Web Based authentication for wireless internet

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
davereb
New Member
Posts: 10
Joined: Wed May 06, 2009 3:45 pm
Location: Burlington, WI, USA

Web Based authentication for wireless internet

#1

Post by davereb »

I've got set up in our stake a web based authentication method.

The stake maintains a list of user names that are allowed. It is tied into LDS Account to check passwords.

It works great! I'm wondering if it is possible to add this type of idea to the project to provide internet access to members to fulfill there callings. You can grant access and revoke access as needed without needing to change the WEP key.
jdlessley
Community Moderators
Posts: 8878
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#2

Post by jdlessley »

This sounds great. Can you provide information on how that was accomplished for others to do the same?
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center?
davereb
New Member
Posts: 10
Joined: Wed May 06, 2009 3:45 pm
Location: Burlington, WI, USA

#3

Post by davereb »

The setup is complicated, but I want to work with the network department at church headquarters to make it available to any who desire.

It requires having a radius server, a https server, reflashing a router with OpenWRT and installing ChilliSpot.

If the church is involved then we can use a single radius and https (which the church already has) and I'd be willing to set up the router and then the local people would only have to plug in wires and learn how to add and remove access through the https server.
LakeyTW
Member
Posts: 86
Joined: Fri Jan 19, 2007 3:29 pm
Location: Salt Lake City, UT

#4

Post by LakeyTW »

davereb wrote:I've got set up in our stake a web based authentication method.

The stake maintains a list of user names that are allowed. It is tied into LDS Account to check passwords.

It works great! I'm wondering if it is possible to add this type of idea to the project to provide internet access to members to fulfill there callings. You can grant access and revoke access as needed without needing to change the WEP key.
Please contact me by private message to discuss this.
User avatar
WelchTC
Senior Member
Posts: 2085
Joined: Wed Sep 06, 2006 8:51 am
Location: Kaysville, UT, USA
Contact:

#5

Post by WelchTC »

This probably goes without saying but I thought that I would remind everone that we should never cache LDSAccount credentials on any non-official computer or server.

Tom
davereb
New Member
Posts: 10
Joined: Wed May 06, 2009 3:45 pm
Location: Burlington, WI, USA

#6

Post by davereb »

tomw wrote:This probably goes without saying but I thought that I would remind everone that we should never cache LDSAccount credentials on any non-official computer or server.

Tom
I agree, and just for the record, I test the passwords at each request and do not store them on my server.
russellhltn
Community Administrator
Posts: 31975
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#7

Post by russellhltn »

Personally, I'd never give my LDS Account information to any non-Church server. I didn't say anything in this situation since it was for access to the Church WiFi.

It does sound like something I'd like the see the church setup to help us manage our AP access.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
davereb
New Member
Posts: 10
Joined: Wed May 06, 2009 3:45 pm
Location: Burlington, WI, USA

#8

Post by davereb »

RussellHltn wrote:Personally, I'd never give my LDS Account information to any non-Church server. I didn't say anything in this situation since it was for access to the Church WiFi.

It does sound like something I'd like the see the church setup to help us manage our AP access.
I would love to see the church implement this as an official option to units that want it. I'd love to help with the implementation.
dkcook2-p40
New Member
Posts: 47
Joined: Mon Feb 16, 2009 5:36 pm
Location: Salt Lake City, Utah, USA

Agreed

#9

Post by dkcook2-p40 »

Our stake presidency has been looking for a solution like this also. I like the concept of the church hosting the server and giving controls at the local level (e.g. lock access during Sacrament meeting, time out connections after a certain time, logs of who is using the internet and what sites, easier access for members).
davereb
New Member
Posts: 10
Joined: Wed May 06, 2009 3:45 pm
Location: Burlington, WI, USA

#10

Post by davereb »

Currently the hardware that I am using is not big enough to track which sites are visited, but it does log the user, time, and data transferred.

With a more expensive router it should be able to handle logging non ssl sites. (possibly the ip of ssl sites) But, I've not tried this yet.
Post Reply

Return to “Meetinghouse Internet”