Thanks Cornelius!Am Mittwoch, 6. Juli 2016 15:04:04 UTC+2 schrieb Cornelius Kölbel:
Alternatively take a look here
https://github.com/NetKnights-GmbH/privacyidea-ucs/tree/master/deploy/apache/sites-available
Cornelius Kölbel
+49 151 2960 1417
NetKnights GmbH
Http://NetKnights. It
+49 561 3166 797
-------- Ursprüngliche Nachricht --------
Von: Michael Muenz <m.m...@gmail.com <javascript:>>
Datum: 06.07.16 14:35 (GMT+01:00)
An: privacyidea <priva...@googlegroups.com <javascript:>>
Cc: m.m...@gmail.com <javascript:>
Betreff: Re: [privacyidea] Re: ImportError: No module named
privacyidea.app
virtualenv.
I followed the steps in your guide, mixed with an old one from howtoforge.
I documented all the steps since I want to write a Debian 8 howto:
- aptitude install libjpeg-dev zlib1g-dev python-dev
libffi-dev libssl-dev libxslt1-dev virtualenv gcc
mysql-server freeradius libconfig-inifiles-perl
libdata-dump-perl libtry-tiny-perl libconfig-json-perl
libjson-perl libmysqlclient-dev apache2 libapache2-mod-wsgi
- virtualenv /opt/privacyidea
- cd /opt/privacyidea
- source bin/activate
- pip install privacyidea
- pip install MySQL-python
- pip install click
- mysql -u root -p
create database pi;
grant all privileges on pi.* to “pi”@“localhost” identified by “XXX”;
flush privileges;
quit;
- mkdir /etc/privacyidea
- useradd -r privacyidea
- cp etc/privacyidea/* /etc/privacyidea/
- vi /etc/privacyidea/pi.cfg
import logging
The realm, where users are allowed to login as administrators
SUPERUSER_REALM = [‘super’]
Your database
#SQLALCHEMY_DATABASE_URI = ‘sqlite:////etc/privacyidea/data.sqlite’
This is used to encrypt the auth_token
#SECRET_KEY = ‘t0p s3cr3t’
This is used to encrypt the admin passwords
#PI_PEPPER = “Never know…”
This is used to encrypt the token data and token passwords
PI_ENCFILE = ‘/etc/privacyidea/enckey’
This is used to sign the audit log
This is the dummy base class
#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.base’
This is the default
#PI_AUDIT_MODULE = ‘privacyidea.lib.auditmodules.sqlaudit’
This is used to sign the audit log
PI_AUDIT_KEY_PRIVATE = ‘/etc/privacyidea/private.pem’
PI_AUDIT_KEY_PUBLIC = ‘/etc/privacyidea/public.pem’
PI_LOGFILE = ‘/var/log/privacyidea/privacyidea.log’
PI_LOGLEVEL = logging.INFO
PI_PEPPER = ‘X’
SECRET_KEY = ‘X’
SQLALCHEMY_DATABASE_URI = ‘mysql://pi:XXX@localhost/pi’
-
pi-manage create_enckey
-
pi-manage create_audit_keys
-
pi-manage createdb
-
pi-manage admin add admin@localhost
-
privacyidea-fix-access-rights -f /etc/privacyidea/pi.cfg -u privacyidea
-
a2enmod ssl
-
vi /etc/apache2/sites-available/privacyidea.conf
ServerAdmin webmaster@localhost
# You might want to change this
ServerName localhost
DocumentRoot /var/www
<Directory />
# For Apache 2.4 you need to set this:
Require all granted
Options FollowSymLinks
AllowOverride None
</Directory>
# Yubico servers use /wsapi/2.0/verify as the path in the
# validation URL. Some tools (e.g. Kolab 2fa) let the
# user/admin change the api host, but not the rest of
# the URL. Uncomment the following two lines to reroute
# the api URL internally to privacyideas /ttype/yubikey.
#RewriteEngine on
#RewriteRule "^/wsapi/2.0/verify" "/ttype/yubikey" [PT]
# We can run several instances on different paths with different
configurations
WSGIScriptAlias / /etc/privacyidea/privacyideaapp.wsgi
#WSGIScriptAlias /instance1
/home/cornelius/src/privacyidea/deploy/privacyideaapp1.wsgi
#WSGIScriptAlias /instance2
/home/cornelius/src/privacyidea/deploy/privacyideaapp2.wsgi
#WSGIScriptAlias /instance3
/home/cornelius/src/privacyidea/deploy/privacyideaapp3.wsgi
#
# The daemon is running as user ‘privacyidea’
# This user should have access to the encKey database encryption
file
WSGIDaemonProcess privacyidea processes=1 threads=15
display-name=%{GROUP} user=privacyidea
WSGIProcessGroup privacyidea
WSGIPassAuthorization On
ErrorLog /var/log/apache2/error.log
LogLevel warn
# Do not use %q! This will reveal all parameters, including
setting PINs and Keys!
# Using SSL_CLINET_S_DN_CN will show you, which administrator did
what task
LogFormat “%h %l %u %t %>s "%m %U %H" %b "%{Referer}i"
"%{User-agent}i"” privacyIDEA
CustomLog /var/log/apache2/ssl_access.log privacyIDEA
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!MD5
# If both key and certificate are stored in the same file, only
the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/privacyideaserver.pem
SSLCertificateKeyFile /etc/ssl/private/privacyideaserver.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
If you want to forward http request to https enable the
following virtual host.
#
# This will enable the Rewrite capabilities
RewriteEngine On
# This checks to make sure the connection is not already HTTPS
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
#
cd /etc/apache2/sites-enabled/
rm -f 000-default.conf
ln -s …/sites-available/privacyidea.conf .
mkdir /home/privacyidea
chown -R privacyidea /home/privacyidea/
chown -R privacyidea /etc/privacyidea/
The part with user privacyidea is not within your guide, so there could be
a problem but I don’t get it.
Thanks
Michael
Am Mittwoch, 6. Juli 2016 14:25:04 UTC+2 schrieb Cornelius Kölbel:
Pip in root or virtual environment?
Config?
Cornelius Kölbel
+49 151 2960 1417
NetKnights GmbH
Http://NetKnights http://NetKnights. It
+49 561 3166 797
-------- Ursprüngliche Nachricht --------
Von: Michael Muenz m.m...@gmail.com
Datum: 06.07.16 14:17 (GMT+01:00)
An: privacyidea priva...@googlegroups.com
Betreff: [privacyidea] Re: ImportError: No module named privacyidea.app
Hi,
I installed PI 2.13 via PiP on a fresh Debian 8 and have the same issue
here.
Running via py-manage runserver I can access the system, but via apache /
wsgi I get:
[Wed Jul 06 14:12:55.024738 2016] [wsgi:error] [pid 17269:tid
139826853345024] [remote X:59909] mod_wsgi (pid=17269): Target WSGI script
‘/etc/privacyidea/privacyideaapp.wsgi’ cannot be loaded as Python module.
[Wed Jul 06 14:12:55.024797 2016] [wsgi:error] [pid 17269:tid
139826853345024] [remote X:59909] mod_wsgi (pid=17269): Exception occurred
processing WSGI script ‘/etc/privacyidea/privacyideaapp.wsgi’.
[Wed Jul 06 14:12:55.024837 2016] [wsgi:error] [pid 17269:tid
139826853345024] [remote X:59909] Traceback (most recent call last):
[Wed Jul 06 14:12:55.024875 2016] [wsgi:error] [pid 17269:tid
139826853345024] [remote X:59909] File
“/etc/privacyidea/privacyideaapp.wsgi”, line 3, in
[Wed Jul 06 14:12:55.024929 2016] [wsgi:error] [pid 17269:tid
139826853345024] [remote X:59909] from privacyidea.app import create_app
[Wed Jul 06 14:12:55.024964 2016] [wsgi:error] [pid 17269:tid
139826853345024] [remote X:59909] ImportError: No module named
privacyidea.app
[Wed Jul 06 14:12:55.125165 2016] [wsgi:error] [pid 17269:tid
139826937272064] [remote X:59909] mod_wsgi (pid=17269): Target WSGI script
‘/etc/privacyidea/privacyideaapp.wsgi’ cannot be loaded as Python module.
