As per the manual I want to redirect login attempts to our external authentication server. So I set it up as manula below which works fine, goes to server and all that:
Modify login page of the HotSpot servlet to redirect to the external authentication server. The
external server should modify RADIUS database as needed
Here is an example of such a login page to put on the HotSpot router (it is redirecting to
https://auth.example.com/login.php, replace with the actual address of an external
authentication server):
<html> <title>...</title> <body> <form name="redirect"
action="https://auth.example.com/login.php" method="post"> <input type="hidden"
name="mac" value="$(mac)"> <input type="hidden" name="ip" value="$(ip)"> <input
type="hidden" name="user" value="$(username)"> <input type="hidden"
name="link-login" value="$(link-login)"> <input type="hidden" name="link-orig"
value="$(link-orig)"> <input type="hidden" name="error" value="$(error)"> </form>
<script language="JavaScript"> <!-- document.redirect.submit(); //--> </script>
</body> </html>
That is fine, however I then need to point our server back to the mikrotik so it will do the radius login.
So as per the manual:
We dont have SSL enabled, so we replace https with http, but:The external server can log in a HotSpot client by redirecting it back to the original HotSpot
servlet login page, specifying the correct username and password
Here is an example of such a page (it is redirecting to https://hotspot.example.com/login,
replace with the actual address of a HotSpot router; also, it is displaying http://www.mikrotik.com
after successful login, replace with what needed):
<html> <title>Hotspot login page</title> <body> <form name="login"
action="https://hotspot.example.com/login" method="post"> <input type="text"
name="username" value="demo"> <input type="password" name="password" value="none">
<input type="hidden" name="domain" value=""> <input type="hidden" name="dst"
value="http://www.mikrotik.com/"> <input type="submit" name="login" value="log in">
</form> </body> </html>
http://hotspot.example.com/login
just gives an error as the page cant be found. When you access that domain, it is the management interface, which is not what you want right. So I thought it was on a different port, couldnt work that out?
Am I missing something?