Getting started guides for PrivacyIDEA

Hi Nicke,

no. You indeed need no quotes.

The interesting line is
ValueError(“No JSON object could be decoded”)

I.e. the url you requested, did not respond as expected.

Can you see this /validate/check request in the Audit log in the web UI?
What does it say there?

Kind regards
CorneliusAm Mittwoch, den 10.06.2015, 04:34 -0700 schrieb Nicke:

Yeah, you are right, access right errors. Am a little tired so did not
pay attention enough.

So here is the output now,
Jun 10 12:57:50 files mod_wsgi: Reading configuration
https://auth.example.com, localhost, False
Jun 10 12:57:50 files mod_wsgi: Authentication with
https://auth.example.com, localhost, False
Jun 10 12:57:50 files mod_wsgi: requests < 1.0
Jun 10 12:57:50 files mod_wsgi: Traceback (most recent call
last):#012 File “/usr/share/pyshared/privacyidea_apache.py”, line 75,
in check_password#012 json_response = response.json()#012 File
“/usr/lib/python2.7/dist-packages/requests/models.py”, line 741, in
json#012 return json.loads(self.text, **kwargs)#012 File
“/usr/lib/python2.7/json/init.py”, line 338, in loads#012
return _default_decoder.decode(s)#012 File
“/usr/lib/python2.7/json/decoder.py”, line 366, in decode#012 obj,
end = self.raw_decode(s, idx=_w(s, 0).end())#012 File
“/usr/lib/python2.7/json/decoder.py”, line 384, in raw_decode#012
raise ValueError(“No JSON object could be decoded”)#012ValueError: No
JSON object could be decoded

When having privacyidea = “https://auth.example.com
in /etc/privacyidea/apache.conf
mod_wsgi (pid=4865): Exception occurred processing WSGI script
‘/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 72, in
check_password
verify=SSLVERIFY)
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 88,
in post
return request(‘post’, url, data=data, **kwargs)
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 44,
in request
return session.request(method=method, url=url, **kwargs)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
455, in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
553, in send
adapter = self.get_adapter(url=request.url)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
598, in get_adapter
raise InvalidSchema(“No connection adapters were found for ‘%s’”
% url)
InvalidSchema: No connection adapters were found for
‘“https://auth.example.com”/validate/check’

mod_wsgi (pid=4865): Exception occurred processing WSGI script
‘/usr/share/pyshared/privacyidea_apache.py’., referer:
https://subdomain.example.com/
Traceback (most recent call last):, referer:
https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 72, in
check_password, referer: https://subdomain.example.com/
verify=SSLVERIFY), referer: https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 88,
in post, referer: https://subdomain.example.com/
return request(‘post’, url, data=data, **kwargs), referer:
https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 44,
in request, referer: https://subdomain.example.com/
return session.request(method=method, url=url, **kwargs),
referer: https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
455, in request, referer: https://subdomain.example.com/
resp = self.send(prep, **send_kwargs), referer:
https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
553, in send, referer: https://subdomain.example.com/
adapter = self.get_adapter(url=request.url), referer:
https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
598, in get_adapter, referer: https://subdomain.example.com/
raise InvalidSchema(“No connection adapters were found for ‘%s’”
% url), referer: https://subdomain.example.com/
InvalidSchema: No connection adapters were found for
‘“https://auth.example.com”/validate/check’, referer:
https://subdomain.example.com/

When having privacyidea = https://auth.example.com
in /etc/privacyidea/apache.conf

mod_wsgi (pid=4865): Exception occurred processing WSGI script
‘/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 83, in
check_password
if json_response.get(“result”, {}).get(“value”):
AttributeError: ‘function’ object has no attribute ‘get’

mod_wsgi (pid=4865): Exception occurred processing WSGI script
‘/usr/share/pyshared/privacyidea_apache.py’., referer:
https://subdomain.example.com/
Traceback (most recent call last):, referer:
https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 83, in
check_password, referer: https://subdomain.example.com/
if json_response.get(“result”, {}).get(“value”):, referer:
https://subdomain.example.com/
AttributeError: ‘function’ object has no attribute ‘get’, referer:
https://subdomain.example.com/

Den onsdag 10 juni 2015 kl. 12:48:34 UTC+2 skrev Cornelius Kölbel:
Hi,

    please check the access right of 
    /usr/share/pyshared/privacyidea_apache.py 
    
    The apache user should be able to read it. 
    Should be 644. 
    