[Wed Jul 06 14:12:55.125198 2016] [wsgi:error] [pid 17269:tid
139826937272064] [remote X:59909] mod_wsgi (pid=17269): Exception occurred
processing WSGI script ‘/etc/privacyidea/privacyideaapp.wsgi’.
[Wed Jul 06 14:12:55.125231 2016] [wsgi:error] [pid 17269:tid
139826937272064] [remote X:59909] Traceback (most recent call last):
[Wed Jul 06 14:12:55.125263 2016] [wsgi:error] [pid 17269:tid
139826937272064] [remote X:59909] File
“/etc/privacyidea/privacyideaapp.wsgi”, line 3, in
[Wed Jul 06 14:12:55.125309 2016] [wsgi:error] [pid 17269:tid
139826937272064] [remote X:59909] from privacyidea.app import create_app
[Wed Jul 06 14:12:55.125341 2016] [wsgi:error] [pid 17269:tid
139826937272064] [remote X:59909] ImportError: No module named
privacyidea.app
Thanks
Michael
Am Montag, 11. Januar 2016 17:47:15 UTC+1 schrieb Cornelius Kölbel:
Hello John,
the “privacyidea.app” in fact indicates that there is something wrong
with your python setup. In certain cases the WSGI process does not find
the complete python environment.
Which howto did you use to install?
→ This is the change to improve the documentation
We do not need to take a look at FreeRADIUS now, since your privacyIDEA
installation seems messed up.
Kind regards
Cornelius
Am Montag, den 11.01.2016, 07:58 -0800 schrieb John Whitten:
Hello Cornelius,
- How does the
file /opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi look like?
[root@MyHost privacyidea]#
cat /opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi
import sys
sys.stdout = sys.stderr
from privacyidea.app import create_app
Now we can select the config file:
application = create_app(config_name=“production”,
config_file=“/etc/privacyidea/pi.cfg”)
- When I run it via Apache I get a “500 Server Error” and the error
log contains the message about the “privacyidea.app” issue:
==> /var/log/httpd/error.log <==
[Sun Jan 10 01:25:29 2016] [error] [client 192.168.3.204] mod_wsgi
(pid=24859): Target WSGI script
‘/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi’ cannot be
loaded as Python module.
[Sun Jan 10 01:25:29 2016] [error] [client 192.168.3.204] mod_wsgi
(pid=24859): Exception occurred processing WSGI script
‘/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi’.
[Sun Jan 10 01:25:29 2016] [error] Traceback (most recent call last):
[Sun Jan 10 01:25:29 2016] [error] File
“/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi”, line 3, in
[Sun Jan 10 01:25:29 2016] [error] from privacyidea.app import
create_app
[Sun Jan 10 01:25:29 2016] [error] ImportError: No module named
privacyidea.app
When I run it (via the “pi-manage runserver” method which is set to
operate on port 5000), it logs me in and I get a “token/list” url and
a page which should be showing me tokens, but for some reason it does
not show any listed. There should be two tokens registered for the
username I’m using. Here is the command line I’m using:
pi-manage runserver -h MyHost -p 5000 -d -r
- This is what I get from the privacyidea.log:
[2016-01-11
10:29:28,768][25056][140316471326464][DEBUG][privacyidea.api.lib.utils:235]
Can not get param: No JSON object could be decoded
- Post output of Freeradius -X
Request:
[root@MyHost FreeRADIUS]# echo “User-Name=SomeUser@SomeRealm,
Password=SomePassword” | radclient -sx localhost auth ‘OurSecret’
Sending Access-Request of id 89 to 127.0.0.1 port 1812
User-Name = “SomeUser@SomeRealm”
Password = “SomePassword”
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=89,
length=75
Reply-Message = “privacyIDEA request failed: 500 Internal
Server Error”
Total approved auths: 0
Total denied auths: 1
Total lost auths: 0
Debug Output:
rad_recv: Access-Request packet from host 127.0.0.1 port 54525, id=89,
length=55
User-Name = “SomeUser@SomeRealm”
User-Password = “SomePassword”
Executing section authorize from
file /etc/raddb/sites-enabled/privacyidea
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] Looking up realm “SomeRealm” for User-Name =
“SomeUser@SomeRealm”
[suffix] No such realm “SomeRealm”
++[suffix] = noop
[eap] No EAP-Message, not doing EAP
++[eap] = noop
[files] users: Matched entry DEFAULT at line 183
++[files] = ok
++[expiration] = noop
++[logintime] = noop
[pap] WARNING! No “known good” password found for the user.
