Page 1 of 1

Web-Auth as primary authentication method

Posted: Thu Oct 20, 2022 1:26 pm
by moha__
Hi guys,

I'm currently trying to replace our local AD step by step by MS365 and would like to do it aswell
with our openvpn-authentication methods.

Until now, our local synology-drive was checking with auth-user-pass-verify script against LDAP which is working fine. Since
I haven't found any scripts which achieve a SSO-Solution with webauth publicy available, I started implementing it myself.

The logic behind it (Sending WebAuth, Auth Pending, Exchanging Tokens etc.) has been handled or is in the state of prove of concept, except tracking the username.
Is there a way to solely accept webauth as authentication and having the system behind webauth/ auth pending etc. setting the username? Otherwise I would have to send out private-keys or the user needs to fill in the username each time he's connecting. I couldn't find anything in the docs to change the username using Auth-Pending ENV/File Scripting.

Thanks and best regards,


Re: Web-Auth as primary authentication method

Posted: Thu Jan 26, 2023 5:08 pm
by atoy40
Hello Moritz,

if you've found some information about webauth as primary mechanism, i'm very interested :)
for my test, I forced the users to set login, and a "fake" well-known password (so I know he want webauth instead of verifying the password in a backend).