    Kind regards 
    Cornelius 
    
    
    Am Mittwoch, den 10.06.2015, 03:15 -0700 schrieb Nicke: 
    > Am running Ubuntu 14.04.2 on the client machine having 
    > privacyidea-apache-client installed, this is called 
    > "subdomain.example.com". 
    > Authentication server is another host running the same
    system. This 
    > machine is called "auth.example.com". 
    > 
    > 
    > Here is the only output with your new file, 
    > [Wed Jun 10 12:12:19.064834 2015] [:error] [pid 4728:tid 
    > 139652069586688] (13)Permission denied: [client 
    > 2a02:xxx:0:10:cccc:97fc:6f52:b703:36240] mod_wsgi
    (pid=4728, 
    > process='', application=''): Call to fopen() failed for 
    > '/usr/share/pyshared/privacyidea_apache.py'. 
    > [Wed Jun 10 12:12:19.250990 2015] [:error] [pid 4728:tid 
    > 139652052801280] (13)Permission denied: [client 
    > 2a02:xxx:0:10:cccc:97fc:6f52:b703:36241] mod_wsgi
    (pid=4728, 
    > process='', application=''): Call to fopen() failed for 
    > '/usr/share/pyshared/privacyidea_apache.py'., referer: 
    > https://subdomain.example.com/ 
    > 
    > 
    > 
    > Den onsdag 10 juni 2015 kl. 12:02:52 UTC+2 skrev Cornelius
    Kölbel: 
    >         Hi, 
    >         
    >         I am sorry. On what system are you running? 
    >         (I would like to try running request 2.x) 
    >         
    >         Probably there is an exception where it should not
    be. 
    >         Could you please use the attached file, restart
    apache and 
    >         take a look 
    >         at the syslog again. 
    >         
    >         Thx and kind regards 
    >         Cornelius 
    >         
    >         Am Mittwoch, den 10.06.2015, 02:41 -0700 schrieb
    Nicke: 
    >         > Hi 
    >         > 1) 
    >         > Before it was 
    >         > [DEFAULT] 
    >         > redis = "localhost" 
    >         > privacyidea = "https://auth.example.com" 
    >         > sslverify = False 
    >         > 
    >         > 
    >         > But that created exceptions so I changed that to 
    >         > [DEFAULT] 
    >         > redis = localhost 
    >         > privacyidea = https://auth.example.com 
    >         > sslverify = False 
    >         > 
    >         > 
    >         > 2) 
    >         > Se above 
    >         > 
    >         > 
    >         > 3) 
    >         > It contains 
    >         > mod_wsgi: requests < 1.0 
    >         > 
    >         > 
    >         > 
    >         > Den onsdag 10 juni 2015 kl. 11:31:30 UTC+2 skrev
    Cornelius 
    >         Kölbel: 
    >         >         Hi Nicke, 
    >         >         
    >         >         1.) what did you remove? I did not get it
    in the 
    >         formatting. 
    >         >         
    >         >         2.) How does
    your /etc/privacyidea/apache.conf looks 
    >         like, 
    >         >         now? 
    >         >         
    >         >         3.) Does you /var/log/syslog contain 
    >         >         
    >         >         "request > 1.0" 
    >         >         
    >         >         or 
    >         >         
    >         >         "request < 1.0" 
    >         >         
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Mittwoch, den 10.06.2015, 02:18 -0700 schrieb 
    >         Nicke: 
    >         >         > You are right, it does work now. I do
    not know 
    >         what I did 
    >         >         wrong last 
    >         >         > time I tried. 
    >         >         > 
    >         >         > 
    >         >         > The file /etc/privacyidea/apache.conf
    contains " 
    >         on redis 
    >         >         and 
    >         >         > privacyidea value. In apache error file
    it 
    >         complains (error) 
    >         >         about 
    >         >         > this so I had to remove it. 
    >         >         > Anway, I still can not get this to work,
    I get 
    >         >         > 
    >         >         > 
    >         >         >  mod_wsgi (pid=4105): Exception
    occurred 
    >         processing WSGI 
    >         >         script 
    >         >         >
    '/usr/share/pyshared/privacyidea_apache.py'. 
    >         >         >  Traceback (most recent call last): 
    >         >         >    File 
    >         "/usr/share/pyshared/privacyidea_apache.py", line 
    >         >         81, in 
    >         >         > check_password 
    >         >         >      if json_response.get("result", 
    >         {}).get("value"): 
    >         >         >  AttributeError: 'function' object has
    no 
    >         attribute 'get' 
    >         >         >  mod_wsgi (pid=4105): Exception
    occurred 
    >         processing WSGI 
    >         >         script 
    >         >         >
    '/usr/share/pyshared/privacyidea_apache.py'., 
    >         referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         >  Traceback (most recent call last):,
    referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         >    File 
    >         "/usr/share/pyshared/privacyidea_apache.py", line 
    >         >         81, in 
    >         >         > check_password, referer: 
    >         https://subdomain.example.com/ 
    >         >         >      if json_response.get("result", 
    >         {}).get("value"):, 
    >         >         referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         >  AttributeError: 'function' object has
    no 
    >         attribute 'get', 
    >         >         referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > Den onsdag 10 juni 2015 kl. 10:43:28 UTC
    +2 skrev 
    >         Cornelius 
    >         >         Kölbel: 
    >         >         >         Hi Nicke, 
    >         >         >         
    >         >         >         it does. 
    >         >         >         Did you run an apt-get update? 
    >         >         >         
    >         >         >         Kind regards 
    >         >         >         Cornelius 
    >         >         >         
    >         >         >         Am Mittwoch, den 10.06.2015, 01:30 -0700  schrieb 
    >         >         Nicke: 
    >         >         >         > For me to be able to test this
    it would 
    >         be good 
    >         >         if 
    >         >         >         > privacyidea-apache-client
    exist in the 
    >         dev 
    >         >         repository on 
    >         >         >         launchpad. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         >         add-apt-repository 
    >         >         ppa:privacyidea/privacyidea-dev 
    >         >         >         >         apt-get update 
    >         >         >         >         apt-get install 
    >         privacyidea-apache-client 
    >         >         >         > .. does not work on Ubuntu
    14.04 
    >         because 
    >         >         >         privacyidea-apache-client is 
    >         >         >         > missing. 
    >         >         >         > -- 
    >         >         >         > You received this message
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > To view this discussion on the
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/ac3b3d13-3fed-4d19-98f8-cd038d5d4ceb%40googlegroups.com. 
    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > You received this message because you
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > To view this discussion on the web
    visit 
    >         >         > 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/55416469-bde4-4e6f-bbbc-8462b4e1da1b%40googlegroups.com. 
    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel,
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > You received this message because you are
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > To view this discussion on the web visit 
    >         > 
    >
    https://groups.google.com/d/msgid/privacyidea/bfc540e9-7e7a-4524-ace6-f207dab1730a%40googlegroups.com. 
    >         > For more options, visit
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/140accd8-8d81-4840-a2b0-dad6e4639ccd%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/fd2dc6ce-260c-4214-8ab2-6f58c3532b8d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (819 Bytes)

Hi Nicke,

1.) what did you remove? I did not get it in the formatting.

