Transparent portal authentication, Uam configuration – H3C Technologies H3C Intelligent Management Center User Manual
Page 56
38
Username format
on the iNode client
Domain on the
access device
Username format configured
on the access device
Service suffix in UAM
The default
domain specified
on the access
device
user-name-format without-domain No suffix
Users can access the network from different locations using different services. These services are
differentiated by the use of different service suffixes. For endpoint users who are accessing the network
from different locations, HP recommends that you use the configuration in the first line.
The commands shown in
are those on the HP Comware switches. For commands on other devices,
see the command reference manuals for those devices.
Transparent portal authentication
Transparent portal authentication simplifies the portal authentication process for smart endpoint devices
such as smartphones.
The following describes the workflow of transparent portal authentication:
1.
Once an account successfully accesses the network through the portal login page on an endpoint
device, the portal server stores the endpoint MAC address, access user account, and access
service if the following requirements are met:
{
The access user account can be bound with endpoint devices for transparent authentication,
and the number of endpoint devices bound with the account has not exceeded the upper limit
(specified by Max. Smart Device Bindings for Portal).
{
The service assigned to the account is enabled with the Transparent Authentication on Portal
Endpoints option.
{
The port group used by the endpoint device for authentication is configured to support
transparent authentication.
{
The HTTP user agent of the endpoint device matches a transparent authentication character.
2.
Next time the endpoint device attempts to access the network, the portal gateway and portal
server use the access user account mapped to the endpoint MAC address and automatically
perform portal authentication for the endpoint device. In this process, UAM does not display the
portal login page or require the username and password to be provided.
Transparent portal authentication is a special portal authentication. To configure transparent portal
authentication, you must perform the following configurations on UAM, access device, and endpoint
besides the configurations described in "
Portal authentication and UAM local authentication
UAM configuration
1.
Add the HTTP user agent character of the endpoint as a transparent authentication character:
a.
Click the User tab.
b.
Select Access User > Transparent Portal User from the navigation tree.
c.
Click Transparent Authentication Character Management. UAM predefines a large number of
HTTP user agents.
d.
Click Add to add a new HTTP character.