Anonymous | Login | 2024-11-22 18:55 EST |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | Project | Category | View Status | Date Submitted | Last Update | |||
0001678 | PacketFence | captive portal | public | 2013-08-02 09:13 | 2014-12-22 20:02 | |||
Reporter | KimHagen | |||||||
Assigned To | fdurand | |||||||
Priority | normal | Severity | minor | Reproducibility | always | |||
Status | resolved | Resolution | fixed | |||||
Platform | OS | OS Version | ||||||
Product Version | ||||||||
Target Version | Fixed in Version | |||||||
Summary | 0001678: Google oauth redirects back to captive portal before you can select yes/no to allow your site. | |||||||
Description | On the captive portal if you select Google ouath it will redirect you to the Google login, after this it will redirect you back to the captive portal. (or first it will let you do your second-step authentication and then send you back to the captive portal page.) If you then select the Google oauth again you will get on the page where you can accept your site to have access and if you select yes the network access progress-bar appears and you have access. So you get 2 times the captive portal before you have access. For the facebook oauth it is as you expect. (portal, login and then access) | |||||||
Tags | No tags attached. | |||||||
fixed in git revision | ||||||||
fixed in mtn revision | ||||||||
Attached Files | ||||||||
Notes | |
(0003375) KimHagen (reporter) 2013-08-02 09:15 |
This was on an iphone 5 and samsung Galaxy S3 |
(0003376) fdurand (administrator) 2013-08-02 09:25 |
Hello, it mean that one of the domain your device try to reach is forwarded to packetfence. So sniff dns traffic between packetfence and your device and add the missing domains in the list of Authorized domains in your google authentication source. Regards Fabrice |
(0003380) KimHagen (reporter) 2013-08-02 11:42 edited on: 2013-08-02 11:46 |
Hello, I did sniff the dns traffic and i see what happens, i do not know if this is suppose to happen. On iphone i select my wifi profile for packetfence and it opens a captive portal window (which i think always goes to www.apple.com) I login with the google option, it goes to the google login, then it tries to go to www.apple.com instead of the google "accept this site" site. 10.0.0.59 8.8.8.8 DNS 73 Standard query A www.apple.com 8.8.8.8 10.0.0.59 DNS 89 Standard query response A 10.0.3.254 10.0.0.59 8.8.8.8 DNS 82 Standard query A mypacketfilterhost.dom 8.8.8.8 10.0.0.59 DNS 98 Standard query response A 10.0.3.254 10.0.0.59 8.8.8.8 DNS 79 Standard query A accounts.google.com 8.8.8.8 10.0.0.59 DNS 95 Standard query response A 173.194.66.84 10.0.0.59 8.8.8.8 DNS 75 Standard query A ssl.gstatic.com 8.8.8.8 10.0.0.59 DNS 91 Standard query response A 173.194.66.120 10.0.0.59 8.8.8.8 DNS 78 Standard query A accounts.google.nl 8.8.8.8 10.0.0.59 DNS 94 Standard query response A 173.194.66.94 10.0.0.59 8.8.8.8 DNS 73 Standard query A www.apple.com 8.8.8.8 10.0.0.59 DNS 89 Standard query response A 10.0.3.254 10.0.0.59 8.8.8.8 DNS 82 Standard query A mypacketfilterhost.dom 8.8.8.8 10.0.0.59 DNS 98 Standard query response A 10.0.3.254 10.0.0.67 8.8.8.8 DNS 79 Standard query A accounts.google.com 8.8.8.8 10.0.0.67 DNS 95 Standard query response A 173.194.66.84 10.0.0.59 8.8.8.8 DNS 82 Standard query A mypacketfilterhost.dom 8.8.8.8 10.0.0.59 DNS 98 Standard query response A 10.0.3.254 10.0.0.59 8.8.8.8 DNS 79 Standard query A www.packetfence.org 8.8.8.8 10.0.0.59 DNS 95 Standard query response A 67.205.85.245 From an android device you select the wifi, and then go to an url, in my case www.tweakers.net and