Authentication may fail because of this.
++[pap] = noop
+} # group authorize = ok
Found Auth-Type = perl
Executing group from file /etc/raddb/sites-enabled/privacyidea
+group authenticate {
rlm_perl: Config File not found!
rlm_perl: Default URL https://127.0.0.1/validate/check
rlm_perl: Looking for config for auth-type perl
rlm_perl: Warning:
rlm_perl: Auth-Type: perl
rlm_perl: url: https://127.0.0.1/validate/check
rlm_perl: user sent to privacyidea: SomeUser@SomeRealm
rlm_perl: realm sent to privacyidea:
rlm_perl: resolver sent to privacyidea:
rlm_perl: client sent to privacyidea: 127.0.0.1
rlm_perl: state sent to privacyidea:
rlm_perl: urlparam client
rlm_perl: urlparam pass
rlm_perl: urlparam user
rlm_perl: Not verifying SSL certificate!
rlm_perl: privacyIDEA request failed: 500 Internal Server Error
rlm_perl: return RLM_MODULE_FAIL
rlm_perl: Added pair User-Name = SomeUser@SomeRealm
rlm_perl: Added pair User-Password = SomePassword
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Reply-Message = privacyIDEA request failed: 500
Internal Server Error
rlm_perl: Added pair Auth-Type = perl
++[perl] = fail
+} # group authenticate = fail
Failed to authenticate the user.
Delaying reject of request 15 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 15
Sending Access-Reject of id 89 to 127.0.0.1 port 54525
Reply-Message = “privacyIDEA request failed: 500 Internal
Server Error”
Waking up in 4.9 seconds.
Cleaning up request 15 ID 89 with timestamp +409247
Ready to process requests.
You didn’t ask, but here is my Apache config:
[root@MyHost conf.d]# cat privacyidea.conf
TraceEnable on
ServerSignature Off
ServerTokens Prod
WSGIPythonHome /opt/privacyIDEA
WSGISocketPrefix /var/run/wsgi
#############################################
Redirect All Port 80 Accesses to Port 443
#############################################
#
ServerAdmin webmaster@localhost
ServerName localhost
RewriteEngine On
RewriteCond %{HTTPS} !=On
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
#
#############################################
Handle Port 443 Accesses
#############################################
#
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName localhost
DocumentRoot /var/www
<Directory />
Require all granted
Allow from all
Options FollowSymLinks
AllowOverride None
</Directory>
WSGIScriptAlias / /etc/privacyidea/privacyideaapp.wsgi
WSGIScriptAlias / /opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi
# The daemon is running as user ‘privacyidea’
# This user should have access to the encKey database
encryption file
WSGIDaemonProcess privacyidea
python-path=/etc/privacyidea:/opt/privacyIDEA/lib/python2.7/site-packages
processes=1 threads=15 display-name=%{GROUP} user=privacyidea
WSGIProcessGroup privacyidea
WSGIPassAuthorization On
## Logging
ErrorLog /var/log/httpd/error.log
LogLevel warn
# Do not use %q! This will reveal all parameters, including
setting PINs and Keys!
# Using SSL_CLINET_S_DN_CN will show you, which administrator
did what task
#LogFormat “%h %l %u %t %>s "%m %U %H" %b "%{Referer}i"
"%{User-agent}i"” privacyIDEA
LogFormat “%h %l %u %t %>s "%m %U %H" %b "%{Referer}i"
"%{User-agent}i" %q” privacyIDEA
CustomLog /var/log/httpd/ssl_access.log privacyIDEA
SSLEngine On
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite EECDH+AES256:DHE+AES256:EECDH+AES:EDH
+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:AES256-SHA:!aNULL:!eNULL:!EXP:!
