Just like the title says....
We use TACACS for admin authentication to our ASAs. I now want to use the webauth capability of the ASA to force a "captive portal" authentication against tacacs to get to various resources.
So I configured the webauth thing on the ASA and I can authenticate no problem....but I am not sure how to add people to TACACS that I want to be able to access the website via webauth but I do not want to be able to authenticate to the firewall.
Also how would I have the ASA authenticate groupA users to get to websiteA and authenticate groupBusers to get to websiteB while not having any of the groupB users get to websiteA and vice versa?