CAS is not supported by the client. Minimum client version is 6.0
It appears that CAS ("Central Authentication Server"; https://apereo.github.io/cas/index.html) is a standardized single-sign-on
protocol requiring an external browser.
Per https://gitlab.com/openconnect/openconnect/-/issues/651#note_1576596243,
the field 'cas-support=yes' needs to be sent in the POST *body* of the
prelogin request, in order to avoid this error message; the error message's
claim that a specific client software version is necessary isn't very
helpful.
Signed-off-by: Daniel Lenski <email address hidden>
Real GlobalProtect SAML authentication forms won't work without JavaScript
This adds a 'saml_needs_js' option to fake-gp-server.py. If set, the fake
SAML login form that it generates won't work correctly without JavaScript
execution, just like a "real" GlobalProtect SAML server.
See 64a0ba69e53d065f4d2ba4e89e6ff10926d6c895 for the use case for this fake
SAML authentication endpoint.
Signed-off-by: Daniel Lenski <email address hidden>
a79bba7...
by
Dimitri Papadopoulos Orfanos <email address hidden>
Merge branch 'JScript' into 'master'
Force the Windows script host to use the JScript engine
Closes #703
See merge request openconnect/openconnect!534
a13c2b5...
by
Dimitri Papadopoulos Orfanos <email address hidden>
By default xmlstarlet does not include a final newline on the output.
Because POSIX says that all lines must end in a newline, this causes the
final line of output to be skipped by the 'while read ...' loop in bash.
Adding a '-n' after the '-v ...' causes xmlstarlet to include a final
newline at the end of its output.
Signed-off-by: Jon DeVree <email address hidden>
3c34c4a...
by
Dimitri Papadopoulos Orfanos <email address hidden>
Force the Windows script host to use the JScript engine
This bypasses rogue programs that register as handlers
for the ".js" file extension but fail to run the script.