Web Based authentication for wireless internet

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
davereb
New Member
Posts: 9
Joined: Wed May 06, 2009 2:45 pm
Location: Burlington, WI, USA

Web Based authentication for wireless internet

Postby davereb » Sun Nov 08, 2009 12:08 am

I've got set up in our stake a web based authentication method.

The stake maintains a list of user names that are allowed. It is tied into LDS Account to check passwords.

It works great! I'm wondering if it is possible to add this type of idea to the project to provide internet access to members to fulfill there callings. You can grant access and revoke access as needed without needing to change the WEP key.

jdlessley
Community Moderators
Posts: 6526
Joined: Sun Mar 16, 2008 11:30 pm
Location: USA, TX

Postby jdlessley » Sun Nov 08, 2009 8:02 am

This sounds great. Can you provide information on how that was accomplished for others to do the same?
JD Lessley
Have you tried finding your answer on the LDS.org Help Center page or the LDSTech wiki?

davereb
New Member
Posts: 9
Joined: Wed May 06, 2009 2:45 pm
Location: Burlington, WI, USA

Postby davereb » Sun Nov 08, 2009 10:52 am

The setup is complicated, but I want to work with the network department at church headquarters to make it available to any who desire.

It requires having a radius server, a https server, reflashing a router with OpenWRT and installing ChilliSpot.

If the church is involved then we can use a single radius and https (which the church already has) and I'd be willing to set up the router and then the local people would only have to plug in wires and learn how to add and remove access through the https server.

LakeyTW
Member
Posts: 86
Joined: Fri Jan 19, 2007 3:29 pm
Location: Salt Lake City, UT

Postby LakeyTW » Sun Nov 08, 2009 3:30 pm

davereb wrote:I've got set up in our stake a web based authentication method.

The stake maintains a list of user names that are allowed. It is tied into LDS Account to check passwords.

It works great! I'm wondering if it is possible to add this type of idea to the project to provide internet access to members to fulfill there callings. You can grant access and revoke access as needed without needing to change the WEP key.


Please contact me by private message to discuss this.

User avatar
WelchTC
Senior Member
Posts: 2088
Joined: Wed Sep 06, 2006 7:51 am
Location: Kaysville, UT, USA
Contact:

Postby WelchTC » Mon Nov 09, 2009 8:19 am

This probably goes without saying but I thought that I would remind everone that we should never cache LDSAccount credentials on any non-official computer or server.

Tom

davereb
New Member
Posts: 9
Joined: Wed May 06, 2009 2:45 pm
Location: Burlington, WI, USA

Postby davereb » Mon Nov 09, 2009 10:19 am

tomw wrote:This probably goes without saying but I thought that I would remind everone that we should never cache LDSAccount credentials on any non-official computer or server.

Tom

I agree, and just for the record, I test the passwords at each request and do not store them on my server.

russellhltn
Community Administrator
Posts: 20763
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Postby russellhltn » Mon Nov 09, 2009 10:51 am

Personally, I'd never give my LDS Account information to any non-Church server. I didn't say anything in this situation since it was for access to the Church WiFi.

It does sound like something I'd like the see the church setup to help us manage our AP access.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

davereb
New Member
Posts: 9
Joined: Wed May 06, 2009 2:45 pm
Location: Burlington, WI, USA

Postby davereb » Mon Nov 09, 2009 10:54 am

RussellHltn wrote:Personally, I'd never give my LDS Account information to any non-Church server. I didn't say anything in this situation since it was for access to the Church WiFi.

It does sound like something I'd like the see the church setup to help us manage our AP access.


I would love to see the church implement this as an official option to units that want it. I'd love to help with the implementation.

dkcook2-p40
New Member
Posts: 47
Joined: Mon Feb 16, 2009 5:36 pm
Location: Salt Lake City, Utah, USA

Agreed

Postby dkcook2-p40 » Tue Nov 10, 2009 11:19 am

Our stake presidency has been looking for a solution like this also. I like the concept of the church hosting the server and giving controls at the local level (e.g. lock access during Sacrament meeting, time out connections after a certain time, logs of who is using the internet and what sites, easier access for members).

davereb
New Member
Posts: 9
Joined: Wed May 06, 2009 2:45 pm
Location: Burlington, WI, USA

Postby davereb » Tue Nov 10, 2009 11:46 am

Currently the hardware that I am using is not big enough to track which sites are visited, but it does log the user, time, and data transferred.

With a more expensive router it should be able to handle logging non ssl sites. (possibly the ip of ssl sites) But, I've not tried this yet.


Return to “Meetinghouse Internet”

Who is online

Users browsing this forum: No registered users and 1 guest