May 8, 2013 at 11:33 am #43656
I have ZS set up with a captive portal for user login. I’d like to understand better how the user is kept logged in.
With a normal windows browser, you get the popup which must stay open to stay logged in… but what about the browsers (e.g. android) that don’t use the popup? How, and how long, do they stay logged in? Is it as long as they’re connected, or is it for the “authenticator validity” time setting?
Does this mean that I can disable the popup (which may confuse some users) and set the timeout for a long time, so they only have to log in, say, once a day?May 30, 2013 at 6:45 am #52751
If you go to Users / Accounting / Accounting Class. First you enable Accounting. After you can create an accounting class or use default to limit connection time and assign it to each user.
I hope in the future we can use group to define this kind of solution.
You can modify kerberos option for user to limit his connection. But I think Accounting is more efficient to give a general rule.
Hope this helpJune 4, 2013 at 9:51 pm #52752
You misunderstand… I don’t want to limit the connection for any particular user; I would just like to make the popup unnecessary.July 1, 2013 at 7:30 pm #52753
Anybody?April 21, 2015 at 3:32 pm #52754
The current edition of ZS has a pop-up filter list that disables the pop-up window for specific browsers. You can also turn the pop-up window off entirely, which will keep all activity up to the redirect to the original site in the original window.
On the Captive Portal config page, look for a ‘popup’ button. This gives you the list of exempt user agents and three pop-up modes: all, none, or all but listed.
In my recent experience, if I set this to ‘none,’ then no one gets a pop-up window. The logged-on user remains on the logged-on list up to whatever the time limit is, even if they close their original browser window.
I asked in a recent post if the pop-up is even necessary in an environment where I want to just grant free but timed internet access to everyone. There was another post that showed how to hide the username and password fields, and just use a generic account for everyone and track connections by IPv4 and MAC address. I assume if you have normal user accounts, you could do away with the pop-up as well.
You must be logged in to reply to this topic.