PrivacyIDEA - Install BasicAuth
Hi,
I try to activate the Basic Authentication for SSO purpose for the WebUI.
If I change the AuthType in the apache config file „privacyidea.conf“ to
basic the login dialog appears but the authentication failed. In the apache
error log I receive the following Message.
/var/log/httpd/error_log:
[Mon Sep 12 21:11:34.936915 2016] [:error] [pid 1483] [client
172.16.16.16:63124] mod_wsgi (pid=1483): Exception occurred processing WSGI
script
’/opt/privacyIDEA/lib/python2.7/site-packages/authmodules/apache2/privacyidea_apache.py’.
[Mon Sep 12 21:11:34.936989 2016] [:error] [pid 1483] [client
172.16.16.16:63124] Traceback (most recent call last):
[Mon Sep 12 21:11:34.937046 2016] [:error] [pid 1483] [client
172.16.16.16:63124] File
"/opt/privacyIDEA/lib/python2.7/site-packages/authmodules/apache2/privacyidea_apache.py",
line 66, in check_password
[Mon Sep 12 21:11:34.937129 2016] [:error] [pid 1483] [client
172.16.16.16:63124] value = rd.get(key)
[Mon Sep 12 21:11:34.937146 2016] [:error] [pid 1483] [client
172.16.16.16:63124] File
"/opt/privacyIDEA/lib/python2.7/site-packages/redis/client.py", line 863,
in get
[Mon Sep 12 21:11:34.937698 2016] [:error] [pid 1483] [client
172.16.16.16:63124] return self.execute_command(‘GET’, name)
[Mon Sep 12 21:11:34.937725 2016] [:error] [pid 1483] [client
172.16.16.16:63124] File
"/opt/privacyIDEA/lib/python2.7/site-packages/redis/client.py", line 570,
in execute_command
*[Mon Sep 12 21:11:34.937745 2016] [:error] [pid 1483] [client
172.16.16.16:63124] connection.send_command(args)
[Mon Sep 12 21:11:34.937757 2016] [:error] [pid 1483] [client
172.16.16.16:63124] File
"/opt/privacyIDEA/lib/python2.7/site-packages/redis/connection.py", line
556, in send_command
*[Mon Sep 12 21:11:34.937958 2016] [:error] [pid 1483] [client
172.16.16.16:63124] self.send_packed_command(self.pack_command(args))
[Mon Sep 12 21:11:34.938001 2016] [:error] [pid 1483] [client
172.16.16.16:63124] File
"/opt/privacyIDEA/lib/python2.7/site-packages/redis/connection.py", line
532, in send_packed_command
[Mon Sep 12 21:11:34.938041 2016] [:error] [pid 1483] [client
172.16.16.16:63124] self.connect()
[Mon Sep 12 21:11:34.938052 2016] [:error] [pid 1483] [client
172.16.16.16:63124] File
"/opt/privacyIDEA/lib/python2.7/site-packages/redis/connection.py", line
436, in connect
[Mon Sep 12 21:11:34.938065 2016] [:error] [pid 1483] [client
172.16.16.16:63124] raise ConnectionError(self._error_message(e))
[Mon Sep 12 21:11:34.938081 2016] [:error] [pid 1483] [client
172.16.16.16:63124] ConnectionError: Error 111 connecting to
localhost:6379. Connection refused.
/etc/httpd/conf.d/privacyidea.conf:
TraceEnable off
ServerSignature Off
ServerTokens Prod
WSGIPythonHome /opt/privacyIDEA
WSGISocketPrefix /var/run/wsgi
-
ServerAdmin support@xxx.xy*
-
ServerName Servername1*
-
RewriteEngine On*
-
RewriteCond %{HTTPS} !=On*
-
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]*
-
ServerAdmin support@xxx.**xy*
-
ServerName Servername*
-
DocumentRoot /var/www*
-
<Directory />*
-
# For Apache 2.4 you need to set this:*
-
# Require all granted*
-
Options FollowSymLinks*
-
AllowOverride None*
-
SSLRequireSSL*
-
AuthType Basic*
-
AuthName "OTP WebUi Login"*
-
AuthBasicProvider wsgi*
-
WSGIAuthUserScript
/opt/privacyIDEA/lib/python2.7/site-packages/authmodules/apache2/privacyidea_apache.py*
-
require valid-user*
-
</Directory>*
-
<Location /validate/check>*
-
Require all granted*
-
Options FollowSymLinks*
-
AllowOverride None*
-
</Location>*
-
<Location /ttype>*
-
Require all granted*
-
Options FollowSymLinks*
-
AllowOverride None*
-
</Location>*
-
# The daemon is running as user 'privacyidea'*
-
# This user should have access to the encKey database
encryption file*
-
WSGIDaemonProcess privacyidea
python-path=/etc/privacyidea:/opt/privacyIDEA/lib/python2.7/site-packages
processes=1 threads=15 display-name=%{GROUP} user=privacyidea*
-
WSGIPassAuthorization On*
-
WSGIProcessGroup privacyidea*
-
WSGIPassAuthorization On*
-
WSGIScriptAlias / /etc/privacyidea/privacyideaapp.wsgi*
-
SSLEngine On*
-
SSLProtocol All -SSLv2 -SSLv3*
-
SSLHonorCipherOrder On*
-
SSLCipherSuite
EECDH+AES256:DHE+AES256:EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:AES256-SHA:!aNULL:!eNULL:!EXP:!LOW:!MD5*
-
SSLCertificateFile /etc/pki/tls/certs/privacyideaserver.pem*
-
SSLCertificateKeyFile
/etc/pki/tls/private/privacyideaserver.key*
Software Versions:
PrivacyIDEA 2.14
centos-release-7-2.1511.el7.centos.2.10.x86_64
Python 2.7.5
Apache/2.4.6 (CentOS)
Could you please tell me, what is wrong?
Thanks in advance!
Tilmann