Re: Authentication process
At Wed, 26 Nov 2003 11:55:30 -0800 (PST), Mike Million wrote: Hi, I had a talk with a guy in my company that has experience setting up wireless stuff as I do not have any experience on that (I have a bit in the radius part). He told me that there are commercial solutions that offer the functionality you request, that is direct a user to a web page for AAA and engage a radius session. They are used in wireless environments and intercept the traffic before the outgoing router and enforce the policy you configure. Some solutions are Cisco BBSM, Nomadix USG, Nokia PO22. Without having any experience on that as I told you before, if I had to do such a project I would also try to find out if the functionality can be achieved using open source (free) software. We already have the radius part. I have seen a relevant article in linux journal http://www.linuxjournal.com/article.php?sid=6897 (Linux Makes Wi-Fi Happen in New York City) and also http://www-106.ibm.com/developerworks/library/l-wap.html?ca=dnt-429 (Building a wireless access point on Linux) I don't know if I helped at all but I also cc that to the list for archiving purposes. [1 text/plain; us-ascii (7bit)] hello! Thanks a bunch. Apart from web form executing a CGI script, is there any way around? The accounting will have to be from the radius client in the NAS. This is the problem that I am trying to solve. When my users go to any of my location (hotel, cafe etc) I want to authenticate them and also time them. They will be initially served a login page. I know there are lots of people doing this already, like the guys who set up hotspots. When I go to a starbucks house, this T-mobile login page comes up which then authenticates me. I am looking for pretty much the same functionality. I deeply appreciate your tips. Thanks again Mike ZORBADELOS KONSTANTINOS [EMAIL PROTECTED] wrote: At Tue, 25 Nov 2003 20:18:30 -0800 (PST), Mike Million wrote: [1 ] I am a novice here, so my question may sound pretty silly. I am trying to authenticate users through an Orinico AP-2500 WAP using an username a password. AP-2500 provides this portal page feature where you can redirect the users to a webpage (in an external webserver) for then to log-in. So, I once I have a external form with the sufficient fields I want, how will i pass that information (username, pass etc) to the radius server. I mean what is the format that I use. Are there any client API's that I can call. ? Any help would be appreciated. Sincerely, Mike Your web form should generate a valid radius message (access-request). Now if this form sends the message directly to the radius server your script will be the radius client and should therefore be declared in clients.conf (the IP of your web server that is). What about the accounting? Is this sent by the NAS equipment? Now if you need to create a cgi script or something like that that generates radius messages you should look for Radius libraries (modules) for your language of choice. The format of the message is specified in the rfcs. - Do you Yahoo!? Free Pop-Up Blocker - Get it now [2 ] == Kostas Zorbadelos Currently at: Otenet IT Department mailto: [EMAIL PROTECTED] Out there in the darkness, out there in the night out there in the starlight, one soul burns brighter than a thousand suns. - Do you Yahoo!? Free Pop-Up Blocker - Get it now [2 text/html; us-ascii (7bit)] == Kostas Zorbadelos Currently at: Otenet IT Department mailto: [EMAIL PROTECTED] Out there in the darkness, out there in the night out there in the starlight, one soul burns brighter than a thousand suns. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication process
There is an open-source project called NoCatAuth which is a box that acts like a BlueSocket appliance. It hi-jacks HTTP sessions and passes off the authentication to a radius box. I haven't yet tried the NoCatAuth soulution, but I had done the above with a BlueSocket box and a FreeRadius server. Ken Connell Intermediate Network Engineer Computer Communication Services Ryerson University 350 Victoria St RM AB50 Toronto, Ont M5B 2K3 416-979-5000 x6709 - Original Message - From: ZORBADELOS KONSTANTINOS [EMAIL PROTECTED] Date: Thursday, November 27, 2003 3:42 am Subject: Re: Authentication process At Wed, 26 Nov 2003 11:55:30 -0800 (PST), Mike Million wrote: Hi, I had a talk with a guy in my company that has experience setting up wireless stuff as I do not have any experience on that (I have a bit in the radius part). He told me that there are commercial solutions that offer the functionality you request, that is direct a user to a web page for AAA and engage a radius session. They are used in wireless environments and intercept the traffic before the outgoing router and enforce the policy you configure. Some solutions are Cisco BBSM, Nomadix USG, Nokia PO22. Without having any experience on that as I told you before, if I had to do such a project I would also try to find out if the functionality can be achieved using open source (free) software. We