[plasma-nm] [Bug 448153] Unable to access the VPN network in double authentication mode (anyConnect SAML/SSO)
https://bugs.kde.org/show_bug.cgi?id=448153 --- Comment #11 from Ehren Bendler --- (In reply to Karli Sjöberg from comment #10) > What chance does this have of making it back to stable 5? Currently only > GNOME´s applet works with AnyConnect MFA and seeing as more and more > companies and organizations are moving towards a stricter security policy a > large number of people are going to affected by this sooner than Plasma 6 > hits any mainline distros (at least I am ;)) I believe that the Qt 5.15 WebEngine is the problem for advanced auth, so very low. You should engage your IT to enable "ext-browser" on the server side, which does work in Plasma 5.27 after you update openconnect. -- You are receiving this mail because: You are watching all bug changes.
[plasma-nm] [Bug 448153] Unable to access the VPN network in double authentication mode (anyConnect SAML/SSO)
https://bugs.kde.org/show_bug.cgi?id=448153 --- Comment #2 from Ehren Bendler --- That said, external browser use is a tough edge case. One has to have: 1) The latest OpenConnect, built against a recent version of OpenSSL/GnuTLS 2) A recent version of the AnyConnect server 3) The *server* has to be setup to allow/force external browsers 4) The applet has to be built with the callback added I can't work on that since my company does not have #3. -- You are receiving this mail because: You are watching all bug changes.
[plasma-nm] [Bug 448153] Unable to access the VPN network in double authentication mode (anyConnect SAML/SSO)
https://bugs.kde.org/show_bug.cgi?id=448153 Ehren Bendler changed: What|Removed |Added CC||ehren.bend...@gmail.com --- Comment #1 from Ehren Bendler --- For what its worth, I took a crack at implementing support for this using QtWebEngineView (loosely based on the nm-openconnect code for the same) and was not able to get it working. I won't pretend to be a Qt expert, but I was able to get plasma-nm to pop the window at an appropriate time but got stuck at a repeated SIGTRAP in the underlying Chromium code in Qt 5.15. The latest OpenConnect API has support for launching a desktop browser, but I did not try using that yet. That might be a better solution going forward, so that the authentication support is not tied to whatever version of Chromium Qt picked for a given release. -- You are receiving this mail because: You are watching all bug changes.