[isf-wifidog] immediate user disconnect feature
Wichert Akkerman
wichert at wiggy.net
Lun 21 Avr 10:07:14 EDT 2008
I'm looking at implementing an immediate disconnect feature in the
gateway. The basic flow I'm using is:
- auth server sends a disconnect command to the gateway, specifying
enough information to find the client and authenticate the request
- gateway removes client from the client list
- gateway sends counters to auth server
- gateway sends logout to auth server
The last try could share code with the wdctl reset feature and the
manual logout option. It could even replace logout feature as it
currently exists.
My current code uses /wifidog/disconnect as entry point for the callback
and require the auth server to send both the mac and token. This means
that the token has to be secure to prevent abuse. Specifically: if you
know someones ip address and mac address you must not be able to
calculate the token. I have no idea if that is true for the standard
auth server.
Wichert.
--
Wichert Akkerman <wichert at wiggy.net> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.
Plus d'informations sur la liste de diffusion WiFiDog