- Individual Applications
Protect
Filter
Perform
Connect
Add-Ons
- Software Packages
- Complete Appliances
03-20-2011, 01:09 AM
|
#11 (permalink) |
|
Untanglit
Join Date: Apr 2009
Posts: 25
 |
I must've been unsubscribed to the thread. I'm glad there is some renewed interest here.
I will concur that the solution I listed in the initial post has not been successful. It does work, but for some reason, at random times the captive portal will pop up on users that are still authenticated through the logon script. I lack a proper understanding of how this is all tied together in untangle and so this truly is a hack. Dmorris, I am curious if you can provide more details about the database inconsistency. Its been a while now, but I remember also looking at the database and finding where the entries were for captive portal. Are you suggesting that if the script is enhanced to also delete the necessary items from the database that this might be successful? @Frust, yes, anybody can call the script and disable the captive portal page. However, there are two reasons this is unimportant to me. First, there isn't much chance any user on my network is going to have enough skill to figure out the URL. Secondly, even if they do, with the proper policies you are able to block any "unauthenticated" traffic. So, just because they disable the captive portal does not mean they can just do whatever they want. It just means that they have failed to authenticate and the traffic can be handled accordingly. For quite some time I have disabled the captive portal and given unauthenticated users open, but filtered access to the internet. The idea of forcing people to login who are already authenticated through the AD script is ridiculous and I really hope there is an "official" fix for this problem soon. Until then, no captive portal for me, unless I start hacking again myself. |
|
|
05-18-2011, 07:59 AM
|
#12 (permalink) |
|
Untangler
Join Date: Jan 2011
Location: Recife - PE, Brazil
Posts: 55
|
[SOLVED] automated captive portal login
Hi everybody,
I really was looking for a solution to that subject. Finally I wrote a adautologin.jsp, which does exactly what we all want. Installation: -------------- Copy the attachment adautologin.jsp into the folder /usr/share/untangle/web/adpb Integration in Active Directory Logon Script: ----------------------------------------------- Replace 'registration' with 'adautologin.jsp', and remove the action=login parameter: Code:
command = URL_PREFIX+"://"+ServerName+"/adpb/adautologin.jsp?username="+strUser+"&domain="+strDomain+"&hostname="+strHostname You can test the feature with the following url directly: untangleserver/adpb/adautologin.jsp?username=xxxxx&domain=xyz.com&host name=myworkstation There is one little dirty hack in the Script, I want point you. Unfortunately the cache object to update the Captive Portal Login Information "assistant" is a private class member of the CPDPhoneBookAssistant object, so we have to access this assistant object by java reflection api. The script works very stable, and the results are as expected. Feel free to use it and have fun! Regards, Michael Last edited by mseelig; 05-18-2011 at 09:17 AM.. |
|
|
|
05-24-2011, 07:46 AM
|
#13 (permalink) |
|
Untangler
Join Date: Jan 2011
Location: Recife - PE, Brazil
Posts: 55
|
fix in adautologin.jsp
Hi everybody,
unfornately there was a bug in the adautologin.jsp, so the user was not logged in the first time after captive portal session was expired. Find a fixed version attached to this post. Regards, mseelig |
|
|
|
07-15-2011, 01:44 PM
|
#14 (permalink) |
|
Untangler
Join Date: Jan 2011
Location: Recife - PE, Brazil
Posts: 55
|
I made a new solution, which is working perfectly with the current 9.0.1 build of untangle. Please take a look at the following thread:
http://forums.untangle.com/hacks/248...-untangle.html |
|
|
 |
| Thread Tools | |
|
|
