Created
January 14, 2022 12:04
-
-
Save michimau/473e7ab2908271b897ede0775fb36ee3 to your computer and use it in GitHub Desktop.
privacyidea 3.3.1 pi-ad
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2022-01-14 11:58:32,227][557][140069404256000][DEBUG][privacyidea.api.before_after:84] Begin handling of request u'/validate/check?' | |
| [2022-01-14 11:58:32,227][557][140069404256000][DEBUG][privacyidea.api.lib.utils:254] Can not get param: No JSON object could be decoded | |
| [2022-01-14 11:58:32,227][557][140069404256000][DEBUG][privacyidea.lib.user:186] Entering get_user_from_param with arguments ({'user': u'admin', 'pass': u'changeme'},) and keywords {} | |
| [2022-01-14 11:58:32,228][557][140069404256000][DEBUG][privacyidea.lib.config:186] Entering get_from_config with arguments ('splitAtSign',) and keywords {'return_bool': True} | |
| [2022-01-14 11:58:32,228][557][140069404256000][DEBUG][privacyidea.lib.config:323] Cloning request-local config from shared config object | |
| [2022-01-14 11:58:32,228][557][140069404256000][DEBUG][privacyidea.lib.config:280] Creating new shared config object | |
| [2022-01-14 11:58:32,281][557][140069404256000][DEBUG][privacyidea.lib.utils:759] Values are not initialized. We need to reread policies from DB. | |
| [2022-01-14 11:58:32,282][557][140069404256000][DEBUG][privacyidea.lib.utils:764] timestamp in DB newer. We need to reread policies from DB. | |
| [2022-01-14 11:58:32,282][557][140069404256000][DEBUG][privacyidea.lib.config:102] Reloading shared config from database | |
| [2022-01-14 11:58:32,286][557][140069404256000][DEBUG][privacyidea.lib.crypto:186] Entering decryptPassword with arguments (u'1b333fbb28f2c4522c6e504d416a6937:6352cd4ce414c4bf5690df5e36584000acbb492da426a956f5e51c35a78bdb0d',) and keywords {} | |
| [2022-01-14 11:58:32,287][557][140069404256000][DEBUG][privacyidea.lib.utils:1198] klass: <class 'privacyidea.lib.security.default.DefaultSecurityModule'> | |
| [2022-01-14 11:58:32,287][557][140069404256000][INFO][privacyidea.lib.crypto:781] initializing HSM class: <class 'privacyidea.lib.security.default.DefaultSecurityModule'> | |
| [2022-01-14 11:58:32,287][557][140069404256000][INFO][privacyidea.lib.crypto:220] Initialized HSM object {'obj': <privacyidea.lib.security.default.DefaultSecurityModule object at 0x7f645692f310>} | |
| [2022-01-14 11:58:32,288][557][140069404256000][DEBUG][privacyidea.lib.crypto:186] Entering aes_cbc_decrypt with arguments ("\xb6l\x02\xe0\x08\xe7\xc1\xd8\xd5l\x0f '\x10HV\xf5\x88Q\xd4\x8f\xe2\xba\x81\x8a\xf2|!H\x85O\xa9", '\x1b3?\xbb(\xf2\xc4R,nPMAji7', 'cR\xcdL\xe4\x14\xc4\xbfV\x90\xdf^6X@\x00\xac\xbbI-\xa4&\xa9V\xf5\xe5\x1c5\xa7\x8b\xdb\r') and keywords {} | |
| [2022-01-14 11:58:32,288][557][140069404256000][DEBUG][privacyidea.lib.crypto:200] Exiting aes_cbc_decrypt with result HIDDEN | |
| [2022-01-14 11:58:32,288][557][140069404256000][DEBUG][privacyidea.lib.crypto:200] Exiting decryptPassword with result HIDDEN | |
| [2022-01-14 11:58:32,300][557][140069404256000][DEBUG][privacyidea.lib.config:198] Exiting get_from_config with result True | |
| [2022-01-14 11:58:32,300][557][140069404256000][DEBUG][privacyidea.lib.user:186] Entering split_user with arguments (u'admin',) and keywords {} | |
| [2022-01-14 11:58:32,301][557][140069404256000][DEBUG][privacyidea.lib.user:198] Exiting split_user with result (u'admin', '') | |
| [2022-01-14 11:58:32,301][557][140069404256000][DEBUG][privacyidea.lib.realm:186] Entering get_default_realm with arguments () and keywords {} | |
| [2022-01-14 11:58:32,301][557][140069404256000][DEBUG][privacyidea.lib.realm:198] Exiting get_default_realm with result ad | |
| [2022-01-14 11:58:32,301][557][140069404256000][DEBUG][privacyidea.lib.user:186] Entering __init__ with arguments (User(login='', realm='', resolver=''),) and keywords {'login': u'admin', 'realm': u'ad', 'resolver': None} | |
| [2022-01-14 11:58:32,301][557][140069404256000][DEBUG][privacyidea.lib.config:186] Entering get_from_config with arguments ('UserCacheExpiration', '0') and keywords {} | |
| [2022-01-14 11:58:32,301][557][140069404256000][DEBUG][privacyidea.lib.config:198] Exiting get_from_config with result 0 | |
| [2022-01-14 11:58:32,302][557][140069404256000][DEBUG][privacyidea.lib.user:186] Entering get_ordererd_resolvers with arguments (User(login=u'admin', realm=u'ad', resolver=''),) and keywords {} | |
| [2022-01-14 11:58:32,302][557][140069404256000][DEBUG][privacyidea.lib.realm:186] Entering get_realms with arguments (u'ad',) and keywords {} | |