already have the radius part. I have seen a relevant article in linux journal http://www.linuxjournal.com/article.php?sid=6897 (Linux Makes Wi-Fi Happen in New York City) and also http://www-106.ibm.com/developerworks/library/l-wap.html?ca=dnt-429 (Building a wireless access point on Linux) I don't know if I helped at all but I also cc that to the list for archiving purposes. [1 text/plain; us-ascii (7bit)] hello! Thanks a bunch. Apart from web form executing a CGI script, is there any way around? The accounting will have to be from the radius client in the NAS. This is the problem that I am trying to solve. When my users go to any of my location (hotel, cafe etc) I want to authenticate them and also time them. They will be initially served a login page. I know there are lots of people doing this already, like the guys who set up hotspots. When I go to a starbucks house, this T-mobile login page comes up which then authenticates me. I am looking for pretty much the same functionality. I deeply appreciate your tips. Thanks again Mike ZORBADELOS KONSTANTINOS [EMAIL PROTECTED] wrote: At Tue, 25 Nov 2003 20:18:30 -0800 (PST), Mike Million wrote: [1 ] I am a novice here, so my question may sound pretty silly. I am trying to authenticate users through an Orinico AP-2500 WAP using an username a password. AP-2500 provides this portal page feature where you can redirect the users to a webpage (in an external webserver) for then to log-in. So, I once I have a external form with the sufficient fields I want, how will i pass that information (username, pass etc) to the radius server. I mean what is the format that I use. Are there any client API's that I can call. ? Any help would be appreciated. Sincerely, Mike Your web form should generate a valid radius message (access-request). Now if this form sends the message directly to the radius server your script will be the radius client and should therefore be declared in clients.conf (the IP of your web server that is). What about the accounting? Is this sent by the NAS equipment? Now if you need to create a cgi script or something like that that generates radius messages you should look for Radius libraries (modules) for your language of choice. The format of the message is specified in the rfcs. - Do you Yahoo!? Free Pop-Up Blocker - Get it now [2 ] == Kostas Zorbadelos Currently at: Otenet IT Department [EMAIL PROTECTED] Out there in the darkness, out there in the night out there in the starlight, one soul burns brighter than a thousand suns. - Do you Yahoo!? Free Pop-Up Blocker - Get it now [2 text/html; us-ascii (7bit)] == Kostas Zorbadelos Currently at: Otenet IT Department [EMAIL PROTECTED] Out there in the darkness, out there in the night out there in the starlight, one soul burns brighter than a thousand suns. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Authentication process
At Tue, 25 Nov 2003 20:18:30 -0800 (PST), Mike Million wrote: [1 text/plain; us-ascii (7bit)] I am a novice here, so my question may sound pretty silly. I am trying to authenticate users through an Orinico AP-2500 WAP using an username a password. AP-2500 provides this portal page feature where you can redirect the users to a webpage (in an external webserver) for then to log-in. So, I once I have a external form with the sufficient fields I want, how will i pass that information (username, pass etc) to the radius server. I mean what is the format that I use. Are there any client API's that I can call. ? Any help would be appreciated. Sincerely, Mike Your web form should generate a valid radius message (access-request). Now if this form sends the message directly to the radius server your script will be the radius client and should therefore be declared in clients.conf (the IP of your web server that is). What about the accounting? Is this sent by the NAS equipment? Now if you need to create a cgi script or something like that that generates radius messages you should look for Radius libraries (modules) for your language of choice. The format of the message is specified in the rfcs. - Do you Yahoo!? Free Pop-Up Blocker - Get it now [2 text/html; us-ascii (7bit)] == Kostas Zorbadelos Currently at: Otenet IT Department mailto: [EMAIL PROTECTED] Out there in the darkness, out there in the night out there in the starlight, one soul burns brighter than a thousand suns. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Authentication process
I am a novice here, so my question may sound pretty silly. I am trying to authenticate users throughan Orinico AP-2500 WAP using an username a password. AP-2500 provides this "portal page" feature where you can redirect the users to a webpage (in an external webserver) for then to log-in. So, I once I have a external form with the sufficient fields I want, how will i pass that information (username, pass etc) to the radius server. I mean what is the format that I use. Are there any client API's that I can call. ? Any help would be appreciated. Sincerely, Mike Do you Yahoo!? Free Pop-Up Blocker - Get it now
