Native anyconnect's groupname passing does not work.
Description of problem:
I set groupname for connection in the Cisco AnyConnects client. Let's name it GROUPNAME
it passes the groupname like exmaple.com/GROUPNAME
As far as I understand, ocserv expects the group in the user's xml through a POST request, but I have no any possibility to do this (Please correct me if it's possible)
I guess it's analog of the openconnect's --group key
Version of ocserv used:
1.2.4-1
Client used:
The fresh one from an AppStore:
Cisco Secure Client (AnyConnect) 5.0.05.207
Distributor of ocserv
apt-get source ocserv (testing repo)
How reproducible:
Install Cisco Secure Client
Configure it with MDM profile. Block with groupname setting:
<key>VendorConfig</key>
<dict>
<key>Group</key>
<string>GROUPNAME</string>
<key>LoginGroupOrDomain</key>
<string>I_didnt_see_this_string_anywhere</string>
</dict>
Actual results:
ocserv[234978]: worker: 127.0.0.1 HTTP POST /GROUPNAME
ocserv[234978]: worker: 127.0.0.1 unexpected POST URL /GROUPNAME
ocserv[234975]: main:127.0.0.1:47384 worker terminated
ocserv[234975]: main:127.0.0.1:47384 user disconnected (reason: unspecified, rx: 0, tx: 0)
Expected results:
ocserv choose the group for a connection and corresponding group's config.
Moreover, it looks like, there is will be a kind of collision when camouflage is on.