Class: Auth

Inherits:

Object

• Object
• Auth

Defined in:

lib/jwlc.rb

Class Method Summary

• .login(var1, var2, var3, var4, var5, var6) ⇒ Object

  Authenticate a Guest user to a Juniper Networks Wireless LAN controller implemented as a Ruby method.

• .logout(var1, var2, var3, var4) ⇒ Object

Class Method Details

.login(var1, var2, var3, var4, var5, var6) ⇒ Object

Authenticate a Guest user to a Juniper Networks Wireless LAN controller implemented as a Ruby method. All this does is send the RADIUS CoA packet

to authenticate the user. You need to create a web portal to authencate the user (if required) prior to passing this RADIUS CoA message to the WLC.

Example Login:

>> Auth.login('10.0.0.100','web-portal-Guest','xx:xx:xx:xx:xx:xx','Guest',' ','testing123', 8)
=> Successfully authenticated user with MAC Address xx:xx:xx:xx:xx:xx

Arguments:

1) Wireless LAN Controller address: (IP Address)
2) Authenticating users MAC Address (String) 
3) Name of SSID being used	  (String) 
4) Radius Shared secret             (String) 
5) Name of new ACL or ' '           (String)
6) Number of hours until logout	  (Integer)

Example Logout:

>> Auth.logout('10.0.0.100','Guest','xx:xx:xx:xx:xx:xx','testing123')
=> Logged out user xx:xx:xx:xx:xx:xx....bye bye

Arguments:

 1) Wireless LAN Controller address: (IP Address)
 2) Authenticating users MAC Address (String)
 3) Name of SSID being used          (String)
 4) Radius Shared secret             (String)

In order for this method to correctly function the WLC needs to be appropriatly configured with a 
suitable RADIUS DAC entry for the server (that originates this CoA request and a user needs to be 
in an unauthenticated state on the WLC. 

On the WLC configure the following entries for your Guest SSID once configured to ensure the server 
inititing this method is permitted to send RADIUS CoA. 

set service-profile Guest ssid-name Guest
set service-profile Guest ssid-type clear
set service-profile Guest auth-fallthru web-portal
set service-profile Guest web-portal-form http://10.0.0.99:8080/guestportal <- Note, you need to create this portal :) 
set service-profile Guest web-portal-acl portalacl

set radius dac ruby-dac-server address 10.0.0.99 key testing123
set authorization dynamic ssid Guest ruby-dac-server

You are required to have the freeradius dictionary files located in /usr/share/freeradius. 
Freeradius doesn't need to be operational, just the dictionary files are used.

# File 'lib/jwlc.rb', line 51

def self.login(var1, var2, var3, var4, var5, var6)
dict = Radiustar::Dictionary.new('/usr/share/freeradius/')

loginpacket = {
  'NAS-IP-Address' => var1,
  'NAS-Identifier' => 'Trapeze',
  'Event-Timestamp' => Time.now.to_i,
  'User-Name' => 'web-portal-' + var3,
  'Calling-Station-Id' => var2,
  'Trapeze/Trapeze-CoA-Username' => var3,
  'Session-Timeout' =>  (var6 * 3600),
  'Filter-Id' => var5
}

   req = Radiustar::Request.new(var1 + ':3799', { :dict => dict })
   coa = req.coa_request(var4, loginpacket)
   puts "Successfully authenticated user with MAC Address #{var2}. #{var6} hours remaining..."

end

.logout(var1, var2, var3, var4) ⇒ Object

# File 'lib/jwlc.rb', line 72

def self.logout(var1, var2, var3, var4)
dict = Radiustar::Dictionary.new('/usr/share/freeradius/')

logoutpacket = { 
   'NAS-IP-Address' => var1,
   'NAS-Identifier' => 'Trapeze',
   'Event-Timestamp' => Time.now.to_i,
   'User-Name' => var3,
   'Calling-Station-Id' => var2,
   'Session-Timeout' =>  1
} 

    req = Radiustar::Request.new(var1 + ':3799', { :dict => dict })
    coa = req.coa_request(var4, logoutpacket)
    puts "Logged out user #{var2}....bye bye" 

end