I think I found a small bug with authentication module.
One of my ldap user has this password : o*vCYaN
I manage to login through the WebUI interface with this user and password.
But, with pi-manage (or radius) it failed.
Into debug file I can see :
2016-08-11
11:11:30,093][8243][139692791498560][DEBUG][privacyidea.lib.token:172]
Entering check_user_pass with arguments (User(login=uâUSERâ,
realm=uâREALMâ, resolver=uâRESOLVERâ), uâo*vCYaNâ, {}) and keywords {}
It seems the \ of the password is missing.
I tried with :
pi-manage validate USER âo*vCYaNâ ->KO
pi-manage validate USER o*vCYaN ->KO
pi-manage validate USER o\*vCYaN ->KO but the password in the log file
is o\*vCYaN
RESULT=False
DETAILS={âmessageâ: âThe user has no tokens assignedâ}
And the log file show this password âo*vCYaNâ is sent to the LDAP resolver
; that is why it failed.
I tried to assign a SPass token to this user with the same password.
Everything is OK.
pi-manage validate :OK
webUI login : OK
Radius auth is not OK but It is a radius bug.
The \ is escaped, so the password send to PrivacyIdea is o*vCYaN
Donât waste your time with that, it is easy to find a workaround ; but it
is probably a small bug.
I think I found a small bug with authentication module.
One of my ldap user has this password : o*vCYaN
I manage to login through the WebUI interface with this user and password.
But, with pi-manage (or radius) it failed.
Into debug file I can see :
2016-08-11
11:11:30,093][8243][139692791498560][DEBUG][privacyidea.lib.token:172]
Entering check_user_pass with arguments (User(login=uâUSERâ,
realm=uâREALMâ, resolver=uâRESOLVERâ), uâo*vCYaNâ, {}) and keywords {}
It seems the \ of the password is missing.
I tried with :
pi-manage validate USER âo*vCYaNâ ->KO
pi-manage validate USER o*vCYaN ->KO
pi-manage validate USER o\*vCYaN ->KO but the password in the log file
is o\*vCYaN