2.) How does your /etc/privacyidea/apache.conf looks like, now?

3.) Does you /var/log/syslog contain

“request > 1.0”

or

“request < 1.0”

Kind regards
CorneliusAm Mittwoch, den 10.06.2015, 02:18 -0700 schrieb Nicke:

You are right, it does work now. I do not know what I did wrong last
time I tried.

The file /etc/privacyidea/apache.conf contains " on redis and
privacyidea value. In apache error file it complains (error) about
this so I had to remove it.
Anway, I still can not get this to work, I get

mod_wsgi (pid=4105): Exception occurred processing WSGI script
‘/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 81, in
check_password
if json_response.get(“result”, {}).get(“value”):
AttributeError: ‘function’ object has no attribute ‘get’
mod_wsgi (pid=4105): Exception occurred processing WSGI script
‘/usr/share/pyshared/privacyidea_apache.py’., referer:
https://subdomain.example.com/
Traceback (most recent call last):, referer:
https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 81, in
check_password, referer: https://subdomain.example.com/
if json_response.get(“result”, {}).get(“value”):, referer:
https://subdomain.example.com/
AttributeError: ‘function’ object has no attribute ‘get’, referer:
https://subdomain.example.com/

Den onsdag 10 juni 2015 kl. 10:43:28 UTC+2 skrev Cornelius Kölbel:
Hi Nicke,

    it does. 
    Did you run an apt-get update? 
    
    Kind regards 
    Cornelius 
    
    Am Mittwoch, den 10.06.2015, 01:30 -0700 schrieb Nicke: 
    > For me to be able to test this it would be good if 
    > privacyidea-apache-client exist in the dev repository on
    launchpad. 
    > 
    > 
    >         add-apt-repository ppa:privacyidea/privacyidea-dev 
    >         apt-get update 
    >         apt-get install privacyidea-apache-client 
    > .. does not work on Ubuntu 14.04 because
    privacyidea-apache-client is 
    > missing. 
    > -- 
    > You received this message because you are subscribed to the
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    >
    https://groups.google.com/d/msgid/privacyidea/ac3b3d13-3fed-4d19-98f8-cd038d5d4ceb%40googlegroups.com. 
    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/55416469-bde4-4e6f-bbbc-8462b4e1da1b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (819 Bytes)

Hi
1)
Before it was
[DEFAULT]
redis = "localhost"
privacyidea = "https://auth.example.com"
sslverify = False

But that created exceptions so I changed that to
[DEFAULT]
redis = localhost
privacyidea = https://auth.example.com
sslverify = False

2)
Se above

It contains
mod_wsgi: requests < 1.0

Den onsdag 10 juni 2015 kl. 11:31:30 UTC+2 skrev Cornelius Kölbel:>

Hi Nicke,

1.) what did you remove? I did not get it in the formatting.

2.) How does your /etc/privacyidea/apache.conf looks like, now?

3.) Does you /var/log/syslog contain

“request > 1.0”

or

“request < 1.0”

Kind regards
Cornelius

Am Mittwoch, den 10.06.2015, 02:18 -0700 schrieb Nicke:

You are right, it does work now. I do not know what I did wrong last
time I tried.

The file /etc/privacyidea/apache.conf contains " on redis and
privacyidea value. In apache error file it complains (error) about
this so I had to remove it.
Anway, I still can not get this to work, I get

mod_wsgi (pid=4105): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 81, in
check_password
if json_response.get(“result”, {}).get(“value”):
AttributeError: ‘function’ object has no attribute ‘get’
mod_wsgi (pid=4105): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’., referer:
https://subdomain.example.com/
Traceback (most recent call last):, referer:
https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 81, in
check_password, referer: https://subdomain.example.com/
if json_response.get(“result”, {}).get(“value”):, referer:
https://subdomain.example.com/
AttributeError: ‘function’ object has no attribute ‘get’, referer:
https://subdomain.example.com/

Den onsdag 10 juni 2015 kl. 10:43:28 UTC+2 skrev Cornelius Kölbel:
Hi Nicke,

    it does. 
    Did you run an apt-get update? 
    
    Kind regards 
    Cornelius 
    
    Am Mittwoch, den 10.06.2015, 01:30 -0700 schrieb Nicke: 
    > For me to be able to test this it would be good if 
    > privacyidea-apache-client exist in the dev repository on 
    launchpad. 
    > 
    > 
    >         add-apt-repository ppa:privacyidea/privacyidea-dev 
    >         apt-get update 
    >         apt-get install privacyidea-apache-client 
    > .. does not work on Ubuntu 14.04 because 
    privacyidea-apache-client is 
    > missing. 
    > -- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/ac3b3d13-3fed-4d19-98f8-cd038d5d4ceb%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/55416469-bde4-4e6f-bbbc-8462b4e1da1b%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Yeah, you are right, access right errors. Am a little tired so did not pay
attention enough.

