WiFi Hotspot with Social OAuthThe Brick & Tun would like to offer guest WiFi, but need to provide a convenient way of logging into the network. Game maker. Since most people have social network accounts, let’s use their OAuth API to authenticate guests.
Plus, you can get public profile information from your visitors which can be used with marketing or tailored services, so everybody wins.What is in a public profile and is this safe? It could be sad to loose all gained site activity, especially when grown it with help of, Depending on the social network, public information will vary. It’s typical to share your full name by default, then by adjusting the profile “scope”, additional information can be gathered. This could include email, birthdate, favorite color, company, etc. By using this login option, the social credentials will not be compromised and full access to the account will not be available to the ExCap or any other type of service that uses this login method.Most WiFi hotspot providers have a legal or policy obligation to govern who can use their Internet connection.
This may require a full name and email. Since this information can be extracted from a social login, why not make this a simple process instead of having guests fill out forms? This is why using Facebook or Google to login to a shopping cart, Spotify account or the local WiFi hotspot has become so popular.
Open Source Portal Software
It saves time for the guest and the developers don’t have to build complex authentication systems.GoalBuild a Cisco Meraki external captive portal (ExCap) that accepts Email, Facebook, Twitter, LinkedIn and Google authentication options.OverviewThis article builds on a previous IoL blog post, which goes into great detail of building a Captive Portal with the Cisco Meraki ExCap API using NodeJS. I suggest you have a read through that to fully understand this article and the overall application.In this article, I will focus on adding social logins using OAuth. By modifying the Click-through method from the previous article, we can extend its functionality using the node package module. Technologies.ConceptA captive portal or “splash page”, is a web page that is presented to a guest when they join the wireless network.
Sometimes this page opens up as soon as the user connects to the WiFi SSID. This functionality is called the CNA (Captive Network Assistant). Apple and Google have their own ways of detecting if a splash page is required and may trigger it by automatically connecting to a generic website in the background. Alternatively, a guest must first visit a non-SSL site. This is very important to understand.
If your device simply tries to sync email in the background, before visiting a non-secure site and authenticating, the sync will fail. Also, if a guest were to visit which is SSL, the website may fail to load without any explanation.Meraki offers two methods for authenticating to a network via a splash page. Click-through. Sign-onWith the click-through login method, a user is granted access as soon as the server redirects the client to the splash page grant url.With the sign-on method, a user will need to complete a form that includes their username and password. This will then be checked against a RADIUS server before being granted access.This article will only focus on the simpler “Click-through” method, since it does not require the additional RADIUS component. Click-through Flow.
Captive Portal Social Login Open Source Online
Chapter 12Captive PortalCaptive portal is one of the methods of authentication supported by ArubaOS. A captive portal presents a web page which requires action on the part of the user before network access is granted. The required action can be simply viewing and agreeing to an acceptable use policy, or entering a user ID and password which must be validated against a database of authorized users.You can also configure captive portal to allow clients to download the ArubaVPN dialer for Microsoft VPN clients if the VPN is to be terminated on the Arubacontroller. For more information about the VPN dialer, see.This chapter describes the following topics:.Captive Portal OverviewYou can configure captive portal for guest users, where no authentication is required, or for registered users who must be authenticated against an external server or the controller’s internal database.While you can use captive portal to authenticate users, it does not provide for encryption of user data and should not be used in networks where data security is required.
Captive portal is most often used for guest access, access to open systems (such as public hot spots), or as a way to connect to a VPN.You can use captive portal for guest and registered users at the same time. The default captive portal web page provided with ArubaOSdisplays login prompts for both registered users and guests. (You can customize the default captive portal page, as described in )You can also load up to 16 different customized login pages into the controller.
The login page displayed is based on the SSID to which the client associates.Policy Enforcement Firewall Next Generation (PEFNG) LicenseYou can use captive portal with or without the PEFNG license installed in the controller. The PEFNG license provides identity-based security to wired and wireless clients through user roles and firewall rules. You must purchase and install the PEFNG license on the controller to use identity-based security features.There are differences in how captive portal functions work and how you configure captive portal, depending on whether the license is installed. Later sections in this chapter describe how to configure captive portal in the base operating system (without the PEFNG license) and with the license installed.Controller Server CertificateThe Arubacontrolleris designed to provide secure services through the use of digital certificates. A server certificate installed in the controllerverifies the authenticity of the controller for captive portal.Arubacontrollersship with a demonstration digital certificate. Until you install a customer-specific server certificate in the controller, this demonstration certificate is used by default for all secure HTTP connections such as captive portal.
Contents Primary locations NumberNameHorizontal CoordinateVertical CoordinateFactionsA145-A245A365-A463-A573-A665A776A874-A966B167B274B383B4103-B575-B686-B7142B8134B9132C194-C284-C395-C495-C595C696-C787C887-C987-D1104D2105D3105D4104-D5104D6115D7115D8114-D9105E1814-E2715-E3714-E4615-E5716E6816-E7616-E8717-E9618F195F2124-F3125-F4135-F5126(formerly)F6136-F7116-F8106F9117F10124-G1816-G2817G3717-G4718-G5819-G6918G7917G8916-G9916H11618-H7-H41518-H5.
This certificate is included primarily for the purposes of feature demonstration and convenience and is not intended for long-term use in production networks. Users in a production environment are urged to obtain and install a certificate issued for their site or domain by a well-known certificate authority (CA). You can generate a Certificate Signing Request (CSR) on the controllerto submit to a CA. For information on how to generate a CSR and how to import the CA-signed certificate into the controller, see in.Once you have imported a server certificate into the controller, you can select the certificate to be used with captive portal as described in the following sections.To select a certificate for captive portal using the WebUI:1.
Navigate to the Configuration Management General page.2. Under Captive Portal Certificate, select the name of the imported certificate from the drop-down list.3.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |