Complicated web login flows with Pulse Secure VPN
I was, up until very recently, using openconnect and NetworkManager-openconnect to connect to my work VPN. I had a private hack to make the stoken stuff work (it was submitted in an email on this list) as well as another hack to deal with our token form not having the same expected form type. A couple of weeks ago we moved to a whole new login flow, where we now are redirected to a saml login page for authentication and then prompted to choose one of two types of MFA access - token code or mobile application notification based. With the more complicated flow I've had to switch back to the pulse secure client which embeds a webkitgtk UI to handle those flows. Just curious but is there anyone working on some similar flow support with NetworkManager-openconnect? I'm guessing that this type of authentication is way outside of the scope of openconnect's built in html client. (Pulse Secure's cli client can't handle this login flow either). Unfortunately I'm so removed from c/c++ programming that I wouldn't even know where to begin on something like this, but just wondering if there's anything on the horizon I can help with, even if it's just being able to test stuff. Thanks, ___ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
Re: [PATCH] Add Keychain support
> I was thinking of.jist looking it up in a list (of --formentry > args that were provided on the command line) in the same place your code > does the keychain lookup. I see, like `--formentry password=keychain` to ask Keychain, `--formentry password=stdin` to select from where it reads each value? > Why the sorting to put user first, btw? Is that mandatory? Sort of, because to lookup password in Keychain (or any similar vaults,) the entries are usually paired with the user name, (and a few other keys like URL,) it needs to know `user` first. Y -- Yoshimasa Niwa ___ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
