Hello Cornelius and all !
Is it possible to remove PIN from a Token (by WEB or API) ?
The only option that I found is to manually clean the sql table (pin_seed &
pin_hash).
Regards
Sim
Excuse me… I’ve another question…
I’ve requested token by SMS and received it.
This is the “List Challenges”:
Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B 00155976067561524466
Wed, 24 Aug 2016 09:38:28 GMT 0
Now… I’m waiting more than 5 minutes…
And then I try to validate token… (09:43)
Result…
“matching 1 tokens”, “type”: “sms”, “serial”: “PISM0000CC7B”, “otplen”: 6}
“result”: {“status”: true, “value”: true}, “time”: 1472024584.399257, “id”:
1}
Mmmm…
This is the log
11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - PISM0000CC7B - …
matching 1 tokens - OK
But the Challenges report expiration : 09:38:28
Is it a bug or a settings?
And what is the “Received: 0”?.. it’s always 0.
Regards
SimOn Wednesday, August 24, 2016 at 9:44:38 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,
regarding the failcounter:
Is this right?
failcounter with several tokens · Issue #471 · privacyidea/privacyidea · GitHub
Or please add more description to this ticket with regards
to your problem.Kind regards
Cornelius
Hi Cornelius,
you are right!
Setting an empty password not clear the DB record but set “empty” correctly.
Yes, i’m using otppin=none as you know but it’s not the best solution with
SMS token.
Now I’m testing otppin=tokenpin and “empty” PIN (for TOTP). It’s equal to
otppin=none,
but I can set PIN for SMS token.
It’s work correctly but there is always the “failcounter” problem for TOTP
SimOn Wednesday, August 24, 2016 at 9:22:47 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,
you can set an empty password or you can set the policy otppin=none.
Kind regards
CorneliusAm Mittwoch, den 24.08.2016, 00:09 -0700 schrieb simv...@gmail.com
<javascript:>:Hello Cornelius and all !
Is it possible to remove PIN from a Token (by WEB or API) ?
The only option that I found is to manually clean the sql table
(pin_seed & pin_hash).Regards
Sim
–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Hi Sim,
regarding the failcounter:
Is this right?
Or please add more description to this ticket with regards
to your problem.
Kind regards
CorneliusAm Mittwoch, den 24.08.2016, 00:42 -0700 schrieb simvirus@gmail.com:
Hi Cornelius,
you are right!Setting an empty password not clear the DB record but set “empty”
correctly.Yes, i’m using otppin=none as you know but it’s not the best solution
with SMS token.Now I’m testing otppin=tokenpin and “empty” PIN (for TOTP). It’s equal
to otppin=none,
but I can set PIN for SMS token.It’s work correctly but there is always the “failcounter” problem for
TOTPSim
On Wednesday, August 24, 2016 at 9:22:47 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,you can set an empty password or you can set the policy otppin=none. Kind regards Cornelius Am Mittwoch, den 24.08.2016, 00:09 -0700 schrieb simv...@gmail.com: > Hello Cornelius and all ! > > Is it possible to remove PIN from a Token (by WEB or API) ? > > The only option that I found is to manually clean the sql table > (pin_seed & pin_hash). > > Regards > > Sim > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/e46596f7-7de8-43f9-9a2d-0db2b0d7daa8%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/7c4d5e77-88dc-42ef-a524-5a5ccf3b9ae0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Hi Sim,
you can set an empty password or you can set the policy otppin=none.
Kind regards
CorneliusAm Mittwoch, den 24.08.2016, 00:09 -0700 schrieb simvirus@gmail.com:
Hello Cornelius and all !
Is it possible to remove PIN from a Token (by WEB or API) ?
The only option that I found is to manually clean the sql table
(pin_seed & pin_hash).Regards
Sim
–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/e46596f7-7de8-43f9-9a2d-0db2b0d7daa8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Hi Sim,
the “0” is the received_count. Roughly It is increased if an invalid
response for this transactinId was retrieved.
The expiration date of a challenge is checked here:
So there might be some confusions with the datatime and your database
column.
You could add a
log.error(c_now)
log.error(self.expiration)
So we would know, what might be wrong there.
Kind regards
CorneliusAm Mittwoch, den 24.08.2016, 00:51 -0700 schrieb simvirus@gmail.com:
Excuse me… I’ve another question…
I’ve requested token by SMS and received it.