| [2022-01-14 11:58:32,302][557][140069404256000][DEBUG][privacyidea.lib.realm:198] Exiting get_realms with result {u'ad': {'default': True, 'option': u'', 'resolver': [{'priority': None, 'type': u'ldapresolver', 'name': u'AD'}]}} | |
| [2022-01-14 11:58:32,302][557][140069404256000][DEBUG][privacyidea.lib.user:198] Exiting get_ordererd_resolvers with result [u'AD'] | |
| [2022-01-14 11:58:32,302][557][140069404256000][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_object with arguments (u'AD',) and keywords {} | |
| [2022-01-14 11:58:32,302][557][140069404256000][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_list with arguments () and keywords {'filter_resolver_name': u'AD'} | |
| [2022-01-14 11:58:32,303][557][140069404256000][DEBUG][privacyidea.lib.resolver:200] Exiting get_resolver_list with result HIDDEN | |
| [2022-01-14 11:58:32,303][557][140069404256000][DEBUG][privacyidea.lib.config:186] Entering get_resolver_list with arguments () and keywords {} | |
| [2022-01-14 11:58:32,303][557][140069404256000][DEBUG][privacyidea.lib.config:649] None | |
| [2022-01-14 11:58:32,303][557][140069404256000][DEBUG][privacyidea.lib.config:198] Exiting get_resolver_list with result set(['privacyidea.lib.resolvers.PasswdIdResolver', 'privacyidea.lib.resolvers.SCIMIdResolver', 'privacyidea.lib.resolvers.SQLIdResolver', 'privacyidea.lib.resolvers.LDAPIdResolver']) | |
| [2022-01-14 11:58:32,303][557][140069404256000][DEBUG][privacyidea.lib.config:786] using the module list: set(['privacyidea.lib.resolvers.PasswdIdResolver', 'privacyidea.lib.resolvers.SCIMIdResolver', 'privacyidea.lib.resolvers.SQLIdResolver', 'privacyidea.lib.resolvers.LDAPIdResolver']) | |
| [2022-01-14 11:58:32,303][557][140069404256000][DEBUG][privacyidea.lib.config:794] import module: privacyidea.lib.resolvers.PasswdIdResolver | |
| [2022-01-14 11:58:32,304][557][140069404256000][DEBUG][privacyidea.lib.config:794] import module: privacyidea.lib.resolvers.SCIMIdResolver | |
| [2022-01-14 11:58:32,304][557][140069404256000][DEBUG][privacyidea.lib.config:794] import module: privacyidea.lib.resolvers.SQLIdResolver | |
| [2022-01-14 11:58:32,311][557][140069404256000][DEBUG][privacyidea.lib.config:794] import module: privacyidea.lib.resolvers.LDAPIdResolver | |
| [2022-01-14 11:58:32,339][557][140069404256000][DEBUG][privacyidea.lib.config:603] module: <module 'privacyidea.lib.resolvers.PasswdIdResolver' from '/opt/privacyidea/lib/python2.7/site-packages/privacyidea/lib/resolvers/PasswdIdResolver.pyc'> | |
| [2022-01-14 11:58:32,339][557][140069404256000][DEBUG][privacyidea.lib.config:603] module: <module 'privacyidea.lib.resolvers.SCIMIdResolver' from '/opt/privacyidea/lib/python2.7/site-packages/privacyidea/lib/resolvers/SCIMIdResolver.pyc'> | |
| [2022-01-14 11:58:32,339][557][140069404256000][DEBUG][privacyidea.lib.config:603] module: <module 'privacyidea.lib.resolvers.SQLIdResolver' from '/opt/privacyidea/lib/python2.7/site-packages/privacyidea/lib/resolvers/SQLIdResolver.pyc'> | |
| [2022-01-14 11:58:32,340][557][140069404256000][DEBUG][privacyidea.lib.config:603] module: <module 'privacyidea.lib.resolvers.LDAPIdResolver' from '/opt/privacyidea/lib/python2.7/site-packages/privacyidea/lib/resolvers/LDAPIdResolver.pyc'> | |
| [2022-01-14 11:58:32,340][557][140069404256000][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_config with arguments (u'AD',) and keywords {} | |
| [2022-01-14 11:58:32,340][557][140069404256000][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_list with arguments () and keywords {'filter_resolver_name': u'AD'} | |
| [2022-01-14 11:58:32,340][557][140069404256000][DEBUG][privacyidea.lib.resolver:200] Exiting get_resolver_list with result HIDDEN | |
| [2022-01-14 11:58:32,340][557][140069404256000][DEBUG][privacyidea.lib.resolver:200] Exiting get_resolver_config with result HIDDEN | |
| [2022-01-14 11:58:32,342][557][140069404256000][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:173] Get LDAP schema info: 'SCHEMA' | |
| [2022-01-14 11:58:32,342][557][140069404256000][DEBUG][privacyidea.lib.resolver:198] Exiting get_resolver_object with result <privacyidea.lib.resolvers.LDAPIdResolver.IdResolver object at 0x7f645691c4d0> | |
| [2022-01-14 11:58:32,343][557][140069404256000][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:869] Added plover.eea.eu.int, 389, False to server pool. | |
| [2022-01-14 11:58:32,483][557][140069404256000][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:1276] Doing start_tls | |
| [2022-01-14 11:58:34,159][557][140069404256000][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:608] login name filter: u'mail=admin' | |
| [2022-01-14 11:58:34,160][557][140069404256000][DEBUG][privacyidea.lib.resolvers.LDAPIdResolver:616] Searching user u'admin' in LDAP. | |
| [2022-01-14 11:58:34,195][557][140069404256000][DEBUG][privacyidea.lib.user:241] user u'admin' not found in resolver u'AD' | |
| [2022-01-14 11:58:34,195][557][140069404256000][DEBUG][privacyidea.lib.resolver:186] Entering get_resolver_list with arguments () and keywords {'filter_resolver_name': ''} | |
| [2022-01-14 11:58:34,196][557][140069404256000][DEBUG][privacyidea.lib.resolver:200] Exiting get_resolver_list with result HIDDEN | |
| [2022-01-14 11:58:34,196][557][140069404256000][DEBUG][privacyidea.lib.user:198] Exiting __init__ with result None | |
| [2022-01-14 11:58:34,196][557][140069404256000][DEBUG][privacyidea.lib.user:198] Exiting get_user_from_param with result <admin@ad> | |
| [2022-01-14 11:58:34,196][557][140069404256000][DEBUG][privacyidea.lib.audit:189] Entering getAudit with arguments HIDDEN and keywords HIDDEN | |
| [2022-01-14 11:58:34,198][557][140069404256000][DEBUG][privacyidea.lib.utils:1198] klass: <class 'privacyidea.lib.auditmodules.sqlaudit.Audit'> | |
| [2022-01-14 11:58:34,198][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.base:186] Entering read_keys with arguments (<privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7f64550733d0>, '/etc/privacyidea/public.pem', '/etc/privacyidea/private.pem') and keywords {} | |
| [2022-01-14 11:58:34,199][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.base:198] Exiting read_keys with result None | |
| [2022-01-14 11:58:34,199][557][140069404256000][INFO][privacyidea.lib.pooling:119] Created a new engine registry: <privacyidea.lib.pooling.SharedEngineRegistry object at 0x7f6455073450> | |
| [2022-01-14 11:58:34,200][557][140069404256000][INFO][privacyidea.lib.pooling:84] Creating a new engine and connection pool for key sqlaudit | |
| [2022-01-14 11:58:34,200][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.sqlaudit:122] using the connect string mysql+pymysql://pi:xxxx@localhost/pi | |
| [2022-01-14 11:58:34,202][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.sqlaudit:129] Using SQL pool size of 20 | |
| [2022-01-14 11:58:34,203][557][140069404256000][DEBUG][privacyidea.lib.audit:198] Exiting getAudit with result <privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7f64550733d0> | |
| [2022-01-14 11:58:34,204][557][140069404256000][DEBUG][privacyidea.lib.config:186] Entering get_from_config with arguments ('OverrideAuthorizationClient',) and keywords {} | |
| [2022-01-14 11:58:34,204][557][140069404256000][DEBUG][privacyidea.lib.config:198] Exiting get_from_config with result None | |
| [2022-01-14 11:58:34,206][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'push_wait', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,207][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,207][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,207][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,208][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,208][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,208][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,208][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,208][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,208][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,209][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,209][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'setrealm', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authorization', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,210][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,210][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,210][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,210][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,211][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,211][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,211][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,211][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,211][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,212][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,212][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'mangle', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,213][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,213][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,213][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,213][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,213][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,213][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,213][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,214][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,214][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,214][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,214][557][140069404256000][DEBUG][privacyidea.lib.clientapplication:186] Entering save_clientapplication with arguments ('172.17.0.3', 'python-requests/2.22.0') and keywords {} | |
| [2022-01-14 11:58:34,283][557][140069404256000][DEBUG][privacyidea.lib.clientapplication:198] Exiting save_clientapplication with result None | |
| [2022-01-14 11:58:34,284][557][140069404256000][DEBUG][privacyidea.lib.tokens.webauthntoken:186] Entering get_class_info with arguments ('policy',) and keywords {} | |
| [2022-01-14 11:58:34,287][557][140069404256000][DEBUG][privacyidea.lib.tokens.webauthntoken:198] Exiting get_class_info with result {'authentication': {'webauthn_timeout': {'type': 'int', 'desc': u'The time in seconds the user has to confirm authorization on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_allowed_transports': {'type': 'str', 'desc': u'A list of transports to prefer to communicate with WebAuthn tokens. Default: usb ble nfc internal lightning (All standard transports)'}, 'webauthn_user_verification_requirement': {'type': 'str', 'value': ['required', 'preferred', 'discouraged'], 'desc': u"Whether the user's identity should be verified when authenticating with a WebAuthn token. Default: preferred (verify the user if supported by the token)"}, 'challenge_text': {'type': 'str', 'desc': u'Use an alternative challenge text for telling the user to confirm with his WebAuthn token.'}}, 'enrollment': {'webauthn_req': {'group': 'WebAuthn', 'type': 'str', 'desc': u'Only the specified WebAuthn-tokens are allowed to be registered.'}, 'max_active_token_per_user': {'group': 'token', 'type': 'int', 'desc': u'The user may only have this number of active WebAuthn tokens assigned.'}, 'max_token_per_user': {'group': 'token', 'type': 'int', 'desc': u'The user may only have this number of WebAuthn tokens assigned.'}, 'webauthn_authenticator_selection_list': {'group': 'WebAuthn', 'type': 'str', 'desc': u'A list of WebAuthn authenticators acceptable for enrollment, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'challenge_text': {'group': 'WebAuthn', 'type': 'str', 'desc': u'Use an alternate challenge text for telling the user to confirm with his WebAuthn device.'}, 'webauthn_relying_party_id': {'group': 'WebAuthn', 'type': 'str', 'desc': u'A domain name that is a subset of the respective FQDNs for all the webservices the users should be able to sign in to using WebAuthn tokens.'}, 'webauthn_timeout': {'group': 'WebAuthn', 'type': 'int', 'desc': u'The time in seconds the user has to confirm enrollment on his WebAuthn token. Note: You will want to increase the ChallengeValidityTime along with this. Default: 60'}, 'webauthn_relying_party_name': {'group': 'WebAuthn', 'type': 'str', 'desc': u'A human readable name for the organization rolling out WebAuthn tokens.'}, 'webauthn_authenticator_attestation_form': {'group': 'WebAuthn', 'type': 'str', 'value': ['none', 'indirect', 'direct'], 'desc': u'Whether to request attestation data when enrolling a new WebAuthn token. Note: for u2f_req to work with WebAuthn, this cannot be set to none. Default: direct (ask for non-anonymized attestation data)'}, 'webauthn_authenticator_attachment': {'group': 'WebAuthn', 'type': 'str', 'value': ['platform', 'cross-platform', 'either'], 'desc': u'Whether to limit roll out of WebAuthn tokens to either only platform authenticators, or only cross-platform authenticators. Default: either'}, 'webauthn_user_verification_requirement': {'group': 'WebAuthn', 'type': 'str', 'value': ['required', 'preferred', 'discouraged'], 'desc': u"Whether the user's identity should be verified when rolling out a new WebAuthn token. Default: preferred (verify the user if supported by the token)"}, 'webauthn_authenticator_attestation_level': {'group': 'WebAuthn', 'type': 'str', 'value': ['none', 'untrusted', 'trusted'], 'desc': u'Whether and how strictly to check authenticator attestation data. Note: If the attestation form is none, the attestation level needs to also be none. Default: untrusted (attestation is required, but can be unknown or self-signed)'}, 'webauthn_public_key_credential_algorithm_preference': {'group': 'WebAuthn', 'type': 'str', 'value': ['ecdsa_preferred', 'ecdsa_only', 'rsassa-pss_preferred', 'rsassa-pss_only'], 'desc': u'Which algorithm to use for creating public key credentials for WebAuthn tokens. Default: ecdsa_preferred'}}, 'authorization': {'webauthn_authenticator_selection_list': {'type': 'str', 'desc': u'A list of WebAuthn authenticators acceptable for authorization, given as a space-separated list of AAGUIDs. Per default all authenticators are acceptable.'}, 'webauthn_req': {'type': 'str', 'desc': u'Only the specified WebAuthn-tokens are authorized.'}}} | |
| [2022-01-14 11:58:34,290][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'webauthn_timeout', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,291][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,291][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,291][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,292][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,292][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,292][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,292][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,292][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,292][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,293][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,293][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'webauthn_user_verification_requirement', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,294][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,294][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,295][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,295][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,295][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,295][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,295][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,295][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,296][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,296][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,296][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'webauthn_allowed_transports', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,297][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,297][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,298][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,298][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,298][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,298][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,298][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,299][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,299][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,299][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,299][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'webauthn_challenge_text', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,301][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,301][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,302][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,302][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,302][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,303][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,303][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,303][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,304][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,304][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,305][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'api_key_required', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authorization', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,306][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,306][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,306][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,306][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,306][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,307][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,307][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,307][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,307][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,307][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,307][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.base:186] Entering log with arguments (<privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7f64550733d0>, {'realm': u'ad', 'user': u'admin', 'resolver': ''}) and keywords {} | |
| [2022-01-14 11:58:34,308][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.base:198] Exiting log with result None | |
| [2022-01-14 11:58:34,308][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'auth_cache', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,309][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,309][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,310][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,310][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,310][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,310][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,310][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,310][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,310][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,311][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,311][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'passOnNoUser', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,312][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,312][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,312][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,312][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,313][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,313][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,313][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,313][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,313][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,313][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,313][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'passOnNoToken', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,314][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,315][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,315][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,315][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,315][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,315][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,316][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,316][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,316][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,316][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,316][557][140069404256000][DEBUG][privacyidea.lib.policy:186] Entering list_policies with arguments (<privacyidea.lib.policy.PolicyClass object at 0x7f64550d5dd0>,) and keywords {'realm': u'ad', 'name': None, 'sort_by_priority': True, 'action': 'passthru', 'client': '172.17.0.3', 'user': u'admin', 'resolver': '', 'active': True, 'scope': 'authentication', 'adminrealm': None, 'adminuser': None} | |
| [2022-01-14 11:58:34,318][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching active: [] | |
| [2022-01-14 11:58:34,318][557][140069404256000][DEBUG][privacyidea.lib.policy:526] Policies after matching scope: [] | |
| [2022-01-14 11:58:34,318][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching action: [] | |
| [2022-01-14 11:58:34,319][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching user: [] | |
| [2022-01-14 11:58:34,319][557][140069404256000][DEBUG][privacyidea.lib.policy:551] Policies after matching realm: [] | |
| [2022-01-14 11:58:34,319][557][140069404256000][DEBUG][privacyidea.lib.policy:586] Policies after matching resolver: [] | |
| [2022-01-14 11:58:34,319][557][140069404256000][DEBUG][privacyidea.lib.policy:617] Policies after matching client: [] | |
| [2022-01-14 11:58:34,320][557][140069404256000][DEBUG][privacyidea.lib.policy:198] Exiting list_policies with result [] | |
| [2022-01-14 11:58:34,320][557][140069404256000][DEBUG][privacyidea.lib.policy:683] Policies after matching time: [] | |
| [2022-01-14 11:58:34,320][557][140069404256000][DEBUG][privacyidea.lib.policy:688] Policies after matching conditions | |
| [2022-01-14 11:58:34,322][557][140069404256000][DEBUG][privacyidea.lib.token:186] Entering check_user_pass with arguments () and keywords {} | |
| [2022-01-14 11:58:34,323][557][140069404256000][DEBUG][privacyidea.lib.token:186] Entering get_tokens with arguments () and keywords {'user': User(login=u'admin', realm=u'ad', resolver='')} | |
| [2022-01-14 11:58:34,324][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.base:186] Entering log with arguments (<privacyidea.lib.auditmodules.sqlaudit.Audit object at 0x7f64550733d0>, {'info': u'ERR904: The user can not be found in any resolver in this realm!'}) and keywords {} | |
| [2022-01-14 11:58:34,325][557][140069404256000][DEBUG][privacyidea.lib.auditmodules.base:198] Exiting log with result None | |
| [2022-01-14 11:58:34,354][557][140069404256000][DEBUG][privacyidea.api.lib.utils:254] Can not get param: No JSON object could be decoded | |
| [2022-01-14 11:58:34,357][557][140069404256000][DEBUG][privacyidea.api.lib.utils:254] Can not get param: No JSON object could be decoded | |
| [2022-01-14 11:58:34,360][557][140069404256000][DEBUG][privacyidea.api.before_after:90] End handling of request u'/validate/check?' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment