Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14
  1. #11
    Untangler
    Join Date
    Apr 2009
    Posts
    60

    Default

    I must've been unsubscribed to the thread. I'm glad there is some renewed interest here.

    I will concur that the solution I listed in the initial post has not been successful. It does work, but for some reason, at random times the captive portal will pop up on users that are still authenticated through the logon script. I lack a proper understanding of how this is all tied together in untangle and so this truly is a hack.

    Dmorris, I am curious if you can provide more details about the database inconsistency. Its been a while now, but I remember also looking at the database and finding where the entries were for captive portal. Are you suggesting that if the script is enhanced to also delete the necessary items from the database that this might be successful?

    @Frust, yes, anybody can call the script and disable the captive portal page. However, there are two reasons this is unimportant to me. First, there isn't much chance any user on my network is going to have enough skill to figure out the URL. Secondly, even if they do, with the proper policies you are able to block any "unauthenticated" traffic. So, just because they disable the captive portal does not mean they can just do whatever they want. It just means that they have failed to authenticate and the traffic can be handled accordingly.

    For quite some time I have disabled the captive portal and given unauthenticated users open, but filtered access to the internet. The idea of forcing people to login who are already authenticated through the AD script is ridiculous and I really hope there is an "official" fix for this problem soon. Until then, no captive portal for me, unless I start hacking again myself.

  2. #12
    Untangler
    Join Date
    Jan 2011
    Location
    Recife - PE, Brazil
    Posts
    70

    Thumbs up [SOLVED] automated captive portal login

    Hi everybody,

    I really was looking for a solution to that subject. Finally I wrote a adautologin.jsp, which does exactly what we all want.

    Installation:
    --------------
    Copy the attachment adautologin.jsp into the folder
    /usr/share/untangle/web/adpb

    Integration in Active Directory Logon Script:
    -----------------------------------------------
    Replace 'registration' with 'adautologin.jsp', and remove the action=login parameter:
    Code:
      command = URL_PREFIX+"://"+ServerName+"/adpb/adautologin.jsp?username="+strUser+"&domain="+strDomain+"&hostname="+strHostname
    Be aware, that this script does not check any passwords, as it expects that it is executed from the AD login script! So therefore the script might be a potentionally security hole, but this risk you have already if you work with the Active Directory Login Script without Captive Portal, because they also do not pass passwords from the active directory login script.

    You can test the feature with the following url directly:
    untangleserver/adpb/adautologin.jsp?username=xxxxx&domain=xyz.com&hostname=myworkstation


    There is one little dirty hack in the Script, I want point you. Unfortunately the cache object to update the Captive Portal Login Information "assistant" is a private class member of the CPDPhoneBookAssistant object, so we have to access this assistant object by java reflection api.

    The script works very stable, and the results are as expected.

    Feel free to use it and have fun!

    Regards,
    Michael
    Last edited by mseelig; 05-18-2011 at 09:17 AM.

  3. #13
    Untangler
    Join Date
    Jan 2011
    Location
    Recife - PE, Brazil
    Posts
    70

    Default fix in adautologin.jsp

    Hi everybody,

    unfornately there was a bug in the adautologin.jsp, so the user was not logged in the first time after captive portal session was expired. Find a fixed version attached to this post.

    Regards,
    mseelig

  4. #14
    Untangler
    Join Date
    Jan 2011
    Location
    Recife - PE, Brazil
    Posts
    70

    Default

    I made a new solution, which is working perfectly with the current 9.0.1 build of untangle. Please take a look at the following thread:
    http://forums.untangle.com/hacks/248...-untangle.html

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2