LOW:!MD5
SSLCertificateFile /etc/pki/tls/certs/privacyideaserver.pem
SSLCertificateKeyFile /etc/pki/tls/private/privacyideaserver.key
IMO, while I may very well have other issues in the setup, the biggest
problem always seems to come back to this one item:
[Sat Jan 09 01:25:22 2016] [error] File
“/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi”, line 3, in
[Sat Jan 09 01:25:22 2016] [error] from privacyidea.app import
create_app
[Sat Jan 09 01:25:22 2016] [error] ImportError: No module named
privacyidea.app
Thanks for all of your kind assistance! I really appreciate your help.
John
On Friday, January 8, 2016 at 3:54:43 PM UTC-5, Cornelius Kölbel wrote:
Hello John,
1. Check the configuration
The httpd error log says
Target WSGI script
'/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi' cannot
be loaded
as Python module
a) How does the
file /opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi look
like?
b) How does your apache config look like?
I suspect that that you have two different configurations, one
that
works when accessing the UI and on that does not work and is
accessed
when issuing the authentication request.
2. Check the API without the FreeRADIUS
Please execute
https://yourhost/validate/check?user=....&pass=...
in your browser and take a look at the result.
Or course you must not use the port 5000 unless you are
running the
Apache SSL on 5000.
3. Check the log file
The FreeRADIUS reply message says:
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812,
id=127,
length=75
Reply-Message = "privacyIDEA request failed: 500
Internal Server
Error"
So please check the privacyIDEA log.
4. Debug
You enabled DEBUG=true in the your rlm_perl.ini.
So you should get more privacyIDEA specific output when
running
freeradius -X
You did not post this. Can you do so?
Kind regards
Cornelius
Am Freitag, den 08.01.2016, 06:02 -0800 schrieb John Whitten:
> Hi Cornelius,
>
>
> Thanks for the quick reply.
>
>
> Yes, you were correct that my "rlm_perl.ini" file was
missing. But,
> sadly, adding the file and adjusting the params did not
resolve the
> issue. In fact, the problem remains the same:
>
>
> [root@myhost FreeRADIUS]# echo "User-Name=user,
Password=pin123456" |
> radclient -sx localhost auth 'OURSECRET'
> Sending Access-Request of id 127 to 127.0.0.1 port 1812
> User-Name = "user"
> Password = "pin123456"
>
>
> ==> /var/log/httpd/error.log <==
> [Fri Jan 08 08:53:23 2016] [error] [client 127.0.0.1]
mod_wsgi
> (pid=24859): Target WSGI script
> '/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi'
cannot be
> loaded as Python module.
> [Fri Jan 08 08:53:23 2016] [error] [client 127.0.0.1]
mod_wsgi
> (pid=24859): Exception occurred processing WSGI script
> '/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi'.
> [Fri Jan 08 08:53:23 2016] [error] Traceback (most recent
call last):
> [Fri Jan 08 08:53:23 2016] [error] File
> "/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi", line
3, in
> <module>
> [Fri Jan 08 08:53:23 2016] [error] from privacyidea.app
import
> create_app
> [Fri Jan 08 08:53:23 2016] [error] ImportError: No module
named
> privacyidea.app
>
>
> ==> /var/log/httpd/ssl_access.log <==
> 127.0.0.1 - - [08/Jan/2016:08:53:23 -0500] 500
"POST /validate/check
> HTTP/1.1" 599 "-" "libwww-perl/6.15"
> rad_recv: Access-Reject packet from host 127.0.0.1 port
1812, id=127,
> length=75
> Reply-Message = "privacyIDEA request failed: 500
Internal
> Server Error"
>
>
> Total approved auths: 0
> Total denied auths: 1
> Total lost auths: 0
> ---
>
>
>
> Here is what the "rlm_perl.ini" file now contains:
>
>
> [Default]
> URL = https://myhost:5000/validate/check
> REALM = myrealm
> #RESCONF = someResolver
> #SSL_CHECK = true
> SSL_CHECK = false
> DEBUG = true
> ---
>
>
> BTW, the result is the same with or without the port 5000
part. I
> tried removing it and it is still bombing with the import
error. It is
> apparently looking for something called "privacyidea.app"
and there is
> nothing with that name on my system, or available on your
site as far
> as I can tell. At least not directly.
