We are using WISM 22.214.171.124 web auth. I found one problem. When a user fails to login using wrong password. We can still see this user in the system as not authenticated(show client username xxx). And it is count as one concurrent session for this user and this username will not be removed from the system until after user shutdown his computer for "User Idle Time". The problem about this behavior is if the user failed to log in from different computers and you have "maximum concurrent sessions" allowed configured in WLC, the user won't log in using correct password later. He/she will get error message "maximum concurrent sessions reached". Anyone noticed this problem as well? I do not see any uses to keep the username in the system database after it fails the auth... If the auth fails and user did not login, why it counts as a concurrent session for that user?
There are two ways to authenticate when you use web authentication. Local authentication allows you to authenticate the user in the Cisco WLC. You can also use wireless ACS/RADIUS in order to authenticate your users. In order to configure local authentication within the WLC, complete these steps given in the below url