Controller Based WLANs

What do I need to change in the HTML code of a customized captive portal page to allow guest login and user login?

Product and Software: This article applies to all Aruba controllers and ArubaOS 2.5 and later.

 

Introduction

 

Captive portal is a part of Layer 3 authentication in which user sessions are intercepted using firewall policies and users are asked to authenticate. When users open a web browser, the captive portal page is displayed and users must provide credentials and/or agree on user policies.

 

The three main types of captive portal authentication are:

 

  •  guest login without email ID
  •  guest login with email ID
  •  user login with username and password

Aruba controllers have an built-in default captive portal page. However, many customers like to use their customized HTML page for captive portal. This article focuses on important parts of HTML code that is necessary to customize the page. This article can be referenced by a web page developer to customize it further as required.

 

Here we assume that the initial role in the aaa profile has captive portal ACLs and this role is mapped to the captive portal authentication profile.

 

Guest Login Without Email ID

 

By default, guest login requires users to enter email ID in the form of user@domain.com for authentication. However this email ID is not verified against any Active Directory or internal database. You can also hide the email-id field, and users only click Accept Policies to authenticate. After users click this button, they are authenticated and are redirected to the welcome page.

 

Here is the important part of the HTML code for guest login without email ID:

 

<form name="form1" method="post" action="/auth/index.html/u">

<span class="bodytext">

<input type="hidden" id="email" name="email" type="text" value="user@company.com" class="text" accesskey="e" />

<input type="hidden" name="cmd" value="authenticate" />

<input type="submit" name="Login" value="I ACCEPT" class="button" />

</span>

</form>

 

In the beginning of the HTML code, user policies are mentioned that user must accept. This page is not asking user to provide an email ID, because that field is hidden. So by default, the same email ID (user@company.com) is submitted for all users. When user clicks I ACCEPT, the form is submitted to the action mentioned in the code (/auth/index.html/u) using the post method.

 

Guest Login with Email ID

 

To ask users to provide email ID, only one change is needed. The input type for email ID should not be hidden.

 

<input type="text" id="email" name="email" type="text" value="user@company.com" class="text" accesskey="e" />

 

 

User Login with Username and Password

 

In the same way as mentioned above, we can create a simple HTML page for user login. In user login, we provide fields to enter the username and password, so it is not hidden. When the user enters the information, the form is submitted to the controller using the post method and the username and password are verified.

 

<form name="form1" method="post" action="/auth/index.html/u">

<span class="bodytext">

<input type="text" name="username" id="username" />

<input type="text" name="password" id="password" />

<input type="submit" value="Log-In" />

</span>

</form>

Version History
Revision #:
1 of 1
Last update:
‎07-02-2014 05:39 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.