If the user is not found in privacyIDEA, it returns HTTP Error code 400 which leads to an RLM_MODULE_FAIL. We should return in this special case a RLM_MODULE_NOTFOUND.
See
src/include/radiusd.h: * RLM_MODULE_NUMCODES, which is used to check for validity).
src/include/radiusd.h: RLM_MODULE_REJECT = 0, //!< Immediately reject the request.
src/include/radiusd.h: RLM_MODULE_FAIL, //!< Module failed, don't reply.
src/include/radiusd.h: RLM_MODULE_OK, //!< The module is OK, continue.
src/include/radiusd.h: RLM_MODULE_HANDLED, //!< The module handled the request, so stop.
src/include/radiusd.h: RLM_MODULE_INVALID, //!< The module considers the request invalid.
src/include/radiusd.h: RLM_MODULE_USERLOCK, //!< Reject the request (user is locked out).
src/include/radiusd.h: RLM_MODULE_NOTFOUND, //!< User not found.
src/include/radiusd.h: RLM_MODULE_NOOP, //!< Module succeeded without doing anything.
src/include/radiusd.h: RLM_MODULE_UPDATED, //!< OK (pairs modified).
src/include/radiusd.h: RLM_MODULE_NUMCODES, //!< How many valid return codes there are.
src/include/radiusd.h: RLM_MODULE_UNKNOWN //!< Error resolving rcode (should not be
If the user is not found in privacyIDEA, it returns HTTP Error code 400 which leads to an RLM_MODULE_FAIL. We should return in this special case a RLM_MODULE_NOTFOUND.
See