is there normal way to create a user that can not log on until a future date?
I am setting up a hotspot in a cafe that is not very high tech. They offer free wifi in a well known cafe down here in Darlinghurst Sydney (All radius users welcome :) ) To prevent abuse I was planning on making daily access keys. The idea was to make a year of them and print them in a book. The first person in would simply look up the date in the secret book put it into the cash register to print on the receipt. Setting the 'Expiration' time is simple (and works well) but I want to prevent someone from simply copying a key far in the future and using it until then so I want to make each key only valid for a day. (Yes I know this does not prevent them from photocopying the whole book, but that's a lot harder than getting a key for this time next year) Ideally everyone for that day will get the same key (I made an application to populate the database with simple two word tokens). I think I can probably do it with the SQL interface by only selecting from 'check records' that are current but is there a 'proper' way to do this? Surely a dialup ISP would set a 'start date', before which a user can not log in? Sorry if this has already been answered but I have searched the list and don't seem to be able to find a term that will give me an answer. - Rob Fowler - Sydney
you could probably set up a crontab job to delete entries in the SQL database, unless there is a simpler way. On Mon, May 26, 2008 at 9:01 PM, Rob Fowler <radius@mianos.com> wrote:
I am setting up a hotspot in a cafe that is not very high tech. They offer free wifi in a well known cafe down here in Darlinghurst Sydney (All radius users welcome :) )
To prevent abuse I was planning on making daily access keys. The idea was to make a year of them and print them in a book. The first person in would simply look up the date in the secret book put it into the cash register to print on the receipt.
Setting the 'Expiration' time is simple (and works well) but I want to prevent someone from simply copying a key far in the future and using it until then so I want to make each key only valid for a day. (Yes I know this does not prevent them from photocopying the whole book, but that's a lot harder than getting a key for this time next year) Ideally everyone for that day will get the same key (I made an application to populate the database with simple two word tokens).
I think I can probably do it with the SQL interface by only selecting from 'check records' that are current but is there a 'proper' way to do this? Surely a dialup ISP would set a 'start date', before which a user can not log in?
Sorry if this has already been answered but I have searched the list and don't seem to be able to find a term that will give me an answer.
- Rob Fowler - Sydney - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- "He who controls the past controls the future. He who controls the present controls the past." - 1984 Random quote of the week/month/whenever i get to updating it: "Don't worry about people stealing an idea. If it's original, you will have to ram it down their throats." - Howard Aiken
Hi,
I think I can probably do it with the SQL interface by only selecting from 'check records' that are current but is there a 'proper' way to do this? Surely a dialup ISP would set a 'start date', before which a user can not log in?
add another table eg validity, then put eg this into it: id | int(11) | NO | PRI | NULL | auto_increment | UserName | varchar(60) | YES | | NULL | | start_date | datetime | YES | | NULL | | end_date | datetime | YES | | NULL | | then either use SQL or eg PERL to run a quick authorize check eg validity.start_date <= NOW() and validity.end_date >= NOW() etc. a basic test can be squeezed into 1.1.x or 2.0.x - something a little more inline and streamlines can be done in unlang another option - touched on by others, is to generate a new account on the flu each day - if you can access the till system via the RADIUS server then it could add the username details etc to the till after its generated. alan
A.L.M.Buxey@lboro.ac.uk wrote:
Hi,
I think I can probably do it with the SQL interface by only selecting from 'check records' that are current but is there a 'proper' way to do this? Surely a dialup ISP would set a 'start date', before which a user can not log in?
add another table eg validity, then put eg this into it:
id | int(11) | NO | PRI | NULL | auto_increment | UserName | varchar(60) | YES | | NULL | | start_date | datetime | YES | | NULL | | end_date | datetime | YES | | NULL | |
then either use SQL or eg PERL to run a quick authorize check
eg validity.start_date <= NOW() and validity.end_date >= NOW()
etc. a basic test can be squeezed into 1.1.x or 2.0.x - something a little more inline and streamlines can be done in unlang
This is what I had in mind if there is no native support for such. I'll probably do what you suggested here word for word. It almost seems a 'proper' way as it's pretty normal to have a validity in an account table.
another option - touched on by others, is to generate a new account on the flu each day - if you can access the till system via the RADIUS server then it could add the username details etc to the till after its generated.
I know this will work but, however simple, I'd rather not add a dependancy on cron and a external mysql script (although I am sure the locking works fine with mysql these days :) )
Instead of using Expiration you can modify it a bit. Create your custom attribute Login-Date. Then use perl or some other script to check if current date is equal to Login-Date and set Session-Timeout to last until the end of the day. Ivan Kalik Kalik Informatika ISP Dana 27/5/2008, "Rob Fowler" <radius@mianos.com> piše:
I am setting up a hotspot in a cafe that is not very high tech. They offer free wifi in a well known cafe down here in Darlinghurst Sydney (All radius users welcome :) )
To prevent abuse I was planning on making daily access keys. The idea was to make a year of them and print them in a book. The first person in would simply look up the date in the secret book put it into the cash register to print on the receipt.
Setting the 'Expiration' time is simple (and works well) but I want to prevent someone from simply copying a key far in the future and using it until then so I want to make each key only valid for a day. (Yes I know this does not prevent them from photocopying the whole book, but that's a lot harder than getting a key for this time next year) Ideally everyone for that day will get the same key (I made an application to populate the database with simple two word tokens).
I think I can probably do it with the SQL interface by only selecting from 'check records' that are current but is there a 'proper' way to do this? Surely a dialup ISP would set a 'start date', before which a user can not log in?
Sorry if this has already been answered but I have searched the list and don't seem to be able to find a term that will give me an answer.
- Rob Fowler - Sydney - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
participants (4)
-
A.L.M.Buxey@lboro.ac.uk -
Ivan Kalik -
Paul Bartell -
Rob Fowler