Provide cryptographically sound access control using only a web browser.
NoCatAuth is an open source
implementation of a
captive portal. The idea
behind a captive portal is fairly
straightforward. When a user behind a captive portal attempts to
browse to any web page, they are redirected to a page with a login
prompt as well as information about the wireless network they are
connected to. If the gateway consults with a central authority to
determine the identity of the connected wireless user, once
satisfied, it then relaxes its firewall rules accordingly. Until the
user logs in, no other network traffic is permitted to pass through
Rather than rely on the built-in security features of 802.11b, the network is configured with no WEP and as an open network. The AP is also in bridged mode and connected via a crossover cable to an Ethernet card on a Linux router. It is then up to the router to issue DHCP leases, throttle bandwidth, and permit access to other networks.
Written in Perl and C, NoCatAuth takes care of the dirty work of implementing the portal itself. It presents the user with a login prompt, consults a MySQL database (or other authentication source) to look up user credentials, and securely notifies the wireless gateway of the user’s status. On the gateway side, the software manages local connections, sets bandwidth throttling and firewall rules, and times out old logins after a user-specified time limit. The software is freely available ...