Unable to use second factor with Kerberos authentication
When using Kerberos and a second factor, the Kerberos authentication fails and the screen to enter the OTP is not shown.
Some logs:
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Build URL https://xxxx/?kerberos=1
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Redirect xxxx to portal (url was /?kerberos=1)
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] User not authenticated, Try in use, cancel redirection
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Start routing default route
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing checkUnauthLogout
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing controlUrl
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing code ref
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing code ref
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Launching ::Issuer::SAML::storeEnv
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing extractFormInfo
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Kerberos ticket received: xxxx
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Set KRB5_KTNAME env to FILE:/etc/lemonldap-ng/xxxx.KEYTAB
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing getUser
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing authenticate
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] -> authResult = 0
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing setAuthSessionInfo
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing setSessionInfo
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing setMacros
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing setGroups
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Searching LDAP groups in ou=groups,xxxx for uid=xxxx
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Group search filter: (&(objectClass=groupOfNames)(|(member=uid=xxxx)))
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing setPersistentSessionInfo
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Persistent session found for xxxx
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Restore persistent parameter _loginHistory
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Restore persistent parameter _updateTime
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing setLocalGroups
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing store
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Store xxxx
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Try to get a new SSO session
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Return SSO session d138efbfce3c39d3848060724d1d5443979be09b422914a9887b0cee4a6530e8
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Looking if ext2F is available
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] -> OK
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Processing secondFactor
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Looking if ext2F is available
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] -> OK
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [info] Second factor required for xxxx
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] [info] Second factor required for xxxx
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Module Lemonldap::NG::Portal::Lib::OneTimeToken loaded
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Token 1625083574_62763 created
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Generated ext2f code : 059908
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Module Lemonldap::NG::Portal::Lib::OneTimeToken loaded
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Launching "Send" external 2F command -> /usr/local/bin/send_sms.sh $mobile $code
[Thu Jul 1 18:04:14 2021] [LLNG:49880] [debug] Executing command: /usr/local/bin/send_sms.sh xxxx 059908
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Starting HTML generation using /usr/share/lemonldap-ng/portal/templates/avem/ext2fcheck.tpl
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Sending /usr/share/lemonldap-ng/portal/templates/avem/ext2fcheck.tpl
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Apply following CORS policy :
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Origin
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] *
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Credentials
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] true
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Headers
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] *
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Methods
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] POST,GET
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Expose-Headers
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] *
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Max-Age
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] 86400
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Apply following CSP : default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src 'self';script-src 'self';form-action *;frame-ancestors 'none';
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Prepare external 2F verification
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Returned status: -4 (PE_SENDRESPONSE)
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [info] No cookie found
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Build URL https://xxxx/?cancel=1&skin=xxxx
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Redirect xxxx to portal (url was /?cancel=1&skin=xxxx)
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] User not authenticated, Try in use, cancel redirection
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Start routing default route
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Processing checkUnauthLogout
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Processing restoreArgs
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Processing controlUrl
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Processing code ref
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Cancel called, push authCancel calls
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Processing code ref
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Launching ::Issuer::SAML::storeEnv
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Processing extractFormInfo
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [notice] Combination (Lemonldap::NG::Portal::Auth::Kerberos): Kerberos authentication has failed, back to portal
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] [notice] Combination (Lemonldap::NG::Portal::Auth::Kerberos): Kerberos authentication has failed, back to portal
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Store 0 in hidden key kerberos
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [info] Scheme "Kerberos" returned 5, trying next
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Processing extractFormInfo
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Prepare token
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Token 1625083575_27425 created
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Returned error: 9 (PE_FIRSTACCESS)
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Returned userId: anonymous
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Display type standardform
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Skin returned: login
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Calling sendHtml with template login
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Skin avem selected from GET/POST parameter
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Starting HTML generation using /usr/share/lemonldap-ng/portal/templates/avem/login.tpl
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Skin avem selected from GET/POST parameter
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Sending /usr/share/lemonldap-ng/portal/templates/avem/login.tpl
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Apply following CORS policy :
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Origin
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] *
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Credentials
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] true
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Headers
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] *
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Allow-Methods
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] POST,GET
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Expose-Headers
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] *
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] Access-Control-Max-Age
[Thu Jul 1 18:04:15 2021] [LLNG:49880] [debug] 86400