*args, **kwds)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/lib/policy.py", line 1196, in ui_get_rights
    rights = get_static_policy_definitions(scope)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/lib/log.py", line 155, in log_wrapper
    return func(*args, **kwds)
  File "/opt/privacyidea/lib/python3.7/site-packages/privacyidea/lib/policy.py", line 2285, in get_static_policy_definitions
    "the authentication of the user will be denied.").format(AUTHORIZED.DENY),
ValueError: expected ':' after conversion specifier

If I use Postman or Curl, the response is 200 OK.

Files:
/etc/privacyidea/privacyideaapp.wsgi:

import sys
sys.stdout = sys.stderr
from privacyidea.app import create_app
# Now we can select the config file:
application = create_app(config_name="production", config_file="/etc/privacyidea/pi.cfg")

Thanks all!!!

cornelinux · April 7, 2022, 5:06pm

Take a look at the last lines of the traceback.
Could be some faulty policy configuration!
Closely check your policies.

Also check the name of your administrator.

I recommend installing via Ubuntu repo:
https://privacyidea.readthedocs.io/en/latest/installation/ubuntu.html

asaluena · April 19, 2022, 12:30pm

Hi!
I have followed your advice and started the installation via ubuntu packages, but now I get the following error:

Traceback (most recent call last):
File “/opt/privacyidea/bin/pi-manage”, line 61, in
import gnupg
ModuleNotFoundError: No module named ‘gnupg’

The gnupg package is installed on the machine via pip:

pip install gnupg
/usr/lib/python3/dist-packages/secretstorage/dhcrypto.py:15: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead
from cryptography.utils import int_from_bytes
/usr/lib/python3/dist-packages/secretstorage/util.py:19: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead
from cryptography.utils import int_from_bytes
Defaulting to user installation because normal site-packages is not writeable
Requirement already satisfied: gnupg in ./.local/lib/python3.7/site-packages (2.3.1)
Requirement already satisfied: psutil>=1.2.1 in ./.local/lib/python3.7/site-packages (from gnupg) (5.9.0)

cornelinux · April 21, 2022, 6:43am

Are you sure you used a vanilla Ubuntu LTS machine with the right repositories?
Does not look to me that way.

asaluena · April 21, 2022, 7:20am

It’s Debian 10, with focal repositorie

cornelinux · April 21, 2022, 11:28am

Your initial guide is for installation on Ubuntu 20.04.
The packages you are using are for Ubuntu 20.04.

Do not expect to run in the same way on Debian 10!
The guide (which I do not know, and is from 2020!!!.!!!.!!!) and at least the packages are not supposed to run with Debian 10.

With Debian 10 you would need to run a pip installation!

Erika_Kenta · April 22, 2022, 1:21am

Hi!!

I have the same problem in:

administrator@srvlpzpidea:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal

asaluena · April 22, 2022, 6:42am

Ok, I have removed everything that I had installed and modified and I have done a clean installation using pip, and I have reproduced the original error, Error 500 when I try to login in the web application, and 200 OK when I make the login request through CURL or POSTMAN.
Here is my pi.cfg:

PI_PEPPER = '_7AHH_w931RRD3vTeisLxV8e'
SECRET_KEY = '6MkW2UJfXH_g_ILGSE4QHV1D'
# The realm, where users are allowed to login as administrators
SUPERUSER_REALM = ['super', 'administrators']
# Your database
# This is used to encrypt the auth_token
# This is used to encrypt the token data and token passwords
PI_ENCFILE = '/.../privacyidea/lib/python3.7/site-packages/enckey'
# This is used to sign the audit log
PI_AUDIT_KEY_PRIVATE = '/.../privacyidea/lib/python3.7/site-packages/private.pem'
PI_AUDIT_KEY_PUBLIC = '/.../privacyidea/lib/python3.7/site-packages/public.pem'
# Truncate Audit entries to fit into DB columns
PI_AUDIT_SQL_TRUNCATE = True

asaluena · April 27, 2022, 8:15am

Hi all!

I modify every file with errors, the problem is that at some points in the program it conflicted when trying to write to the log using a format specification with ! instead of with :

Erika_Kenta · May 4, 2022, 2:55am

Thanks!!! It’s correct!!

cornelinux · May 4, 2022, 3:14pm

The community spanish translation was broken.