Web-Auth as primary authentication method

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
moha__
OpenVpn Newbie
Posts: 1
Joined: Thu Oct 20, 2022 1:15 pm

Web-Auth as primary authentication method

Post by moha__ » Thu Oct 20, 2022 1:26 pm

Hi guys,

I'm currently trying to replace our local AD step by step by MS365 and would like to do it aswell
with our openvpn-authentication methods.

Until now, our local synology-drive was checking with auth-user-pass-verify script against LDAP which is working fine. Since
I haven't found any scripts which achieve a SSO-Solution with webauth publicy available, I started implementing it myself.

The logic behind it (Sending WebAuth, Auth Pending, Exchanging Tokens etc.) has been handled or is in the state of prove of concept, except tracking the username.
Is there a way to solely accept webauth as authentication and having the system behind webauth/ auth pending etc. setting the username? Otherwise I would have to send out private-keys or the user needs to fill in the username each time he's connecting. I couldn't find anything in the docs to change the username using Auth-Pending ENV/File Scripting.

Thanks and best regards,

Moritz

atoy40
OpenVpn Newbie
Posts: 4
Joined: Fri Apr 29, 2022 8:41 am

Re: Web-Auth as primary authentication method

Post by atoy40 » Thu Jan 26, 2023 5:08 pm

Hello Moritz,

if you've found some information about webauth as primary mechanism, i'm very interested :)
for my test, I forced the users to set login, and a "fake" well-known password (so I know he want webauth instead of verifying the password in a backend).
thks
Anthony.

Post Reply