[isf-wifidog] My own auth server

Chris Tate-Davies chris.tatedavies at inflightproductions.com
Lun 26 Juil 06:16:13 EDT 2010 

  Thank you Daniel.

I ended up doing this, and it seems to work fine, if I change the 
router's checking to be much more often.

Thanks, Chris


On 25/07/2010 06:28, daniel at port.as wrote:
> This may seem a bit odd, but you cannot directly disconnect a user (well, not easily at least). What is usually done is to deny authorization to the user you want to disconnect the next time the authentication server is executed. That is, your authentication server code is run by the gateway (via an http request) every AUTH_CHECK_INTERVAL (whatever you configured on the gateway), one for each current user in the gateway and it passes the users token, mac, etc. in the query string (in PHP $_GET) . The gateway will take the output of your authentication server looking for particular messages.  So to disconnect a user, you print the string "Auth: ACCOUNT_STATUS_DENIED" when the auth server is executed for the user you want disconnect. So the user will not be disconnected right away but no longer than AUTH_CHECK_INTERVAL. If that's too long, you can reduce this interval or you will have to write code that will directly change the iptables on the gateway router.
>
>
> I hope this helps.
>
> Jul 23, 2010 04:52:52 AM, wifidog at listes.ilesansfil.org wrote:
>
> ===========================================
>
>        Hello. I've written my own auth server for a demo, and I have one    thing left to do.
>
>      Basically, I need an admin control panel, where the administrator    can see all the logged on users, and click a button to disconnect a    particular one. I have read through the help forums, etc, and I saw    something about a wifidog/disconnect command, but if I run it,    whatever token/mac/ip I use, it disconnects the person running the    command.
>
>      I tried this:
>
>      http://:2060/wifidog/auth?logout=1&mac=token=    but that didn't seem to want to work...
>
>      Is there a way for me to disconnect a user, if I have their mac    address, ip and there token (as I store them in a database atm)
>
>      Thanks for any help you could give me.
>
>
>      --
>
>
>
> Chris                Tate-Davies
>
> Software                  Development
>                  Inflight                Productions Ltd
>                  Telephone: 01295 269 680
>                  15 Stukeley Street |                London | WC2B 5LT
>                Email:                chris.tatedavies at inflightproductions.com
>                Web:                www.inflightproductions.com
>
>
>
>
>
>        					
> Registered Office: 15 Stukeley Street, London WC2B 5LT, England. Registered in England number 1421223		
> 		
> This message is for the designated recipient only and may 		contain privileged, proprietary, or otherwise private information. If you have 		received it in error, please notify the sender immediately and delete the 		original. Any other use of the email by you is prohibited. Please note that the 		information provided in this e-mail is in any case not legally binding; all 		committing statements require legally binding signatures.		
> 		
> http://www.inflightproductions.com	
>
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog
> _______________________________________________
> WiFiDog mailing list
> WiFiDog at listes.ilesansfil.org
> http://listes.ilesansfil.org/cgi-bin/mailman/listinfo/wifidog

-- 

*Chris Tate-Davies*

*Software Development*
Inflight Productions Ltd
Telephone: 01295 269 680
15 Stukeley Street | London | WC2B 5LT
*Email:* chris.tatedavies at inflightproductions.com 
<mailto:chris.tatedavies at inflightproductions.com>
*Web:* www.inflightproductions.com <http://www.inflightproductions.com/>






-----------------------------
Registered Office: 15 Stukeley Street, London WC2B 5LT, England.
Registered in England number 1421223

This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Please note that the information provided in this e-mail is in any case not legally binding; all committing statements require legally binding signatures.


http://www.inflightproductions.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listes.ilesansfil.org/pipermail/wifidog/attachments/20100726/6affe60f/attachment.htm>

More information about the WiFiDog mailing list