The HOTSPOT services provide us the different type of authentication mechanism to access the services , It means there are lots of customisation you can do based on your requirement .
1-HTTP Login .
HTTP login is the process which allows to the user to open up the login page in the browser and will have to login with giving the username and password which you have created in your RADIUS.
Lets you don't have any radius server in your network and you are using the mikrotik it self as NAS
and RADIUS in that case you have to create the username and password .
The IP address which you provide to the user that may be through DHCP and that may be Static but the the cases the user's login page URL address will be the gateway address of the user IP.
And Like wise you will bind the users client login page URL with one domain that would be easiest way to access the login page easily .
2-MAC Base login .
The MAC base login is the advance features in Mikrotik and there is no need to open the login page for users because you have to bind the IP address with users MAC . and once that users will be connected in your mikrotik with the given IP address and same MAC which you bind against that IP address in that case the user will be logged in automatically through the MAC .
Now a days all the RADIUS companies have integrated that features in their RADIUS to support these features .
3-Cookies Based Login .
Once teh user is successfully login, A cookie is sent to the web browser and the same cookie is added to active HTTP cookie list. Next time the same user will try to log in, web browser will send the saved HTTP cookie. This cookie will be compared with the one stored on the HotSpot gateway and only if source MAC address and randomly generated ID matches the ones stored on the gateway, user will be automatically logged in using the login information (username and password pair) was used when the cookie was first generated. Otherwise, the user will be prompted to log in, and in the case authentication is successful, old cookie will be removed from the local HotSpot active cookie list and the new one with different random ID and expiration time will be added to the list and sent to the web browser. It is also possible to erase cookie on user manual logoff (not in the default server pages, but you can modify them to perform this). This method may only be used together with HTTP PAP, HTTP CHAP or HTTPS methods as there would be nothing to generate cookies in the first place otherwise.
1-HTTP Login .
HTTP login is the process which allows to the user to open up the login page in the browser and will have to login with giving the username and password which you have created in your RADIUS.
Lets you don't have any radius server in your network and you are using the mikrotik it self as NAS
and RADIUS in that case you have to create the username and password .
The IP address which you provide to the user that may be through DHCP and that may be Static but the the cases the user's login page URL address will be the gateway address of the user IP.
And Like wise you will bind the users client login page URL with one domain that would be easiest way to access the login page easily .
2-MAC Base login .
The MAC base login is the advance features in Mikrotik and there is no need to open the login page for users because you have to bind the IP address with users MAC . and once that users will be connected in your mikrotik with the given IP address and same MAC which you bind against that IP address in that case the user will be logged in automatically through the MAC .
Now a days all the RADIUS companies have integrated that features in their RADIUS to support these features .
3-Cookies Based Login .
Once teh user is successfully login, A cookie is sent to the web browser and the same cookie is added to active HTTP cookie list. Next time the same user will try to log in, web browser will send the saved HTTP cookie. This cookie will be compared with the one stored on the HotSpot gateway and only if source MAC address and randomly generated ID matches the ones stored on the gateway, user will be automatically logged in using the login information (username and password pair) was used when the cookie was first generated. Otherwise, the user will be prompted to log in, and in the case authentication is successful, old cookie will be removed from the local HotSpot active cookie list and the new one with different random ID and expiration time will be added to the list and sent to the web browser. It is also possible to erase cookie on user manual logoff (not in the default server pages, but you can modify them to perform this). This method may only be used together with HTTP PAP, HTTP CHAP or HTTPS methods as there would be nothing to generate cookies in the first place otherwise.
No comments:
Post a Comment