Hi Everyone,
I am trying to setup an environment where I am using Google Apps for
education as my main source of "authentication" data for the captive
portal. I am doing mac-based authentication of the devices and redirecting
users to a captive portal to do device self-registration.
Unfortunately im quite limited in what I can do on the google apps
directory and was trying to find a way to define the "role" of the
authenticated user from the local database. So, in short, I would
pre-create all the local users with the assigned roles (like teacher,
elementary-school, high-school, or admin-staff), with each role being pass
on to my wifi controller for different rate-limit values as well as
applying different bandwidth quotas and number of devices registered.
It seems though as I am forced to define a role (via a rule) when using the
google oauth source and then it seems that my local user list is never
checked. Is there any way to do this? Ideally, I would like to avoid to do
the "chained" authentication (since I dont want users to login to their
local PF accounts). I want to authenticate against google but "authorize"
against the local DB.
Any ideas on how to do this?
(Additionally, I did some changes to the Google Oauth plugin to allow only
the users from a specific domain only to be able to login. Otherwise, any
user with a google accounts could login). I will share my code as soon as I
can.
Best Regards,
Diego
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