So here is the output now,
Jun 10 12:57:50 files mod_wsgi: Reading configuration https://auth.example.com,
localhost, False
Jun 10 12:57:50 files mod_wsgi: Authentication with https://auth.example.com,
localhost, False
Jun 10 12:57:50 files mod_wsgi: requests < 1.0
Jun 10 12:57:50 files mod_wsgi: Traceback (most recent call last):#012
File “/usr/share/pyshared/privacyidea_apache.py”, line 75, in
check_password#012 json_response = response.json()#012 File
"/usr/lib/python2.7/dist-packages/requests/models.py", line 741, in
json#012 return json.loads(self.text, **kwargs)#012 File
"/usr/lib/python2.7/json/init.py", line 338, in loads#012 return
_default_decoder.decode(s)#012 File “/usr/lib/python2.7/json/decoder.py”,
line 366, in decode#012 obj, end = self.raw_decode(s, idx=_w(s,
0).end())#012 File “/usr/lib/python2.7/json/decoder.py”, line 384, in
raw_decode#012 raise ValueError(“No JSON object could be
decoded”)#012ValueError: No JSON object could be decoded

When having privacyidea = “https://auth.example.com” in
/etc/privacyidea/apache.conf
mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 72, in
check_password
verify=SSLVERIFY)
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 88, in post
return request(‘post’, url, data=data, **kwargs)
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 44, in
request
return session.request(method=method, url=url, **kwargs)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line 455,
in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line 553,
in send
adapter = self.get_adapter(url=request.url)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line 598,
in get_adapter
raise InvalidSchema(“No connection adapters were found for ‘%s’” % url)
InvalidSchema: No connection adapters were found for
’“https://auth.example.com”/validate/check’

mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’., referer: https:
//subdomain.example.com/
Traceback (most recent call last):, referer: https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 72, in
check_password, referer: https://subdomain.example.com/
verify=SSLVERIFY), referer: https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 88, in post
, referer: https://subdomain.example.com/
return request(‘post’, url, data=data, **kwargs), referer: https:
//subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 44, in
request, referer: https://subdomain.example.com/
return session.request(method=method, url=url, **kwargs), referer:
https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line 455,
in request, referer: https://subdomain.example.com/
resp = self.send(prep, **send_kwargs), referer: https:
//subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line 553,
in send, referer: https://subdomain.example.com/
adapter = self.get_adapter(url=request.url), referer: https:
//subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line 598,
in get_adapter, referer: https://subdomain.example.com/
raise InvalidSchema(“No connection adapters were found for ‘%s’” % url
), referer: https://subdomain.example.com/
InvalidSchema: No connection adapters were found for
’“https://auth.example.com”/validate/check’, referer: https:
//subdomain.example.com/

When having privacyidea = https://auth.example.com in
/etc/privacyidea/apache.conf
mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 83, in
check_password
if json_response.get(“result”, {}).get(“value”):
AttributeError: ‘function’ object has no attribute ‘get’

mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’., referer: https:
//subdomain.example.com/
Traceback (most recent call last):, referer: https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 83, in
check_password, referer: https://subdomain.example.com/
if json_response.get(“result”, {}).get(“value”):, referer: https:
//subdomain.example.com/
AttributeError: ‘function’ object has no attribute ‘get’, referer: https:
//subdomain.example.com/

Den onsdag 10 juni 2015 kl. 12:48:34 UTC+2 skrev Cornelius Kölbel:>

Hi,

please check the access right of
/usr/share/pyshared/privacyidea_apache.py

The apache user should be able to read it.
Should be 644.

Kind regards
Cornelius

Am Mittwoch, den 10.06.2015, 03:15 -0700 schrieb Nicke:

Am running Ubuntu 14.04.2 on the client machine having
privacyidea-apache-client installed, this is called
"subdomain.example.com".
Authentication server is another host running the same system. This
machine is called “auth.example.com”.

Here is the only output with your new file,
[Wed Jun 10 12:12:19.064834 2015] [:error] [pid 4728:tid
139652069586688] (13)Permission denied: [client
2a02:xxx:0:10:cccc:97fc:6f52:b703:36240] mod_wsgi (pid=4728,
process=’’, application=’’): Call to fopen() failed for
’/usr/share/pyshared/privacyidea_apache.py’.
[Wed Jun 10 12:12:19.250990 2015] [:error] [pid 4728:tid
139652052801280] (13)Permission denied: [client
2a02:xxx:0:10:cccc:97fc:6f52:b703:36241] mod_wsgi (pid=4728,
process=’’, application=’’): Call to fopen() failed for
’/usr/share/pyshared/privacyidea_apache.py’., referer:
https://subdomain.example.com/

Den onsdag 10 juni 2015 kl. 12:02:52 UTC+2 skrev Cornelius Kölbel:
Hi,

    I am sorry. On what system are you running? 
    (I would like to try running request 2.x) 
    
    Probably there is an exception where it should not be. 
    Could you please use the attached file, restart apache and 
    take a look 
    at the syslog again. 
    
