Anonymous | Login | 2024-11-22 23:23 EST |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | Project | Category | View Status | Date Submitted | Last Update | |||
0001002 | PacketFence | configuration | public | 2010-06-02 05:29 | 2012-02-29 10:46 | |||
Reporter | obilodeau | |||||||
Assigned To | obilodeau | |||||||
Priority | normal | Severity | feature | Reproducibility | N/A | |||
Status | closed | Resolution | fixed | |||||
Platform | OS | OS Version | ||||||
Product Version | ||||||||
Target Version | 2.0.0 | Fixed in Version | 2.0.0 | |||||
Summary | 0001002: Optional auto-registration of authenticated devices | |||||||
Description | Something that is interesting in a 802.1x environment is that since the devices are already authenticated against a trusted source (AD), we can auto-register them as soon as they connect. However, some things needs to be changed to support that. - add $user_name to the call on locationlog_synchronize() - add $username in the pf::vlan::update_node_if_not_accurate() call and alter its logic - add $username to the pf::vlan::getNodeUpdatedInfo() and update pid if it changed - provide a way to opt-in or opt-out of this behavior (config parameter? or a method that that needs to be override in vlan/custom.pm) - node_modify() needs to insert pid if it doesn't already exist - add a 'dot1x_username' field in locationlog to represent user logged at that time, modify locationlog_sync..() to keep it current I want to talk to the guys about how to opt-in, opt-out of this behavior but I think it's the way to go. Maybe a new [802.1x] section under conf/pf.conf? | |||||||
Tags | No tags attached. | |||||||
fixed in git revision | ||||||||
fixed in mtn revision | a21987b3117a37f92a8c52d03802844bdfd9d268 | |||||||
Attached Files | ||||||||
Relationships | ||||||||||||||||
|
Notes | |
(0001607) obilodeau (reporter) 2010-07-21 13:37 |
0001034 needs to be fixed before this can be reliably solved. |
(0001707) obilodeau (reporter) 2010-10-01 16:25 |
What we are going for now is that locationlog's dot1x_username will always have the latest successfully registered 802.1X username and pid will be the user who registered the node in the first place. locationlog's dot1x_username will be exposed to in the node view as last_dot1x_username. |
(0001709) obilodeau (reporter) 2010-10-01 17:44 |
Partially fixed by: 5550de5cc36563f74d8d6f4612d09d1905977e58 dot1x_username is now available in locationlog and exposed through node views as last_dot1x_username. regarding the tasks: locationlog_synchronize can handle it, pf::vlan's update node, etc. were deprecated by yesterday's refactoring commit, no default behavior change needed as the username is provided in an additional field instead of overwriting pid. |
(0001710) obilodeau (reporter) 2010-10-01 18:07 |
Optional auto-registration with username accountability is now possible! |
Issue History | |||
Date Modified | Username | Field | Change |
2010-06-02 05:29 | obilodeau | New Issue | |
2010-06-02 05:29 | obilodeau | Status | new => assigned |
2010-06-02 05:29 | obilodeau | Assigned To | => obilodeau |
2010-06-09 05:26 | obilodeau | Relationship added | has duplicate 0001015 |
2010-07-21 13:36 | obilodeau | Relationship added | parent of 0001034 |
2010-07-21 13:37 | obilodeau | Note Added: 0001607 | |
2010-07-21 14:27 | obilodeau | Relationship added | parent of 0001000 |
2010-10-01 16:25 | obilodeau | Note Added: 0001707 | |
2010-10-01 17:44 | obilodeau | Note Added: 0001709 | |
2010-10-01 18:07 | obilodeau | mtn revision | => a21987b3117a37f92a8c52d03802844bdfd9d268 |
2010-10-01 18:07 | obilodeau | Note Added: 0001710 | |
2010-10-01 18:07 | obilodeau | Status | assigned => resolved |
2010-10-01 18:07 | obilodeau | Fixed in Version | => trunk |
2010-10-01 18:07 | obilodeau | Resolution | open => fixed |
2010-11-19 14:25 | obilodeau | Target Version | 1.10.0 => 2.0.0 |
2010-12-15 11:37 | obilodeau | Fixed in Version | trunk => 2.0.0 |
2011-01-26 15:42 | obilodeau | Status | resolved => closed |
2012-02-29 10:46 | obilodeau | Category | feature => configuration |
Copyright © 2000 - 2012 MantisBT Group |