Chapter 5
Copyright © 2008-2013 Inverse inc.
Configuration 16
Authentication
PacketFence can authenticate users that register devices via the captive portal using various methods.
Among the supported methods, there are:
∏ Active Directory
∏ Apache htpasswd file
∏ Email
∏ Facebook (OAuth 2)
∏ Github (OAuth 2)
∏ Google (OAuth 2)
∏ Kerberos
∏ LDAP
∏ Null
∏ RADIUS
∏ SMS
∏ Sponsored Email
Moreover, PacketFence can also authenticate users defined in its own internal SQL database.
Authentication sources can be created from PacketFence administrative GUI - from the Configuration �
Users � Sources section. Alternatively (but not recommended), authentication sources, rules, conditions
and actions can be configured from conf/authentication.conf.
Each authentication sources you define will have a set of rules, conditions and actions.
Multiple authentication sources can be defined, and will be tested in the order specified (note that they
can be reordered from the GUI by dragging it around). Eeach source can have multiple rules, which will
also be tested in the order specified. Rules can also be reordered, just like sources. Finally, conditions
can be defined for a rule to match certain criterias. If the criterias match (one ore more), action are then
applied and rules testing stop, across all sources as this is a "first match wins" operation.
When no condition is defined, the rule will be considered as a fallback. When a fallback is defined, all
actions will be applied fory any users that match in the authentication source.
Once a source is defined, it can be used from Configuration � Main � Portal Profiles and Pages. Each
portal profile has a list of authentication sources to use.
Example
Let’s say we have two roles: guest and employee. First, we define them Configuration � Users � Roles.
Commentaires sur ces manuels