User's Manual Part 1
User’s Guide Chapter 4 – User Pages
Extended UAM
The Extensions feature (user interface | configuration menu) allows an external Web Application
Server (WAS) to intercept/take part in the user authentication process externally log on and log off the
user as necessary. It provides means to query user session information as well.
See the following schemes to understand how the remote client authentication works.
Scheme 1:
Client
AC
WAS RADIUS Server
1. Initial Request
3. Renders HTML
4. Direct client
communication
with WAS
5. Client sends
his/her login and
password
9. WAS reports
client status:
authenticated or
not
2. Fetch XSL
6. WAS tries to
authenticate
client
7. AC sends
request to
RADIUS
8. RADIUS reply
authenticated or
not
Figure 15 – Client Remote Authentication Scheme (1)
Client initiates (1) authentication process. AC intercepts any access to the Internet via HTTP and
redirects the client to the welcome, or login URL on AC. In order to render the custom login screen
HTML page, the AC must be configured to (2) fetch .XSL script from a remote server, which in this
case is a Web Application Server (WAS), or have custom .XSL uploaded on the AC. There is the
ability to enable caching of .XSL scripts (see: User Interface | Configuration | Pages), thus avoiding
fetching of the same document every time a client requests authentication.
The AC (3) uses .XSL script to render HTML output, which is done by feeding a XML document to a
parsed and prepared for rendering .XSL script. The latter XML document contains all needed
information for Web Application Server like user name, password (if there was entered), user IP
address, MAC address and NAS-Id. Custom .XSL script must generate initial welcome/login screen
so that it embeds all the needed information in a HTML FORM element as hidden elements and
POST data not back to the AC, but to the Web Application Server (5). Thereafter the client
communicates directly with the Web Application Server.
Find more details on how to prepare the .XSL templates to renter the HTML in
Appendix: G) User Pages Templates Syntax.
Gemtek Systems Page 33