| 摘要 |
Methods, systems and computer readable media for user authentication for proxy-configured clients in captive portal deployments are described. In some implementations, the method can include receiving, at a captive portal, a request from a client device to resolve a proxy IP address, and determining whether the client device has been authenticated. The method can also include, when the client device has not been authenticated, causing the captive portal to act as an intermediate domain name system (DNS) server and forwarding the DNS request to one or more other DNS servers, and evaluating any received responses from the one or more other DNS servers. The method can include, when received responses contain an IP address, replying to the client with the received IP address, and when the received responses do not contain an IP address, replying to the client with an IP address of the captive portal. |
| 主权项 |
1. A method comprising:
receiving, at a captive portal, a request from a client device to resolve a proxy IP address; determining, at the captive portal, whether the client has been authenticated; when the client has not been authenticated, causing the captive portal to act as an intermediate domain name system (DNS) server and forwarding the DNS request to one or more other DNS servers; evaluating, at the captive portal, any received responses from the one or more other DNS servers; determining whether the received responses contain an Internet Protocol (IP) address; when the received responses contain an IP address, replying to the client with the received IP address; when the received responses do not contain an IP address, replying to the client with an IP address of the captive portal; completing, at the captive portal, a handshake with the client; intercepting, at the captive portal, a GET request from the client and redirecting the client to a captive portal login page; attempting, at the captive portal, to authenticate the client; when the client is successfully authenticated, terminating a TCP session with the client and providing a warning to the client device, for viewing by a user of the client device, that a proxy is configured on the client device; when the client is not successfully authenticated, causing an error page to be displayed on the client device and repeating an authentication procedure for subsequent access; interrupting, at the captive portal, a handshake between the client and the proxy IP address; completing, at the captive portal, a handshake with the client with the captive portal posing as a system having the proxy IP address; intercepting a GET request from the client and redirecting the client to a captive portal login page provided by the captive portal; attempting, at the captive portal, to authenticate the client; when the client is successfully authenticated, terminating a TCP session with the client and redirecting the client device to the proxy IP address; and when the client is not successfully authenticated, causing an error page to be displayed on the client device and repeating an authentication procedure for subsequent access. |