    Thx and kind regards 
    Cornelius 
    
    Am Mittwoch, den 10.06.2015, 02:41 -0700 schrieb Nicke: 
    > Hi 
    > 1) 
    > Before it was 
    > [DEFAULT] 
    > redis = "localhost" 
    > privacyidea = "https://auth.example.com" 
    > sslverify = False 
    > 
    > 
    > But that created exceptions so I changed that to 
    > [DEFAULT] 
    > redis = localhost 
    > privacyidea = https://auth.example.com 
    > sslverify = False 
    > 
    > 
    > 2) 
    > Se above 
    > 
    > 
    > 3) 
    > It contains 
    > mod_wsgi: requests < 1.0 
    > 
    > 
    > 
    > Den onsdag 10 juni 2015 kl. 11:31:30 UTC+2 skrev Cornelius 
    Kölbel: 
    >         Hi Nicke, 
    >         
    >         1.) what did you remove? I did not get it in the 
    formatting. 
    >         
    >         2.) How does your /etc/privacyidea/apache.conf looks 
    like, 
    >         now? 
    >         
    >         3.) Does you /var/log/syslog contain 
    >         
    >         "request > 1.0" 
    >         
    >         or 
    >         
    >         "request < 1.0" 
    >         
    >         
    >         Kind regards 
    >         Cornelius 
    >         
    >         Am Mittwoch, den 10.06.2015, 02:18 -0700 schrieb 
    Nicke: 
    >         > You are right, it does work now. I do not know 
    what I did 
    >         wrong last 
    >         > time I tried. 
    >         > 
    >         > 
    >         > The file /etc/privacyidea/apache.conf contains " 
    on redis 
    >         and 
    >         > privacyidea value. In apache error file it 
    complains (error) 
    >         about 
    >         > this so I had to remove it. 
    >         > Anway, I still can not get this to work, I get 
    >         > 
    >         > 
    >         >  mod_wsgi (pid=4105): Exception occurred 
    processing WSGI 
    >         script 
    >         > '/usr/share/pyshared/privacyidea_apache.py'. 
    >         >  Traceback (most recent call last): 
    >         >    File 
    "/usr/share/pyshared/privacyidea_apache.py", line 
    >         81, in 
    >         > check_password 
    >         >      if json_response.get("result", 
    {}).get("value"): 
    >         >  AttributeError: 'function' object has no 
    attribute 'get' 
    >         >  mod_wsgi (pid=4105): Exception occurred 
    processing WSGI 
    >         script 
    >         > '/usr/share/pyshared/privacyidea_apache.py'., 
    referer: 
    >         > https://subdomain.example.com/ 
    >         >  Traceback (most recent call last):, referer: 
    >         > https://subdomain.example.com/ 
    >         >    File 
    "/usr/share/pyshared/privacyidea_apache.py", line 
    >         81, in 
    >         > check_password, referer: 
    https://subdomain.example.com/ 
    >         >      if json_response.get("result", 
    {}).get("value"):, 
    >         referer: 
    >         > https://subdomain.example.com/ 
    >         >  AttributeError: 'function' object has no 
    attribute 'get', 
    >         referer: 
    >         > https://subdomain.example.com/ 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > 
    >         > Den onsdag 10 juni 2015 kl. 10:43:28 UTC+2 skrev 
    Cornelius 
    >         Kölbel: 
    >         >         Hi Nicke, 
    >         >         
    >         >         it does. 
    >         >         Did you run an apt-get update? 
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Mittwoch, den 10.06.2015, 01:30 -0700  schrieb 
    >         Nicke: 
    >         >         > For me to be able to test this it would 
    be good 
    >         if 
    >         >         > privacyidea-apache-client exist in the 
    dev 
    >         repository on 
    >         >         launchpad. 
    >         >         > 
    >         >         > 
    >         >         >         add-apt-repository 
    >         ppa:privacyidea/privacyidea-dev 
    >         >         >         apt-get update 
    >         >         >         apt-get install 
    privacyidea-apache-client 
    >         >         > .. does not work on Ubuntu 14.04 
    because 
    >         >         privacyidea-apache-client is 
    >         >         > missing. 
    >         >         > -- 
    >         >         > You received this message because you 
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop 
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to 
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > To view this discussion on the web 
    visit 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/ac3b3d13-3fed-4d19-98f8-cd038d5d4ceb%40googlegroups.com.

    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel, 
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561 
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/55416469-bde4-4e6f-bbbc-8462b4e1da1b%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/bfc540e9-7e7a-4524-ace6-f207dab1730a%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/140accd8-8d81-4840-a2b0-dad6e4639ccd%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

You are right, it does work now. I do not know what I did wrong last time I
tried.

The file /etc/privacyidea/apache.conf contains " on redis and privacyidea
value. In apache error file it complains (error) about this so I had to
remove it.
Anway, I still can not get this to work, I get

mod_wsgi (pid=4105): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 81, in
check_password
if json_response.get(“result”, {}).get(“value”):
AttributeError: ‘function’ object has no attribute ‘get’
mod_wsgi (pid=4105): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’., referer: https:
//subdomain.example.com/
Traceback (most recent call last):, referer: https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 81, in
check_password, referer: https://subdomain.example.com/
if json_response.get(“result”, {}).get(“value”):, referer: https:
//subdomain.example.com/
AttributeError: ‘function’ object has no attribute ‘get’, referer: https:
//subdomain.example.com/

Den onsdag 10 juni 2015 kl. 10:43:28 UTC+2 skrev Cornelius Kölbel:>

Hi Nicke,

it does.
Did you run an apt-get update?

Kind regards
Cornelius

Am Mittwoch, den 10.06.2015, 01:30 -0700 schrieb Nicke:

For me to be able to test this it would be good if
privacyidea-apache-client exist in the dev repository on launchpad.

    add-apt-repository ppa:privacyidea/privacyidea-dev 
    apt-get update 
    apt-get install privacyidea-apache-client 

… does not work on Ubuntu 14.04 because privacyidea-apache-client is
missing.

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/ac3b3d13-3fed-4d19-98f8-cd038d5d4ceb%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

Hi Nicke,

it does.
Did you run an apt-get update?

Kind regards
CorneliusAm Mittwoch, den 10.06.2015, 01:30 -0700 schrieb Nicke:

For me to be able to test this it would be good if
privacyidea-apache-client exist in the dev repository on launchpad.

    add-apt-repository ppa:privacyidea/privacyidea-dev 
    apt-get update 
    apt-get install privacyidea-apache-client

… does not work on Ubuntu 14.04 because privacyidea-apache-client is
missing.

You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/ac3b3d13-3fed-4d19-98f8-cd038d5d4ceb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
@cornelinux
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel

signature.asc (819 Bytes)

Hi
Now when I have slept for a while I look with new eyes on the problem and
see directly that am doing it wrong. My privacyidea host is not
auth.example.com but aaa.example.com. So embarrassing.
Your basic auth client works great.
The only thing I believe you can improve is the error message for the next
m****n that tries to authenticate against wrong URL.

Truly sorry for taking up your time.

Den onsdag 10 juni 2015 kl. 14:26:44 UTC+2 skrev Cornelius Kölbel:>

Hi Nicke,

no. You indeed need no quotes.

The interesting line is
ValueError(“No JSON object could be decoded”)

I.e. the url you requested, did not respond as expected.

Can you see this /validate/check request in the Audit log in the web UI?
What does it say there?

Kind regards
Cornelius

Am Mittwoch, den 10.06.2015, 04:34 -0700 schrieb Nicke:

Yeah, you are right, access right errors. Am a little tired so did not
pay attention enough.

So here is the output now,
Jun 10 12:57:50 files mod_wsgi: Reading configuration
https://auth.example.com, localhost, False
Jun 10 12:57:50 files mod_wsgi: Authentication with
https://auth.example.com, localhost, False
Jun 10 12:57:50 files mod_wsgi: requests < 1.0
Jun 10 12:57:50 files mod_wsgi: Traceback (most recent call
last):#012 File “/usr/share/pyshared/privacyidea_apache.py”, line 75,
in check_password#012 json_response = response.json()#012 File
"/usr/lib/python2.7/dist-packages/requests/models.py", line 741, in
json#012 return json.loads(self.text, **kwargs)#012 File
"/usr/lib/python2.7/json/init.py", line 338, in loads#012
return _default_decoder.decode(s)#012 File
"/usr/lib/python2.7/json/decoder.py", line 366, in decode#012 obj,
end = self.raw_decode(s, idx=_w(s, 0).end())#012 File
"/usr/lib/python2.7/json/decoder.py", line 384, in raw_decode#012
raise ValueError(“No JSON object could be decoded”)#012ValueError: No
JSON object could be decoded

When having privacyidea = "https://auth.example.com"
in /etc/privacyidea/apache.conf
mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 72, in
check_password
verify=SSLVERIFY)
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 88,
in post
return request(‘post’, url, data=data, **kwargs)
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 44,
in request
return session.request(method=method, url=url, **kwargs)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
455, in request
resp = self.send(prep, **send_kwargs)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
553, in send
adapter = self.get_adapter(url=request.url)
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
598, in get_adapter
raise InvalidSchema(“No connection adapters were found for ‘%s’”
% url)
InvalidSchema: No connection adapters were found for
’“https://auth.example.com”/validate/check’

mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’., referer:
https://subdomain.example.com/
Traceback (most recent call last):, referer:
https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 72, in
check_password, referer: https://subdomain.example.com/
verify=SSLVERIFY), referer: https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 88,
in post, referer: https://subdomain.example.com/
return request(‘post’, url, data=data, **kwargs), referer:
https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/api.py”, line 44,
in request, referer: https://subdomain.example.com/
return session.request(method=method, url=url, **kwargs),
referer: https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
455, in request, referer: https://subdomain.example.com/
resp = self.send(prep, **send_kwargs), referer:
https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
553, in send, referer: https://subdomain.example.com/
adapter = self.get_adapter(url=request.url), referer:
https://subdomain.example.com/
File “/usr/lib/python2.7/dist-packages/requests/sessions.py”, line
598, in get_adapter, referer: https://subdomain.example.com/
raise InvalidSchema(“No connection adapters were found for ‘%s’”
% url), referer: https://subdomain.example.com/
InvalidSchema: No connection adapters were found for
’“https://auth.example.com”/validate/check’, referer:
https://subdomain.example.com/

When having privacyidea = https://auth.example.com
in /etc/privacyidea/apache.conf

mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’.
Traceback (most recent call last):
File “/usr/share/pyshared/privacyidea_apache.py”, line 83, in
check_password
if json_response.get(“result”, {}).get(“value”):
AttributeError: ‘function’ object has no attribute ‘get’

mod_wsgi (pid=4865): Exception occurred processing WSGI script
’/usr/share/pyshared/privacyidea_apache.py’., referer:
https://subdomain.example.com/
Traceback (most recent call last):, referer:
https://subdomain.example.com/
File “/usr/share/pyshared/privacyidea_apache.py”, line 83, in
check_password, referer: https://subdomain.example.com/
if json_response.get(“result”, {}).get(“value”):, referer:
https://subdomain.example.com/
AttributeError: ‘function’ object has no attribute ‘get’, referer:
https://subdomain.example.com/

Den onsdag 10 juni 2015 kl. 12:48:34 UTC+2 skrev Cornelius Kölbel:
Hi,

    please check the access right of 
    /usr/share/pyshared/privacyidea_apache.py 
    
    The apache user should be able to read it. 
    Should be 644. 
    
