VPN gateway requests two passwords.
Chaskiel Grundman
cg2v at andrew.cmu.edu
Wed Sep 22 18:35:12 EDT 2010
My employer is migrating away from certificate authentication, and for
some vpn groups, wants to use two factor authentication. Anyconnect
apparently supports the notion of a "secondary password", and we've
configured the first password to check our active directory, and the
second to use a radius server which validates codes from our vasco
digipass tokens.
The login form in this situation looks like this:
<banner></banner>
<message>Please enter your username and password.</message>
<form method="post" action="/+webvpn+/index.html">
<input type="text" name="username" label="Username:" />
<input type="password" name="password" label="Password:" />
<input type="password" name="secondary_password" label="Password:"
second-auth="1" />
<input type="hidden" name="tgroup" value="SII-PRIV" />
<input type="submit" name="Login" value="Login" />
<input type="reset" name="Clear" value="Clear" />
</form>
I managed to get something that works, but it's a bit ugly, and I was
curious if anyone has ideas on how this scenario should be handled in a
more generic fashion.
Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openconnect-two-passwords.diff
Type: text/x-diff
Size: 1739 bytes
Desc:
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20100922/ad468ce7/attachment.bin>
More information about the openconnect-devel
mailing list