This is the “List Challenges”:
Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B
00155976067561524466 Wed, 24 Aug 2016 09:38:28 GMT 0Now… I’m waiting more than 5 minutes…
And then I try to validate token… (09:43)Result…
“matching 1 tokens”, “type”: “sms”, “serial”: “PISM0000CC7B”,
“otplen”: 6}
“result”: {“status”: true, “value”: true}, “time”: 1472024584.399257,
“id”: 1}Mmmm…
This is the log
11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - PISM0000CC7B
- … matching 1 tokens - OK
But the Challenges report expiration : 09:38:28
Is it a bug or a settings?
And what is the “Received: 0”?.. it’s always 0.Regards
SimOn Wednesday, August 24, 2016 at 9:44:38 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,regarding the failcounter: Is this right? https://github.com/privacyidea/privacyidea/issues/471 Or please add more description to this ticket with regards to your problem. Kind regards Cornelius–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/053ab032-2bab-4254-ac14-4bb182958cf3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
-
This is the code
def is_valid(self):
“”"
Returns true, if the expiration time has not passed, yet.
:return: True if valid
:rtype: bool
“”"
ret = False
c_now = datetime.now()
log.error(“XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”)
log.error(c_now)
log.error(self.expiration)
if c_now < self.expiration:
ret = True
return ret -
enabled PI_LOGLEVEL = logging.DEBUG
-
rm /usr/lib/python2.7/dist-packages/privacyidea/models.pyc
-
restarted Apache
-
request SMS PIN and used it (/validate/check?user=…) before expire (for
a test)
…but not “XXXXX…” in /var/log/privacyidea/privacyidea.log …
mmm…On Thursday, August 25, 2016 at 12:38:58 PM UTC+2, Cornelius Kölbel wrote:
Yes, that’s right.
Am Donnerstag, den 25.08.2016, 02:58 -0700 schrieb simv...@gmail.com
<javascript:>:Well, I can add
log.error(c_now)
log.error(self.expiration)in the middle of 1090 and 1091, right?
Regards
SimOn Thursday, August 25, 2016 at 11:48:47 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,the "0" is the received_count. Roughly It is increased if an invalid response for this transactinId was retrieved. The expiration date of a challenge is checked here:https://github.com/privacyidea/privacyidea/blob/master/privacyidea/models.py#L1083
So there might be some confusions with the datatime and your database column. You could add a log.error(c_now) log.error(self.expiration) So we would know, what might be wrong there. Kind regards Cornelius Am Mittwoch, den 24.08.2016, 00:51 -0700 schrieb simv...@gmail.com: > Excuse me... I've another question..... > > I've requested token by SMS and received it. > > This is the "List Challenges": > > Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B > 00155976067561524466 Wed, 24 Aug 2016 09:38:28 GMT 0 > > Now... I'm waiting more than 5 minutes..... > And then I try to validate token.. (09:43) > > Result.. > > "matching 1 tokens", "type": "sms", "serial": "PISM0000CC7B", > "otplen": 6} > "result": {"status": true, "value": true}, "time": 1472024584.399257, > "id": 1} > > Mmmm.... > > This is the log > > 11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - PISM0000CC7B > - ... matching 1 tokens - OK > > But the Challenges report expiration : 09:38:28 > > Is it a bug or a settings? > And what is the "Received: 0"?... it's always 0. > > Regards > Sim > > > > On Wednesday, August 24, 2016 at 9:44:38 AM UTC+2, Cornelius Kölbel wrote: > Hi Sim, > > regarding the failcounter: > > Is this right? > https://github.com/privacyidea/privacyidea/issues/471 > Or please add more description to this ticket with regards > to your problem. > > Kind regards > Cornelius > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit >> For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Yes, that’s right.Am Donnerstag, den 25.08.2016, 02:58 -0700 schrieb simvirus@gmail.com:
Well, I can add
log.error(c_now)
log.error(self.expiration)in the middle of 1090 and 1091, right?
Regards
SimOn Thursday, August 25, 2016 at 11:48:47 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,the "0" is the received_count. Roughly It is increased if an invalid response for this transactinId was retrieved. The expiration date of a challenge is checked here: https://github.com/privacyidea/privacyidea/blob/master/privacyidea/models.py#L1083 So there might be some confusions with the datatime and your database column. You could add a log.error(c_now) log.error(self.expiration) So we would know, what might be wrong there. Kind regards Cornelius Am Mittwoch, den 24.08.2016, 00:51 -0700 schrieb simv...@gmail.com: > Excuse me... I've another question..... > > I've requested token by SMS and received it. > > This is the "List Challenges": > > Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B > 00155976067561524466 Wed, 24 Aug 2016 09:38:28 GMT 0 > > Now... I'm waiting more than 5 minutes..... > And then I try to validate token.. (09:43) > > Result.. > > "matching 1 tokens", "type": "sms", "serial": "PISM0000CC7B", > "otplen": 6} > "result": {"status": true, "value": true}, "time": 1472024584.399257, > "id": 1} > > Mmmm.... > > This is the log > > 11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - PISM0000CC7B > - ... matching 1 tokens - OK > > But the Challenges report expiration : 09:38:28 > > Is it a bug or a settings? > And what is the "Received: 0"?... it's always 0. > > Regards > Sim > > > > On Wednesday, August 24, 2016 at 9:44:38 AM UTC+2, Cornelius Kölbel wrote: > Hi Sim, > > regarding the failcounter: > > Is this right? > https://github.com/privacyidea/privacyidea/issues/471 > Or please add more description to this ticket with regards > to your problem. > > Kind regards > Cornelius > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/053ab032-2bab-4254-ac14-4bb182958cf3%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/289b29e0-54e4-4d65-b47a-c8fd016049d6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Well, I can add
log.error(c_now)
log.error(self.expiration)
in the middle of 1090 and 1091, right?
Regards
SimOn Thursday, August 25, 2016 at 11:48:47 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,
the “0” is the received_count. Roughly It is increased if an invalid
response for this transactinId was retrieved.The expiration date of a challenge is checked here:
https://github.com/privacyidea/privacyidea/blob/master/privacyidea/models.py#L1083
So there might be some confusions with the datatime and your database
column.You could add a
log.error(c_now)
log.error(self.expiration)So we would know, what might be wrong there.
Kind regards
CorneliusAm Mittwoch, den 24.08.2016, 00:51 -0700 schrieb simv...@gmail.com
<javascript:>:Excuse me… I’ve another question…
I’ve requested token by SMS and received it.
This is the “List Challenges”:
Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B
00155976067561524466 Wed, 24 Aug 2016 09:38:28 GMT 0Now… I’m waiting more than 5 minutes…
And then I try to validate token… (09:43)Result…
“matching 1 tokens”, “type”: “sms”, “serial”: “PISM0000CC7B”,
“otplen”: 6}
“result”: {“status”: true, “value”: true}, “time”: 1472024584.399257,
“id”: 1}Mmmm…
This is the log
11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - PISM0000CC7B
- … matching 1 tokens - OK
But the Challenges report expiration : 09:38:28
Is it a bug or a settings?
And what is the “Received: 0”?.. it’s always 0.Regards
SimOn Wednesday, August 24, 2016 at 9:44:38 AM UTC+2, Cornelius Kölbel wrote:
Hi Sim,regarding the failcounter: Is this right? https://github.com/privacyidea/privacyidea/issues/471 Or please add more description to this ticket with regards to your problem. Kind regards Cornelius–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea...@googlegroups.com <javascript:>.
To post to this group, send email to priva...@googlegroups.com
<javascript:>.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visitFor more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
corneliu…@netknights.it <javascript:>
+49 151 2960 1417NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
Excuse me again…
Any idea about this?
Regards
SimOn Wednesday, August 24, 2016 at 9:51:53 AM UTC+2, simv...@gmail.com wrote:
Excuse me… I’ve another question…
I’ve requested token by SMS and received it.
This is the “List Challenges”:
Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B 00155976067561524466
Wed, 24 Aug 2016 09:38:28 GMT 0Now… I’m waiting more than 5 minutes…
And then I try to validate token… (09:43)Result…
“matching 1 tokens”, “type”: “sms”, “serial”: “PISM0000CC7B”, “otplen”: 6}
“result”: {“status”: true, “value”: true}, “time”: 1472024584.399257,
“id”: 1}Mmmm…
This is the log
11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - PISM0000CC7B - …
matching 1 tokens - OKBut the Challenges report expiration : 09:38:28
Is it a bug or a settings?
And what is the “Received: 0”?.. it’s always 0.Regards
Sim
Hi Sim,
I am not sure if this is a bug or a misunderstanding.
I opened an issue on github
since for me the mailing list is the wrong place to track this.
Kind regards
CorneliusAm Donnerstag, den 25.08.2016, 08:09 -0700 schrieb simvirus@gmail.com:
This is the code
def is_valid(self):
“”"
Returns true, if the expiration time has not passed, yet.
:return: True if valid
:rtype: bool
“”"
ret = False
c_now = datetime.now()
log.error(“XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”)
log.error(c_now)
log.error(self.expiration)
if c_now < self.expiration:
ret = True
return retenabled PI_LOGLEVEL = logging.DEBUG
rm /usr/lib/python2.7/dist-packages/privacyidea/models.pyc
restarted Apache
request SMS PIN and used it (/validate/check?user=…) before expire
(for a test)…but not “XXXXX…” in /var/log/privacyidea/privacyidea.log …
mmm…
On Thursday, August 25, 2016 at 12:38:58 PM UTC+2, Cornelius Kölbel wrote:
Yes, that’s right.Am Donnerstag, den 25.08.2016, 02:58 -0700 schrieb simv...@gmail.com: > Well, I can add > > log.error(c_now) > log.error(self.expiration) > > in the middle of 1090 and 1091, right? > > Regards > Sim > > > On Thursday, August 25, 2016 at 11:48:47 AM UTC+2, Cornelius Kölbel wrote: > Hi Sim, > > the "0" is the received_count. Roughly It is increased if an > invalid > response for this transactinId was retrieved. > > The expiration date of a challenge is checked here: > > https://github.com/privacyidea/privacyidea/blob/master/privacyidea/models.py#L1083 > > So there might be some confusions with the datatime and your > database > column. > > You could add a > > log.error(c_now) > log.error(self.expiration) > > So we would know, what might be wrong there. > > Kind regards > Cornelius > > Am Mittwoch, den 24.08.2016, 00:51 -0700 schrieb > simv...@gmail.com: > > Excuse me... I've another question..... > > > > I've requested token by SMS and received it. > > > > This is the "List Challenges": > > > > Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B > > 00155976067561524466 Wed, 24 Aug 2016 09:38:28 GMT > 0 > > > > Now... I'm waiting more than 5 minutes..... > > And then I try to validate token.. (09:43) > > > > Result.. > > > > "matching 1 tokens", "type": "sms", "serial": > "PISM0000CC7B", > > "otplen": 6} > > "result": {"status": true, "value": true}, "time": > 1472024584.399257, > > "id": 1} > > > > Mmmm.... > > > > This is the log > > > > 11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - > PISM0000CC7B > > - ... matching 1 tokens - OK > > > > But the Challenges report expiration : 09:38:28 > > > > Is it a bug or a settings? > > And what is the "Received: 0"?... it's always 0. > > > > Regards > > Sim > > > > > > > > On Wednesday, August 24, 2016 at 9:44:38 AM UTC+2, Cornelius Kölbel wrote: > > Hi Sim, > > > > regarding the failcounter: > > > > Is this right? > > > https://github.com/privacyidea/privacyidea/issues/471 > > Or please add more description to this ticket with > regards > > to your problem. > > > > Kind regards > > Cornelius > > > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/privacyidea/053ab032-2bab-4254-ac14-4bb182958cf3%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/289b29e0-54e4-4d65-b47a-c8fd016049d6%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/be113139-2821-40eb-97d5-5aa7a5902db0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)
Hi Sim,
could it be, that you are authenticating like this:
- username
password
→ you get your SMS with OTP
- username
password + otp
Kind regards
CorneliusAm Donnerstag, den 25.08.2016, 08:09 -0700 schrieb simvirus@gmail.com:
This is the code
def is_valid(self):
“”"
Returns true, if the expiration time has not passed, yet.
:return: True if valid
:rtype: bool
“”"
ret = False
c_now = datetime.now()
log.error(“XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”)
log.error(c_now)
log.error(self.expiration)
if c_now < self.expiration:
ret = True
return retenabled PI_LOGLEVEL = logging.DEBUG
rm /usr/lib/python2.7/dist-packages/privacyidea/models.pyc
restarted Apache
request SMS PIN and used it (/validate/check?user=…) before expire
(for a test)…but not “XXXXX…” in /var/log/privacyidea/privacyidea.log …
mmm…
On Thursday, August 25, 2016 at 12:38:58 PM UTC+2, Cornelius Kölbel wrote:
Yes, that’s right.Am Donnerstag, den 25.08.2016, 02:58 -0700 schrieb simv...@gmail.com: > Well, I can add > > log.error(c_now) > log.error(self.expiration) > > in the middle of 1090 and 1091, right? > > Regards > Sim > > > On Thursday, August 25, 2016 at 11:48:47 AM UTC+2, Cornelius Kölbel wrote: > Hi Sim, > > the "0" is the received_count. Roughly It is increased if an > invalid > response for this transactinId was retrieved. > > The expiration date of a challenge is checked here: > > https://github.com/privacyidea/privacyidea/blob/master/privacyidea/models.py#L1083 > > So there might be some confusions with the datatime and your > database > column. > > You could add a > > log.error(c_now) > log.error(self.expiration) > > So we would know, what might be wrong there. > > Kind regards > Cornelius > > Am Mittwoch, den 24.08.2016, 00:51 -0700 schrieb > simv...@gmail.com: > > Excuse me... I've another question..... > > > > I've requested token by SMS and received it. > > > > This is the "List Challenges": > > > > Wed, 24 Aug 2016 09:33:28 GMT PISM0000CC7B > > 00155976067561524466 Wed, 24 Aug 2016 09:38:28 GMT > 0 > > > > Now... I'm waiting more than 5 minutes..... > > And then I try to validate token.. (09:43) > > > > Result.. > > > > "matching 1 tokens", "type": "sms", "serial": > "PISM0000CC7B", > > "otplen": 6} > > "result": {"status": true, "value": true}, "time": > 1472024584.399257, > > "id": 1} > > > > Mmmm.... > > > > This is the log > > > > 11572 - 8/24/16 09:43:04 - GET /validate/check - 1 - > PISM0000CC7B > > - ... matching 1 tokens - OK > > > > But the Challenges report expiration : 09:38:28 > > > > Is it a bug or a settings? > > And what is the "Received: 0"?... it's always 0. > > > > Regards > > Sim > > > > > > > > On Wednesday, August 24, 2016 at 9:44:38 AM UTC+2, Cornelius Kölbel wrote: > > Hi Sim, > > > > regarding the failcounter: > > > > Is this right? > > > https://github.com/privacyidea/privacyidea/issues/471 > > Or please add more description to this ticket with > regards > > to your problem. > > > > Kind regards > > Cornelius > > > > -- > > Please read the blog post about getting help > > https://www.privacyidea.org/getting-help/. > > > > For professional services and consultancy regarding two > factor > > authentication please visit > > https://netknights.it/en/leistungen/one-time-services/ > > > > In an enterprise environment you should get a SERVICE LEVEL > AGREEMENT > > which suites your needs for SECURITY, AVAILABILITY and > LIABILITY: > > > https://netknights.it/en/leistungen/service-level-agreements/ > > --- > > You received this message because you are subscribed to the > Google > > Groups "privacyidea" group. > > To unsubscribe from this group and stop receiving emails > from it, send > > an email to privacyidea...@googlegroups.com. > > To post to this group, send email to > priva...@googlegroups.com. > > Visit this group at > https://groups.google.com/group/privacyidea. > > To view this discussion on the web visit > > > https://groups.google.com/d/msgid/privacyidea/053ab032-2bab-4254-ac14-4bb182958cf3%40googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > -- > Cornelius Kölbel > corneliu...@netknights.it > +49 151 2960 1417 > > NetKnights GmbH > http://www.netknights.it > Landgraf-Karl-Str. 19, 34131 Kassel, Germany > Tel: +49 561 3166797, Fax: +49 561 3166798 > > Amtsgericht Kassel, HRB 16405 > Geschäftsführer: Cornelius Kölbel > > > -- > Please read the blog post about getting help > https://www.privacyidea.org/getting-help/. > > For professional services and consultancy regarding two factor > authentication please visit > https://netknights.it/en/leistungen/one-time-services/ > > In an enterprise environment you should get a SERVICE LEVEL AGREEMENT > which suites your needs for SECURITY, AVAILABILITY and LIABILITY: > https://netknights.it/en/leistungen/service-level-agreements/ > --- > You received this message because you are subscribed to the Google > Groups "privacyidea" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to privacyidea...@googlegroups.com. > To post to this group, send email to priva...@googlegroups.com. > Visit this group at https://groups.google.com/group/privacyidea. > To view this discussion on the web visit > https://groups.google.com/d/msgid/privacyidea/289b29e0-54e4-4d65-b47a-c8fd016049d6%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. -- Cornelius Kölbel corneliu...@netknights.it +49 151 2960 1417 NetKnights GmbH http://www.netknights.it Landgraf-Karl-Str. 19, 34131 Kassel, Germany Tel: +49 561 3166797, Fax: +49 561 3166798 Amtsgericht Kassel, HRB 16405 Geschäftsführer: Cornelius Kölbel–
Please read the blog post about getting help
Getting help – privacyID3A.For professional services and consultancy regarding two factor
authentication please visit
One Time Services - NetKnights - IT-Sicherheit - Zwei-Faktor-Authentisierung - VerschlüsselungIn an enterprise environment you should get a SERVICE LEVEL AGREEMENT
which suites your needs for SECURITY, AVAILABILITY and LIABILITY:
privacyIDEA Support LevelYou received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
Visit this group at https://groups.google.com/group/privacyidea.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/be113139-2821-40eb-97d5-5aa7a5902db0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)