    Kind regards 
    Cornelius 
    
    
    Am Mittwoch, den 10.06.2015, 03:15 -0700 schrieb Nicke: 
    > Am running Ubuntu 14.04.2 on the client machine having 
    > privacyidea-apache-client installed, this is called 
    > "subdomain.example.com". 
    > Authentication server is another host running the same 
    system. This 
    > machine is called "auth.example.com". 
    > 
    > 
    > Here is the only output with your new file, 
    > [Wed Jun 10 12:12:19.064834 2015] [:error] [pid 4728:tid 
    > 139652069586688] (13)Permission denied: [client 
    > 2a02:xxx:0:10:cccc:97fc:6f52:b703:36240] mod_wsgi 
    (pid=4728, 
    > process='', application=''): Call to fopen() failed for 
    > '/usr/share/pyshared/privacyidea_apache.py'. 
    > [Wed Jun 10 12:12:19.250990 2015] [:error] [pid 4728:tid 
    > 139652052801280] (13)Permission denied: [client 
    > 2a02:xxx:0:10:cccc:97fc:6f52:b703:36241] mod_wsgi 
    (pid=4728, 
    > process='', application=''): Call to fopen() failed for 
    > '/usr/share/pyshared/privacyidea_apache.py'., referer: 
    > https://subdomain.example.com/ 
    > 
    > 
    > 
    > Den onsdag 10 juni 2015 kl. 12:02:52 UTC+2 skrev Cornelius 
    Kölbel: 
    >         Hi, 
    >         
    >         I am sorry. On what system are you running? 
    >         (I would like to try running request 2.x) 
    >         
    >         Probably there is an exception where it should not 
    be. 
    >         Could you please use the attached file, restart 
    apache and 
    >         take a look 
    >         at the syslog again. 
    >         
    >         Thx and kind regards 
    >         Cornelius 
    >         
    >         Am Mittwoch, den 10.06.2015, 02:41 -0700 schrieb 
    Nicke: 
    >         > Hi 
    >         > 1) 
    >         > Before it was 
    >         > [DEFAULT] 
    >         > redis = "localhost" 
    >         > privacyidea = "https://auth.example.com" 
    >         > sslverify = False 
    >         > 
    >         > 
    >         > But that created exceptions so I changed that to 
    >         > [DEFAULT] 
    >         > redis = localhost 
    >         > privacyidea = https://auth.example.com 
    >         > sslverify = False 
    >         > 
    >         > 
    >         > 2) 
    >         > Se above 
    >         > 
    >         > 
    >         > 3) 
    >         > It contains 
    >         > mod_wsgi: requests < 1.0 
    >         > 
    >         > 
    >         > 
    >         > Den onsdag 10 juni 2015 kl. 11:31:30 UTC+2 skrev 
    Cornelius 
    >         Kölbel: 
    >         >         Hi Nicke, 
    >         >         
    >         >         1.) what did you remove? I did not get it 
    in the 
    >         formatting. 
    >         >         
    >         >         2.) How does 
    your /etc/privacyidea/apache.conf looks 
    >         like, 
    >         >         now? 
    >         >         
    >         >         3.) Does you /var/log/syslog contain 
    >         >         
    >         >         "request > 1.0" 
    >         >         
    >         >         or 
    >         >         
    >         >         "request < 1.0" 
    >         >         
    >         >         
    >         >         Kind regards 
    >         >         Cornelius 
    >         >         
    >         >         Am Mittwoch, den 10.06.2015, 02:18 -0700  schrieb 
    >         Nicke: 
    >         >         > You are right, it does work now. I do 
    not know 
    >         what I did 
    >         >         wrong last 
    >         >         > time I tried. 
    >         >         > 
    >         >         > 
    >         >         > The file /etc/privacyidea/apache.conf 
    contains " 
    >         on redis 
    >         >         and 
    >         >         > privacyidea value. In apache error file 
    it 
    >         complains (error) 
    >         >         about 
    >         >         > this so I had to remove it. 
    >         >         > Anway, I still can not get this to work, 
    I get 
    >         >         > 
    >         >         > 
    >         >         >  mod_wsgi (pid=4105): Exception 
    occurred 
    >         processing WSGI 
    >         >         script 
    >         >         > 
    '/usr/share/pyshared/privacyidea_apache.py'. 
    >         >         >  Traceback (most recent call last): 
    >         >         >    File 
    >         "/usr/share/pyshared/privacyidea_apache.py", line 
    >         >         81, in 
    >         >         > check_password 
    >         >         >      if json_response.get("result", 
    >         {}).get("value"): 
    >         >         >  AttributeError: 'function' object has 
    no 
    >         attribute 'get' 
    >         >         >  mod_wsgi (pid=4105): Exception 
    occurred 
    >         processing WSGI 
    >         >         script 
    >         >         > 
    '/usr/share/pyshared/privacyidea_apache.py'., 
    >         referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         >  Traceback (most recent call last):, 
    referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         >    File 
    >         "/usr/share/pyshared/privacyidea_apache.py", line 
    >         >         81, in 
    >         >         > check_password, referer: 
    >         https://subdomain.example.com/ 
    >         >         >      if json_response.get("result", 
    >         {}).get("value"):, 
    >         >         referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         >  AttributeError: 'function' object has 
    no 
    >         attribute 'get', 
    >         >         referer: 
    >         >         > https://subdomain.example.com/ 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > 
    >         >         > Den onsdag 10 juni 2015 kl. 10:43:28 UTC 
    +2 skrev 
    >         Cornelius 
    >         >         Kölbel: 
    >         >         >         Hi Nicke, 
    >         >         >         
    >         >         >         it does. 
    >         >         >         Did you run an apt-get update? 
    >         >         >         
    >         >         >         Kind regards 
    >         >         >         Cornelius 
    >         >         >         
    >         >         >         Am Mittwoch, den 10.06.2015,  01:30 -0700  schrieb 
    >         >         Nicke: 
    >         >         >         > For me to be able to test this 
    it would 
    >         be good 
    >         >         if 
    >         >         >         > privacyidea-apache-client 
    exist in the 
    >         dev 
    >         >         repository on 
    >         >         >         launchpad. 
    >         >         >         > 
    >         >         >         > 
    >         >         >         >         add-apt-repository 
    >         >         ppa:privacyidea/privacyidea-dev 
    >         >         >         >         apt-get update 
    >         >         >         >         apt-get install 
    >         privacyidea-apache-client 
    >         >         >         > .. does not work on Ubuntu 
    14.04 
    >         because 
    >         >         >         privacyidea-apache-client is 
    >         >         >         > missing. 
    >         >         >         > -- 
    >         >         >         > You received this message 
    because you 
    >         are 
    >         >         subscribed to the 
    >         >         >         Google 
    >         >         >         > Groups "privacyidea" group. 
    >         >         >         > To unsubscribe from this group 
    and stop 
    >         receiving 
    >         >         emails 
    >         >         >         from it, send 
    >         >         >         > an email to 
    >         privacyidea...@googlegroups.com. 
    >         >         >         > To post to this group, send 
    email to 
    >         >         >         priva...@googlegroups.com. 
    >         >         >         > To view this discussion on the 
    web 
    >         visit 
    >         >         >         > 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/ac3b3d13-3fed-4d19-98f8-cd038d5d4ceb%40googlegroups.com.

