And you are entering the OTP into pidgin?
So the workflow is like this:
* enter OTP into pidgin
* pdigin transfers OTP to prosody
* transfers OTP to cyrus sasl
* transfers OTP to PAM
* transfers OTP to privacyIDEA
My guess is, that some component (my wild guess would be cyrus sasl)
will cache the authentication result, so that the second auth request
with the same OTP does not even reach the privacyIDEA server.
Please check:
1. Can you authenticate with the same OTP twice to the privacyIDEA
server using
https://yourOTPserver/validate/check?user=....&pass=...otp...
2. Can you see the second authentication request in the Audit log on the
privacyIDEA server?
3. check the log files of prosody and pam.
Thanks a lot and kind regards
Cornelius
> --
> You received this message because you are subscribed to the Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to
privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/aa428ada-7f54-414d-9747-db6d82ecdbfc%40googlegroups.com.