Hello,
I’ve successfully installed my privacyIDEA instance on Debian 9, test authentication is OK from the web interface but I have an issue regarding JSON decoding in Freeradius (3.0.12).
Authentication seems to be OK, but Freeradius is unable to decode JSON response (I’ve added an output of the exception at the end of the try/catch part in the source code)
rlm_perl: Config File /etc/privacyidea/rlm_perl.ini found!
rlm_perl: Debugging config: true
rlm_perl: Default URL https://localhost/validate/check
rlm_perl: Looking for config for auth-type perl
rlm_perl: RAD_REQUEST: Event-Timestamp = Aug 14 2017 17:51:17 CEST
rlm_perl: RAD_REQUEST: Service-Type = Authenticate-Only
rlm_perl: RAD_REQUEST: User-Name = root
rlm_perl: RAD_REQUEST: User-Password = XXXX115792
rlm_perl: RAD_REQUEST: NAS-Identifier = su
rlm_perl: RAD_REQUEST: NAS-Port = 11594
rlm_perl: RAD_REQUEST: NAS-IP-Address = 192.168.0.25
rlm_perl: RAD_REQUEST: NAS-Port-Type = Virtual
rlm_perl: Auth-Type: perl
rlm_perl: url: https://localhost/validate/check
rlm_perl: user sent to privacyidea: root
rlm_perl: realm sent to privacyidea: realm1
rlm_perl: resolver sent to privacyidea: pwdsource
rlm_perl: client sent to privacyidea: 192.168.0.25
rlm_perl: state sent to privacyidea:
rlm_perl: urlparam realm = realm1
rlm_perl: urlparam client = 192.168.0.25
rlm_perl: urlparam resConf = pwdsource
rlm_perl: urlparam user = root
rlm_perl: urlparam pass = XXXX115792
rlm_perl: Request timeout: 10
rlm_perl: Not verifying SSL certificate!
rlm_perl: Content {“jsonrpc”: “2.0”, “signature”: “18365512362869151066958281934427771350595122712630370762297526294073079622782110161964183445601344238857180181056313258482684695264839901938889284467103901597081310075076385423330218922173686107875037170036355033992033665440531781231398049229715753156503890746147743372448884080985511803066180718495540184424425955465436432696366981518971749665936262609686059380486503329744899898010432231964474563785766039710255588623405673073879126096813694181290967353886816981446104649938601805310618054548142786746217413195645856418334057036537294901535101895752747793085003677874577453058625111006603958884454069501839162198033”, “detail”: {“message”: “matching 1 tokens”, “type”: “totp”, “serial”: “TOTP0001BFD3”, “otplen”: 6, “threadid”: 140196425828096}, “versionnumber”: “2.19.1”, “version”: “privacyIDEA 2.19.1”, “result”: {“status”: true, “value”: true}, “time”: 1502725877.978869, “id”: 1}
rlm_perl: Can not parse response from privacyIDEA.
rlm_perl: JSON text must be an object or array (but found number, string, true, false or null, use allow_nonref to allow this) at /opt/privacyidea/lib/privacyidea/authmodules/FreeRADIUS/privacyidea_radius.pm line 388.
rlm_perl: return RLM_MODULE_REJECT
SOFT ASSERT FAILED src/modules/rlm_perl/rlm_perl.c[703]: *vps
(0) perl: &request:Event-Timestamp = $RAD_REQUEST{‘Event-Timestamp’} -> ‘Aug 14 2017 17:51:17 CEST’
(0) perl: &request:Service-Type = $RAD_REQUEST{‘Service-Type’} -> ‘Authenticate-Only’
(0) perl: &request:User-Name = $RAD_REQUEST{‘User-Name’} -> ‘root’
(0) perl: &request:User-Password = $RAD_REQUEST{‘User-Password’} -> ‘XXXX115792’
(0) perl: &request:NAS-Identifier = $RAD_REQUEST{‘NAS-Identifier’} -> ‘su’
(0) perl: &request:NAS-Port = $RAD_REQUEST{‘NAS-Port’} -> ‘11594’
(0) perl: &request:NAS-IP-Address = $RAD_REQUEST{‘NAS-IP-Address’} -> ‘192.168.0.25’
(0) perl: &request:NAS-Port-Type = $RAD_REQUEST{‘NAS-Port-Type’} -> 'Virtual’
SOFT ASSERT FAILED src/modules/rlm_perl/rlm_perl.c[703]: *vps