Web authentication scheme first needs to assign an address to the users who visit the portal website, type the user name and password in the login window, and then authenticate to the Radius server through the Radius client. If the authentication passes, it will trigger the client to re-initiate the address allocation request, allocate an address for the user to access the external network, and initiate an offline request through the client when the user logs off.
Extended data:
WEB authentication principle:
1, authentication client
Usually a browser, running the HTTP security protocol. When users surf the Internet through the browser, the browser will send an HTTP request.
2. Access equipment
In the network topology, access layer devices (for example, switches in wired networks or wireless AC in wireless networks) are generally directly connected with user terminal devices, and it is necessary to start the Web authentication function on the access devices.
3. Portal? cut off
Provide Web authentication interface and related operations, Portal? The server accepts the authentication request based on HTTP sent by the authentication client, extracts the account information from it, sends the information to the authentication server for authentication, and then informs the user and the access device of the authentication result.
4. Provide remote user authentication based on radius protocol, portal? Sever obtains the user's authentication account information from HTTP and sends it to radius through RADIUS protocol. The server requests authentication. Radius? The server communicates with the portal through radius protocol? The server feeds back the authentication result.
Reference: Baidu Encyclopedia -WEB Authentication