External Web Auth - Login failure status

Unanswered Question
Oct 9th, 2008

Hi,


I've setup a external web auth page to work with our WiSM and if you enter the correct login details, it allows the user onto the WLAN as planned.


However, if the user details are incorrect, it just returns you back to the external web auth page - but does not return with any status codes, as are available when using custom internal auth.


This means I can't tell users what they have done wrong (invalid credentials, already logged in elsewhere etc...) and I need to be able to offer more help than that.


Is this by design, or have I missed something?


I'm on version 5.0.148.2

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Thu, 10/09/2008 - 06:16

Make sure this is in the html code. Also I have noticed that when the webauth page opens on a browser, you have to allow active x or else the scripts will not work.


function loadAction(){

var url = window.location.href;

var args = new Object();

var query = location.search.substring(1);

var pairs = query.split("&");

for(var i=0;i

var pos = pairs[i].indexOf('=');

if(pos == -1) continue;

var argname = pairs[i].substring(0,pos);

var value = pairs[i].substring(pos+1);

args[argname] = unescape(value);

}

//alert( "AP MAC Address is " + args.ap_mac);

//alert( "The Switch URL is " + args.switch_url);

document.forms[0].action = args.switch_url;


// This is the status code returned from webauth login action

// Any value of status code from 1 to 5 is error condition and user

// should be shown error as below or modify the message as it suits

// the customer

if(args.statusCode == 1){

alert("You are already logged in. No further action is required on your part.");

}

else if(args.statusCode == 2){

alert("You are not configured to authenticate against web portal. No further action is required on your part.");

}

else if(args.statusCode == 3){

alert("The username specified cannot be used at this time. Perhaps the username is already logged into the system?");

}

else if(args.statusCode == 4){

alert("Wrong username and password. Please try again.");

}

else if(args.statusCode == 5){

alert("The User Name and Password combination you have entered is invalid. Please try again.");

}


}



philclowes Thu, 10/09/2008 - 06:39

Thanks, but I've given that a go and it didn't help.


As far as I can see, that Javascript is breaking up the arguments returned on the URL - and statusCode is not included in those. Only switch_url, ap_mac and wlan are returned.


If I switch to internal custom auth, statusCode is included if I submit invalid credentials.

Scott Fella Thu, 10/09/2008 - 06:43

I have not tried it on the 5.0 train. I know it has worked for me on the past with 4.1.185 though.

Actions

This Discussion

 

 

Trending Topics - Security & Network