Class: Auth
- Inherits:
-
Object
- Object
- Auth
- Defined in:
- lib/jwlc.rb
Class Method Summary collapse
-
.login(var1, var2, var3, var4, var5, var6) ⇒ Object
Authenticate a Guest user to a Juniper Networks Wireless LAN controller implemented as a Ruby method.
- .logout(var1, var2, var3, var4) ⇒ Object
Class Method Details
.login(var1, var2, var3, var4, var5, var6) ⇒ Object
Authenticate a Guest user to a Juniper Networks Wireless LAN controller implemented as a Ruby method. All this does is send the RADIUS CoA packet
to authenticate the user. You need to create a web portal to authencate the user (if required) prior to passing this RADIUS CoA message to the WLC.
Example Login:
>> Auth.login('10.0.0.100','web-portal-Guest','xx:xx:xx:xx:xx:xx','Guest',' ','testing123', 8)
=> Successfully authenticated user with MAC Address xx:xx:xx:xx:xx:xx
Arguments:
1) Wireless LAN Controller address: (IP Address)
2) Authenticating users MAC Address (String)
3) Name of SSID being used (String)
4) Radius Shared secret (String)
5) Name of new ACL or ' ' (String)
6) Number of hours until logout (Integer)
Example Logout:
>> Auth.logout('10.0.0.100','Guest','xx:xx:xx:xx:xx:xx','testing123')
=> Logged out user xx:xx:xx:xx:xx:xx....bye bye
Arguments:
1) Wireless LAN Controller address: (IP Address)
2) Authenticating users MAC Address (String)
3) Name of SSID being used (String)
4) Radius Shared secret (String)
In order for this method to correctly function the WLC needs to be appropriatly configured with a
suitable RADIUS DAC entry for the server (that originates this CoA request and a user needs to be
in an unauthenticated state on the WLC.
On the WLC configure the following entries for your Guest SSID once configured to ensure the server
inititing this method is permitted to send RADIUS CoA.
set service-profile Guest ssid-name Guest
set service-profile Guest ssid-type clear
set service-profile Guest auth-fallthru web-portal
set service-profile Guest web-portal-form http://10.0.0.99:8080/guestportal <- Note, you need to create this portal :)
set service-profile Guest web-portal-acl portalacl
set radius dac ruby-dac-server address 10.0.0.99 key testing123
set authorization dynamic ssid Guest ruby-dac-server
You are required to have the freeradius dictionary files located in /usr/share/freeradius.
Freeradius doesn't need to be operational, just the dictionary files are used.
51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
# File 'lib/jwlc.rb', line 51 def self.login(var1, var2, var3, var4, var5, var6) dict = Radiustar::Dictionary.new('/usr/share/freeradius/') loginpacket = { 'NAS-IP-Address' => var1, 'NAS-Identifier' => 'Trapeze', 'Event-Timestamp' => Time.now.to_i, 'User-Name' => 'web-portal-' + var3, 'Calling-Station-Id' => var2, 'Trapeze/Trapeze-CoA-Username' => var3, 'Session-Timeout' => (var6 * 3600), 'Filter-Id' => var5 } req = Radiustar::Request.new(var1 + ':3799', { :dict => dict }) coa = req.coa_request(var4, loginpacket) puts "Successfully authenticated user with MAC Address #{var2}. #{var6} hours remaining..." end |
.logout(var1, var2, var3, var4) ⇒ Object
72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/jwlc.rb', line 72 def self.logout(var1, var2, var3, var4) dict = Radiustar::Dictionary.new('/usr/share/freeradius/') logoutpacket = { 'NAS-IP-Address' => var1, 'NAS-Identifier' => 'Trapeze', 'Event-Timestamp' => Time.now.to_i, 'User-Name' => var3, 'Calling-Station-Id' => var2, 'Session-Timeout' => 1 } req = Radiustar::Request.new(var1 + ':3799', { :dict => dict }) coa = req.coa_request(var4, logoutpacket) puts "Logged out user #{var2}....bye bye" end |