>
>
> It feels to me like I am very close to getting this thing up
and
> running! So I am hopeful! ;-)
>
>
> John
>
>
>
>
>
>
>
>
> On Friday, January 8, 2016 at 2:31:59 AM UTC-5, Cornelius Kölbel wrote:
> Hello John,
>
> thanks for the feedback regarding the installation
> instructions.
> This is the official instruction
>
2. Installation — privacyIDEA 3.8 documentation
> I will add a note, that it needs python 2.7.
>
> Good news: If you are able to access the web ui,
> authenticating with
> FreeRADIUS will also work in a moment.
>
> I assume you are accessing the webui at an URL like
>
> https://yourserver/
>
> i.e. in the root directory?
>
> Then the FreeRADIUS would have to call
>
> https://yourserver/validate/check
>
> I think the FreeRADIUS privacyIDEA plugin is just
not
> completely
> configured yet.
> See
>
http://privacyidea.readthedocs.org/en/latest/application_plugins/radius.html?highlight=freeradius
>
> Have you created any /opt/privacyidea/rlm_perl.ini
file yet?
>
> I recommend creating a file
> /etc/privacyidea/rlm_perl.ini
> with the following content:
>
> [Default]
> URL = https://your.server/validate/check
> SSL_CHECK = false
> DEBUG = true
>
> adapt the URL accordingly.
> You should change SSL_CHECK to true, later. I.e. you
need to
> get a
> trusted certificate, if privacyIDEA is running on
another
> server than
> freeradius.
>
> Starting with DEBUG=true gives you some good ideas
about whats
> going on.
>
> Please tell, if it was your rlm_perl.ini that was
missing.
>
> Kind regards
> Cornelius
>
> Am Donnerstag, den 07.01.2016, 22:24 -0800 schrieb
John
> Whitten:
> >
> > Hello,
> >
> >
> > I have been working to get this PrivacyIDEA
software
> installed on a
> > CentOS 6.5 system, along with FreeRADIUS.
> >
> >
> > I have been mostly following the directions in
these three
> documents
> > (none of them appears to be entirely accurate):
> >
> >
> >
> >
> > CentOS install:
> >
>
Two factor authentication with OTP using privacyIDEA and FreeRADIUS on CentOS
> >
> >
> >
> > Python Install:
> >
>
2.1. Python Package Index — privacyIDEA 3.8 documentation
> >
> >
> >
> > PrivacyIdea Documentation Latest:
> > https://privacyidea.readthedocs.org/en/latest/
> >
> >
> >
> >
> >
> > Between the various documents though, and a whole
lot of
> trial and
> > error, I have gotten it mostly working I think.
The actual
> > installation files are from using the "Python PIP
Install"
> method, so
> > are whichever version are available that way. (I'm
not a
> Python guy).
> > Also I should mention that I figured out that it
doesn't
> work with
> > Python 2.6 and have installed Python 2.7. As soon
as I did
> that, the
> > install went very smoothly. You should probably
note that
> someplace in
> > the documents and save people a whole lot of
time.
> >
> >
> > Anyway, I have come to the part where I'm hooking
up
> FreeRADIUS and it
> > keeps bombing with the following message:
> >
> >
> >
> >
> >
> > ==> /var/log/httpd/error.log <==
> > [Thu Jan 07 23:27:48 2016] [error] [client
10.200.1.10]
> mod_wsgi
> > (pid=24859): Target WSGI script
> >
'/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi'
> cannot be
> > loaded as Python module.
> > [Thu Jan 07 23:27:48 2016] [error] [client
10.200.1.10]
> mod_wsgi
> > (pid=24859): Exception occurred processing WSGI
script
> >
'/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi'.
