AuthPuppy

Authentication method-specific application of rule sets

Asked by Bradley Gentry

I'm looking for a way to apply different rule chains to different users depending on the method of authentication.

The real-world scenario is I want to allow both apAuthSplashOnlyPlugin and apAuthLocalUserPlugin authentications. Those who authenticate with apAuthSplashOnlyPlugin will be treated as guests and be placed under a rule set allowing them to access only dns, http, and https services, maybe a couple others. Authenticated users, however, will have access to all services barring a few globally disallowed.

I already know how to define the rule sets in the daemon and I've tested that the rules work. But I don't know how to have authPuppy assign users to different rule sets depending on the authentication method, or if it's even possible with any current plugin or configuration.

Any pointers will be *greatly* appreciated. Many thanks!

Question information

Language:
English Edit question
Status:
Answered
For:
AuthPuppy Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Bradley Gentry (radicalbiscuit) said : 		#1

I've had a look at apConnectionPoliciesPlugin, of course, but it deals with bandwidth usage and the like. If it worked at all with rule sets, it'd be just what I'm looking for.

Revision history for this message
Launchpad Janitor (janitor) said : 		#2

This question was expired because it remained in the 'Open' state without activity for the last 15 days.

Revision history for this message
gbastien (gbastien02) said : 		#3

Hi,
As you might have seen with the rulesets of the gateway, you have different possible rulesets depending on the status of the user (I think, not sure if it works like that though). Right now, the auth response is always 1 or 0, whether the user is allowed or not allowed.

You may try to have the server return another code (see http://dev.wifidog.org/wiki/doc/developer/WiFiDogProtocol_V1#Authserverauthenticationprotocol for more on this)

In the auth server, the return status code is in file lib/authpuppycore/protocol/apActionsV1.php, function auth_login. You could try returning a different value for auth depending on connection->getAuthType().

Can you help with this problem?

Provide an answer of your own, or ask Bradley Gentry for more information if necessary.

To post a message you must log in.