Hi,
I try to enroll token as mOTP,
I have user on mySQL
Then enroll token for my user.
But, in test process, we noticed that, by using same OTP valueagain and
again , we get Access-Accept packet several times. After couple of minutes
we try again same vlaue and get Access-Reject packet.
I know that in mOTP if we use password we cant use it again.
Have you any idea what is missinig?
Here is some output and log files:
#SAME TOKEN PASSWORD 1ST TRY
root@pid:/home/awtadm# echo “User-Name=fuatarkan, Password=*b7ff92” *|
radclient -sx localhost auth testing123
Sending Access-Request of id 97 to 127.0.0.1 port 1812
User-Name = "fuatarkan"
Password = "b7ff92"
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=97,
length=48
Reply-Message = “privacyIDEA access granted”
Total approved auths: 1
Total denied auths: 0
Total lost auths: 0
root@pid:/home/awtadm# echo "User-Name=fuatarkan, Password=b7ff92" |
radclient -sx localhost auth testing123
#SAME TOKEN PASSWORD 2ND TRY
root@pid:/home/awtadm# date
Thu Jul 9 16:56:55 EEST 2015
root@pid:/home/awtadm# echo "User-Name=fuatarkan, Password=b7ff92" |
radclient -sx localhost auth testing123
Sending Access-Request of id 116 to 127.0.0.1 port 1812
User-Name = "fuatarkan"
Password = "b7ff92"
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=116,
length=48
Reply-Message = “privacyIDEA access granted”
Total approved auths: 1
Total denied auths: 0
Total lost auths: 0
#SAME TOKEN PASSWORD 3RD TRY
root@pid:/home/awtadm# date
Thu Jul 9 16:58:04 EEST 2015
root@pid:/home/awtadm# echo “User-Name=fuatarkan, Password=b7ff92” |
radclient -sx localhost auth testing123
Sending Access-Request of id 63 to 127.0.0.1 port 1812
User-Name = "fuatarkan"
Password = "b7ff92"
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=63,
length=48
Reply-Message = “privacyIDEA access granted”
Total approved auths: 1
Total denied auths: 0
Total lost auths: 0
#SAME TOKEN VALUE 4TH TRY
root@pid:/home/awtadm# date
Thu Jul 9 17:00:09 EEST 2015
root@pid:/home/awtadm# echo "User-Name=fuatarkan, Password=b7ff92" |
radclient -sx localhost auth testing123
Sending Access-Request of id 144 to 127.0.0.1 port 1812
User-Name = "fuatarkan"
Password = "b7ff92"
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=144,
length=37
Reply-Message = “wrong otp value”
Total approved auths: 0
Total denied auths: 1
Total lost auths: 0
#ITS LOG:
root@pid:/# tail -f /var/log/privacyidea/privacyidea.log
#SAME TOKE VALUEN 1ST TRY
[2015-07-09
16:55:34,708][972][140330632910592][INFO][privacyidea.lib.auditmodules.sqlaudit:130]
using the connect string mysql://pi:wZmTUD0G_F6d@localhost/pi
[2015-07-09
16:55:34,737][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:55:34,773][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:55:34,785][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:55:34,785][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:55:34,799][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:55:34,834][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:55:34,846][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:55:34,846][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:55:34,859][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:55:34,895][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:55:34,907][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:55:34,908][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:55:34,927][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:55:34,956][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:55:34,982][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:55:34,995][972][140330632910592][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
16:55:34,996][972][140330632910592][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
16:55:34,996][972][140330632910592][WARNING][privacyidea.lib.tokens.mOTP:126]
otpvalue 24be42 checked once before (-1<=0L)
[2015-07-09
16:55:35,036][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:55:35,072][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:55:35,084][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:55:35,084][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
#SAME TOKEN VALUE 2ND TRY
[2015-07-09
16:56:57,903][972][140330632910592][INFO][privacyidea.lib.auditmodules.sqlaudit:130]
using the connect string mysql://pi:wZmTUD0G_F6d@localhost/pi
[2015-07-09
16:56:57,926][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:56:57,960][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:56:57,972][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:56:57,972][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:56:57,985][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:56:58,017][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:56:58,029][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:56:58,029][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:56:58,043][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:56:58,076][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:56:58,088][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:56:58,088][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:56:58,106][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:56:58,133][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:56:58,159][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:56:58,172][972][140330632910592][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
16:56:58,173][972][140330632910592][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
16:56:58,240][972][140330632910592][INFO][privacyidea.api.lib.postpolicy:237]
There is no machine with IP=IPAddress(‘127.0.0.1’)
#SAME TOKEN VALUE 3RD TRY
[2015-07-09
16:58:09,978][972][140330641303296][INFO][privacyidea.lib.auditmodules.sqlaudit:130]
using the connect string mysql://pi:wZmTUD0G_F6d@localhost/pi
[2015-07-09
16:58:10,004][972][140330641303296][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:58:10,040][972][140330641303296][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:58:10,052][972][140330641303296][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:58:10,052][972][140330641303296][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:58:10,065][972][140330641303296][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:58:10,099][972][140330641303296][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:58:10,111][972][140330641303296][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:58:10,112][972][140330641303296][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:58:10,125][972][140330641303296][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
16:58:10,159][972][140330641303296][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:58:10,171][972][140330641303296][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
16:58:10,171][972][140330641303296][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
16:58:10,187][972][140330641303296][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:58:10,217][972][140330641303296][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:58:10,243][972][140330641303296][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
16:58:10,256][972][140330641303296][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
16:58:10,257][972][140330641303296][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
16:58:10,326][972][140330641303296][INFO][privacyidea.api.lib.postpolicy:237]
There is no machine with IP=IPAddress(‘127.0.0.1’)
#SAME TOKEN VALUE 4TH TRY
[2015-07-09
17:00:12,133][972][140330632910592][INFO][privacyidea.lib.auditmodules.sqlaudit:130]
using the connect string mysql://pi:wZmTUD0G_F6d@localhost/pi
[2015-07-09
17:00:12,159][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
17:00:12,197][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
17:00:12,209][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
17:00:12,210][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
17:00:12,223][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
17:00:12,257][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
17:00:12,269][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
17:00:12,269][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
17:00:12,283][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
17:00:12,317][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
17:00:12,329][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
17:00:12,329][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L
[2015-07-09
17:00:12,345][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
17:00:12,376][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
17:00:12,401][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
17:00:12,415][972][140330632910592][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
17:00:12,416][972][140330632910592][WARNING][privacyidea.lib.crypto:98]
Requesting secret key - verify the usage scope and zero + free
[2015-07-09
17:00:12,416][972][140330632910592][WARNING][privacyidea.lib.tokens.mOTP:126]
otpvalue b7ff92 checked once before (-1<=0L)
[2015-07-09
17:00:12,455][972][140330632910592][INFO][privacyidea.lib.resolvers.PasswdIdResolver:130]
loading users from file /etc/passwd from within ‘/home/privacyidea’
[2015-07-09
17:00:12,491][972][140330632910592][INFO][privacyidea.lib.resolvers.SQLIdResolver:553]
using the connect string mysql://pidbuser:SomePAssword@127.0.0.1:3306/userdb
[2015-07-09
17:00:12,503][972][140330632910592][INFO][privacyidea.lib.user:186] user
u’fuatarkan’ found in resolver u’resolver_SQL’
[2015-07-09
17:00:12,503][972][140330632910592][INFO][privacyidea.lib.user:187] userid
resolved to 1L