Does anyone have experience with this?
I'm looking to build essentially a captive portal that would authenticate over RADIUS (i'm assuming) but instead of displaying a splash page, I need to generate an account (stored in SQL or some db) and keep it associated with the client mac from thereafter.
Transdepartmental roaming between APs would also be a bonus.
This guy sounds like he's on the same path but with a different router/AP: http://ift.tt/2juIs2P
"Sun Jul 17, 2016 7:52 pm
I am thinking the name cannot be empty when adding a mac entry in the hotspot user list. Password is not used if method (login-by) is mac. Name could be generated from the current date time by the client php code.
So the user only needs to accept terms. The two important fields (mac and name) are generated by client code >and then posted to the server.
The server being a separate machine that has been wall gardened. The server sends out the accept page. The server receives the mac and name fields then opens a separate >connection to the Mikrotik. Through the API it issues a command to add a new user. The server then sends a redirect page back to the user. The Mikrotik now sees the mac is in the authorized user list allows the user through.
Using a date in the user name allows a nightly script to clean out users if desired."
I'm thinking AWS Simple AD for the accounts.
Thanks!
No comments:
Post a Comment