[Wifidog] Version 1.0
Benoit Grégoire
bock at step.polymtl.ca
Thu Apr 22 09:49:36 EDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> I think the entire code for userclasses is not needed anymore and I will
> remove it from CVS, but keep a diff of it in case I was wrong and we need
> it, but as talked with Daniel Drouet and Benoit, I believe the goal is to
> have hotspot owners customize what they want on the AUTH server and not on
> the router, so no custom configuration on the router.
That is NOT what I said! We will definitely need userclasses later on, and I
really, really don't feel like having to build a centralised architecture
where everyone has to go to the central server to admin their own router, ala
LocusWorld or MandrakeClub.
What I did say is that for version 1.0 we can cheat a little: after the
account is locked out, instead of returning the result: YES,
NEW_ACCOUNT_LOCKED and having the gateway decide what to do with it, we can
just return NO, NEW_ACCOUNT_LOCKED.
A note about YES/NO: In my opinion, yes means that authentication was
successfull, not necessary that the user must be granted internet access.
The user classes should have a well documented meaning, and the gateway
should take final decisions based on them.
Here is an extreme example: Say we lock out an account for abuse, and that
person also owns a HotSpot (ok, I admit, it's unlikely). He logs in at home,
is listed as the owner in the config file. Now obviously the server should
answer: YES, KNOWN_NETWORK_ABUSER, or something like that, not NO,
KNOWN_NETWORK_ABUSER. Otherwise, the hotspot has no way to know if he simply
entered a wrong password, and should be denied access.
- --
Benoit Grégoire, http://step.polymtl.ca/~bock/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAh81zmZ6zzPlLuwMRAkypAKDAT8oWOLwkk0f7tQfnqDBu5Lnc1ACeJMJf
47PTvvlA1c84pK512h2G3pE=
=Mc4Q
-----END PGP SIGNATURE-----
_______________________________________________
Wifidog mailing list
Wifidog at isf.waglo.com
http://isf.waglo.com/mailman/listinfo/wifidog_isf.waglo.com
More information about the Wifidog
mailing list