    >         >         >         > For more options, visit 
    >         >         https://groups.google.com/d/optout. 
    >         >         >         
    >         >         >         -- 
    >         >         >         Cornelius Kölbel 
    >         >         >         corneliu...@netknights.it 
    >         >         >         +49 151 2960 1417 
    >         >         >         
    >         >         >         NetKnights GmbH 
    >         >         >         http://www.netknights.it 
    >         >         >         Landgraf-Karl-Str. 19, 34131 
    Kassel, 
    >         Germany 
    >         >         >         Tel: +49 561 3166797, Fax: +49 
    561 
    >         3166798 
    >         >         >         
    >         >         >         Amtsgericht Kassel, HRB 16405 
    >         >         >         Geschäftsführer: Cornelius 
    Kölbel 
    >         >         >         
    >         >         >         
    >         >         > -- 
    >         >         > You received this message because you 
    are 
    >         subscribed to the 
    >         >         Google 
    >         >         > Groups "privacyidea" group. 
    >         >         > To unsubscribe from this group and stop 
    receiving 
    >         emails 
    >         >         from it, send 
    >         >         > an email to 
    privacyidea...@googlegroups.com. 
    >         >         > To post to this group, send email to 
    >         >         priva...@googlegroups.com. 
    >         >         > To view this discussion on the web 
    visit 
    >         >         > 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/55416469-bde4-4e6f-bbbc-8462b4e1da1b%40googlegroups.com.

    >         >         > For more options, visit 
    >         https://groups.google.com/d/optout. 
    >         >         
    >         >         -- 
    >         >         Cornelius Kölbel 
    >         >         corneliu...@netknights.it 
    >         >         +49 151 2960 1417 
    >         >         
    >         >         NetKnights GmbH 
    >         >         http://www.netknights.it 
    >         >         Landgraf-Karl-Str. 19, 34131 Kassel, 
    Germany 
    >         >         Tel: +49 561 3166797, Fax: +49 561 
    3166798 
    >         >         
    >         >         Amtsgericht Kassel, HRB 16405 
    >         >         Geschäftsführer: Cornelius Kölbel 
    >         >         
    >         >         
    >         > -- 
    >         > You received this message because you are 
    subscribed to the 
    >         Google 
    >         > Groups "privacyidea" group. 
    >         > To unsubscribe from this group and stop receiving 
    emails 
    >         from it, send 
    >         > an email to privacyidea...@googlegroups.com. 
    >         > To post to this group, send email to 
    >         priva...@googlegroups.com. 
    >         > To view this discussion on the web visit 
    >         > 
    > 

https://groups.google.com/d/msgid/privacyidea/bfc540e9-7e7a-4524-ace6-f207dab1730a%40googlegroups.com.

    >         > For more options, visit 
    https://groups.google.com/d/optout. 
    >         
    >         -- 
    >         Cornelius Kölbel 
    >         corneliu...@netknights.it 
    >         +49 151 2960 1417 
    >         
    >         NetKnights GmbH 
    >         http://www.netknights.it 
    >         Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    >         Tel: +49 561 3166797, Fax: +49 561 3166798 
    >         
    >         Amtsgericht Kassel, HRB 16405 
    >         Geschäftsführer: Cornelius Kölbel 
    >         
    >         
    > -- 
    > You received this message because you are subscribed to the 
    Google 
    > Groups "privacyidea" group. 
    > To unsubscribe from this group and stop receiving emails 
    from it, send 
    > an email to privacyidea...@googlegroups.com. 
    > To post to this group, send email to 
    priva...@googlegroups.com. 
    > To view this discussion on the web visit 
    > 

https://groups.google.com/d/msgid/privacyidea/140accd8-8d81-4840-a2b0-dad6e4639ccd%40googlegroups.com.

    > For more options, visit https://groups.google.com/d/optout. 
    
    -- 
    Cornelius Kölbel 
    corneliu...@netknights.it 
    +49 151 2960 1417 
    
    NetKnights GmbH 
    http://www.netknights.it 
    Landgraf-Karl-Str. 19, 34131 Kassel, Germany 
    Tel: +49 561 3166797, Fax: +49 561 3166798 
    
    Amtsgericht Kassel, HRB 16405 
    Geschäftsführer: Cornelius Kölbel 


You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
To view this discussion on the web visit

https://groups.google.com/d/msgid/privacyidea/fd2dc6ce-260c-4214-8ab2-6f58c3532b8d%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


Cornelius Kölbel
corneliu...@netknights.it <javascript:>
+49 151 2960 1417

NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798

Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel