Hi all,
I configured a fresh install of SimpleSAMLphp (version 1.3.2) along with
privacyIDEA (version 2.9.1) on Ubuntu 14.0.4 LTS. My web server is nginx.
Appreciate any help with the following two issues:
-
UserName/Password authentication failing from SimpleSAMLphp. Please see
attached screenshot. -
I accidentally deleted /var/log/privacyidea.log, and now nothing gets
logged to this file. I restarted syslog and nginx, but no luck.
Here are additional details of my SimpleSamlphp + privacyIDEA configuration:
FYI…I created simple flat file password resolver using the following
command.
privacyidea-create-pwidresolver-user -u johns -i 1002 >> /etc/pi-flatfile
root@sso-idp:~# more /etc/pi-flatfile
johns:05ebNChJlMUJ6:1002:1002:::
root@sso-idp:~#
root@sso-idp:/var/log/privacyidea# dpkg -l|grep -i privacyidea
ii privacyidea-nginx 2.9-1trusty
all
2FA system. This is a meta package to install privacyidea with nginx
ii privacyidea-simplesamlphp 2.9-1trusty
all
SimpleSAMLphp module for privacyIDEA to do two factor authentication
ii python-privacyidea 2.9-1trusty
all
two-factor authentication system e.g. for OTP devices
root@sso-idp:/etc/simplesamlphp# grep -i “enable.saml” config.php
’enable.saml20-idp’ => true,
root@sso-idp:/etc/simplesamlphp#
root@sso-idp:/etc/simplesamlphp# ls -lt
/usr/share/simplesamlphp/modules/privacyidea/enable
-rw-r–r-- 1 root root 0 Feb 6 18:35
/usr/share/simplesamlphp/modules/privacyidea/enable
root@sso-idp:/etc/simplesamlphp#
authsources.php
'example-privacyidea' => array(
'privacyidea:privacyidea',
'privacyideaserver' => 'https://sso-idp.domain.com',
'sslverifyhost' => False,
'sslverifypeer' => False,
'realm' => '',
'attributemap' => array(
'username' => 'samlLoginName',
'surname' => 'surName',
'givenname' => 'givenName',
'email' => 'emailAddress',
'phone' => 'telePhone',
'mobile' => 'mobilePhone'
),
),
root@sso-idp:/etc/simplesamlphp/metadata# more saml20-idp-hosted.php
<?php $metadata['__DYNAMIC:1__'] = array( /* * The hostname for this IdP. This makes it possible to run multiple * IdPs from the same configuration. '__DEFAULT__' means that this one * should be used by default. */ 'host' => '__DEFAULT__', /* * The private key and certificate to use when signing responses. * These are stored in the cert-directory. */ 'privatekey' => 'simplesamlphp.pem', 'certificate' => 'simplesamlphp.crt', /* * The authentication source which should be used to authenticate the * user. This must match one of the entries in config/authsources.php. */ 'auth' => 'example-privacyidea', ); root@sso-idp:/etc/simplesamlphp/metadata# Thank you very much for your help in advance. Best Regards, John