> > [Thu Jan 07 23:27:48 2016] [error] Traceback (most
recent
> call last):
> > [Thu Jan 07 23:27:48 2016] [error] File
> >
"/opt/privacyIDEA/etc/privacyidea/privacyideaapp.wsgi", line
> 3, in
> > <module>
> > [Thu Jan 07 23:27:48 2016] [error] from
privacyidea.app
> import
> > create_app
> > [Thu Jan 07 23:27:48 2016] [error] ImportError: No
module
> named
> > privacyidea.app
> >
> >
> >
> >
> > RADIUS itself seems to be working fine. I had it
set up
> originally and
> > tested it with the test radius client and it all
seemed to
> work fine.
> > I now have it configured to call the
"privacyidea_radius.pm"
> module
> > from /etc/raddb/modules/perl. I had to correct the
path as
> below:
> >
> >
> > perl {
> > # module
= /opt/privacyIDEA/privacyidea_radius.pm
> > module
> >
>
= /opt/privacyIDEA/lib/privacyidea/authmodules/FreeRADIUS/
privacyidea_radius.pm
> > }
> >
> >
> >
> >
> > When I try to authenticate using the test client
now, I get
> the above
> > error message, apparently looking for something
called
> > "privacyidea.app". There is nothing on my system
anywhere
> with that
> > name, and I cannot find any good reference to it
online
> apart from a
> > brief mention here and there with respect to the
"perl" file
> in the
> > RADIUS modules directory.
> >
> >
> > Can you assist me? I am under the gun to get this
worked out
> and I'm
> > having a heck of a time getting everything set up
and
> working.
> >
> >
> >
> > I have gotten the PrivacyIDEA web portion itself
worked out.
> I have
> > been able to login as Admin, set up a Realm,
connect it to
> our Active
> > Directory and whatnot, and all that seems to work.
I also
> was able to
> > login to the PrivacyIDEA as a user and enroll
myself a
> token. I got
> > the FreeOTP Android App for my smartphone from
Google Play,
> and used
> > the QR feature to set up the token into the
FreeOTP app. All
> of that
> > went very smoothly and without much problem.
> >
> >
> > But when I go to try to authenticate with it, I
run into the
> problem
> > above.
> >
> >
> > Thanks for any assistance you can provide!
> >
> >
> > John Whitten
> > --
> > You received this message because you are
subscribed to the
> Google
> > Groups "privacyidea" group.
> > To unsubscribe from this group and stop receiving
emails
> from it, send
> > an email to privacyidea...@googlegroups.com.
> > To post to this group, send email to
> priva...@googlegroups.com.
> > To view this discussion on the web visit
> >
>
https://groups.google.com/d/msgid/privacyidea/d7f639b0-bfcd-403a-a6c8-c176e7d66519%40googlegroups.com.
> > For more options, visit
https://groups.google.com/d/optout.
>
> --
> Cornelius Kölbel
> corneliu...@netknights.it
> +49 151 2960 1417
>
> NetKnights GmbH
> http://www.netknights.it
> Landgraf-Karl-Str. 19, 34131 Kassel, Germany
> Tel: +49 561 3166797, Fax: +49 561 3166798
>
> Amtsgericht Kassel, HRB 16405
> Geschäftsführer: Cornelius Kölbel
>
>
> --
> You received this message because you are subscribed to the
Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails
from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/2e9e6914-9e02-458d-9656-e73d5613e152%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/107f7393-dd39-4671-b0be-5908b9b5a5c5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
–
Please read the blog post about getting help
Getting help – privacyID3A.
For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - Verschlüsselung
In an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support Level
You received this message because you are subscribed to the Google Groups
“privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send an
email to privacyidea...@googlegroups.com.
To post to this group, send email to priva...@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/bfcaacaa-3167-473c-b360-17bf4b9e93b5%40googlegroups.com
https://groups.google.com/d/msgid/privacyidea/bfcaacaa-3167-473c-b360-17bf4b9e93b5%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit http https://groups.google.com/d/optout
…