Hi,
I’m trying to build a HotSpot with an external authentication page and database. After the user has succesfully authenticated him/herself, the server on which the authentication website is hosted should login the user on the MKTK device.
I already managed by doing this with an extra redirect on the client to the MKTK device servlet, but this is a hole in security. I want the server to do it directly.
Can this, by example, be done with the API? Is there a command available to dynamicly add an active user to the list?
Or can anyone think of an other way if not …
Thx,
Koen.
Not possible at present. I too have asked for api access to authenticate a user as opposed to having to do a client side redirect.
Its also required to provide proper client support to log a user in usings a subscriber table , rather than having to bypass a user eith no bandwidth profile.
Using the API, you can at least go the other way around though - you can authenticate users with MikroTik, after which the external server can check if the client is logged in. Identifying the exact user is particularly easy when both the router and web server are under the same domain name (with the server being at a subdomain), since they’d then share the session cookie.
You can acomplish this useing mac authentication. It takes a little bit of extra api code to go kick them off so they are forced to reconnect to the hotspot but it works.