**Copied from github Ticket #712
Setup
- PrivacyIDEA 2.19
- Ubuntu Xenial 16.04
- apache2
- mysql
##Backup created from 2.18.1 with
pi-manage backup create -e -c /etc/privacyidea -d /root/
What did you try to do?
-
Installed fresh OS and Privacyidea 2.19
-
Restored from 2.18.1 backup using
pi-manage backup restore /root/privacyidea.backup
##NOTE - pi.cfg, enckey, and private/public keys successfully replaced using above command. -
Tested WebUI logging in with current token (only 1 TOTP active/enabled) - Success!
-
Created additional HOTP Token with same user account (this user has now 2 tokens active/enabled)- OK
-
Log-In with username+userstorePW- PARTIAL, Error: InvalidRequestError
What outcome did you expect?
- Multiple Challenge support.
What outcome did you experience?
- After successfully authenticating with username+userstorePW, the system throws an Error and does not proceed with the second authentication (challenge/response).
Log file
PI_LOGLEVEL = 20
InvalidRequestError: This Session's transaction has been rolled back due to a previous exception during flush. To begin a new transaction with this Session, first issue Session.rollback(). Original exception was: (pymysql.err.IntegrityError) (1062, u"Duplicate entry '13280164813209959638' for key 'ix_challenge_transaction_id'") [SQL: u'INSERT INTO challenge (transaction_id, data, challenge, session, serial, timestamp, expiration, received_count, otp_valid) VALUES (%(transaction_id)s, %(data)s, %(challenge)s, %(session)s, %(serial)s, %(timestamp)s, %(expiration)s, %(received_count)s, %(otp_valid)s)'] [parameters: {'timestamp': datetime.datetime(2017, 5, 29, 12, 17, 54, 916739), 'challenge': u'', 'session': u'', 'expiration': datetime.datetime(2017, 5, 29, 12, 22, 54, 916773), 'serial': u'PISM0001C1CB', 'data': u'', 'otp_valid': 0, 'transaction_id': u'13280164813209959638', 'received_count': 0}] [2017-05-29 12:17:54,955][13134][140115673065216][ERROR][privacyidea.lib.auditmodules.sqlaudit:238] exception DataError('(pymysql.err.DataError) (1406, u"Data too long for column \'info\' at row 1")',) [2017-05-29 12:17:54,955][13134][140115673065216][ERROR][privacyidea.lib.auditmodules.sqlaudit:239] DATA: {'info': u'This Session\'s transaction has been rolled back due to a previous exception during flush. To begin a new transaction with this Session, first issue Session.rollback(). Original exception was: (pymysql.err.IntegrityError) (1062, u"Duplicate entry \'13280164813209959638\' for key \'ix_challenge_transaction_id\'") [SQL: u\'INSERT INTO challenge (transaction_id, data, challenge, session, serial, timestamp, expiration, received_count, otp_valid) VALUES (%(transaction_id)s, %(data)s, %(challenge)s, %(session)s, %(serial)s, %(timestamp)s, %(expiration)s, %(received_count)s, %(otp_valid)s)\'] [parameters: {\'timestamp\': datetime.datetime(2017, 5, 29, 12, 17, 54, 916739), \'challenge\': u\'\', \'session\': u\'\', \'expiration\': datetime.datetime(2017, 5, 29, 12, 22, 54, 916773), \'serial\': u\'PISM0001C1CB\', \'data\': u\'\', \'otp_valid\': 0, \'transaction_id\': u\'13280164813209959638\', \'received_count\': 0}]', 'success': False, 'privacyidea_server': 'zitpcx16525', 'client_user_agent': 'firefox', 'client': '131.169.185.99', 'user': u'myusername', 'action_detail': '', 'action': 'POST /auth'}
New Database
This does not happen using a newly created DB ‘pi-manage createdb’
- pi-manage createdb
- pi-manage add admin
- admin log in via WebUI and configured SAME policies, realms, resolver, etc.
- created two tokens for user ‘myusername’ (tokens- HOTP, TOTP)
- myusername logs in using credentials- OK
- Privacyidea prompts myusername for OTP- myusername gets authenticated by either HOTP or TOTP - Success!
Am I missing something with the migration?
Regards,