you get the captive portal, i then use google auth and enter username and password. Then the portal tries to go to www.tweakers.net before it goes to the google acceptance page. 10.0.0.67 8.8.8.8 DNS 82 Standard query A mypacketfilterhost.dom 8.8.8.8 10.0.0.67 DNS 98 Standard query response A 10.0.3.254 10.0.0.67 8.8.8.8 DNS 79 Standard query A accounts.google.com 8.8.8.8 10.0.0.67 DNS 95 Standard query response A 173.194.66.84 10.0.0.67 8.8.8.8 DNS 79 Standard query A www.packetfence.org 8.8.8.8 10.0.0.67 DNS 95 Standard query response A 67.205.85.245 10.0.0.67 8.8.8.8 DNS 84 Standard query A www.google-analytics.com 8.8.8.8 10.0.0.67 DNS 304 Standard query response CNAME www-google-analytics.l.google.com A 173.194.34.71 A 173.194.34.70 A 173.194.34.66 A 173.194.34.78 A 173.194.34.72 A 173.194.34.73 A 173.194.34.64 A 173.194.34.69 A 173.194.34.68 A 173.194.34.67 A 173.194.34.65 10.0.0.67 8.8.8.8 DNS 76 Standard query A mtalk.google.com 8.8.8.8 10.0.0.67 DNS 121 Standard query response CNAME mobile-gtalk.l.google.com A 173.194.78.188 10.0.0.67 8.8.8.8 DNS 74 Standard query A www.google.com 8.8.8.8 10.0.0.67 DNS 170 Standard query response A 173.194.66.99 A 173.194.66.104 A 173.194.66.147 A 173.194.66.103 A 173.194.66.105 A 173.194.66.106 10.0.0.67 8.8.8.8 DNS 79 Standard query A clients1.google.com 8.8.8.8 10.0.0.67 DNS 279 Standard query response CNAME clients.l.google.com A 173.194.34.78 A 173.194.34.69 A 173.194.34.68 A 173.194.34.71 A 173.194.34.65 A 173.194.34.64 A 173.194.34.67 A 173.194.34.73 A 173.194.34.66 A 173.194.34.70 A 173.194.34.72 10.0.0.67 8.8.8.8 DNS 84 Standard query A productforums.google.com 8.8.8.8 10.0.0.67 DNS 203 Standard query response CNAME groups.l.google.com A 173.194.66.100 A 173.194.66.113 A 173.194.66.139 A 173.194.66.102 A 173.194.66.138 A 173.194.66.101 10.0.0.67 8.8.8.8 DNS 75 Standard query A csi.gstatic.com 8.8.8.8 10.0.0.67 DNS 91 Standard query response A 173.194.32.175 10.0.0.67 8.8.8.8 DNS 73 Standard query A www.google.nl 8.8.8.8 10.0.0.67 DNS 89 Standard query response A 173.194.66.94 10.0.0.67 8.8.8.8 DNS 78 Standard query A accounts.google.nl 8.8.8.8 10.0.0.67 DNS 135 Standard query response CNAME accounts-cctld.l.google.com A 173.194.66.94 10.0.0.67 8.8.8.8 DNS 75 Standard query A www.tweakers.nl 8.8.8.8 10.0.0.67 DNS 91 Standard query response A 10.0.3.254 10.0.0.67 8.8.8.8 DNS 82 Standard query A mypacketfilterhost.dom 8.8.8.8 10.0.0.67 DNS 98 Standard query response A 10.0.3.254 10.0.0.67 8.8.8.8 DNS 79 Standard query A accounts.google.com 8.8.8.8 10.0.0.67 DNS 95 Standard query response A 173.194.66.84 10.0.0.67 8.8.8.8 DNS 82 Standard query A mypacketfilterhost.dom 8.8.8.8 10.0.0.67 DNS 98 Standard query response A 10.0.3.254 10.0.0.67 10.0.3.254 HTTP 686 GET /access?destination_url=http%3A%2F%2Fwww.packetfence.org%2F HTTP/1.1 It looks like it redirects to the requested url before google acceptance page. Regards, Kim |
(0003390) KimHagen (reporter) 2013-08-12 06:04 |
The problem i had is gone, i think it was because i used inline interface in dns instead of management interface. Regards, Kim |
(0003616) delta (reporter) 2014-11-29 08:28 |
On the captive portal if you select Google ouath it will redirect you to the Google login, after this it will redirect you back to the captive portal |
(0003617) delta (reporter) 2014-11-29 08:28 |
can help |
(0003628) fdurand (administrator) 2014-12-22 20:02 |
Configuration issue |
Issue History | |||
Date Modified | Username | Field | Change |
2013-08-02 09:13 | KimHagen | New Issue | |
2013-08-02 09:15 | KimHagen | Note Added: 0003375 | |
2013-08-02 09:25 | fdurand | Note Added: 0003376 | |
2013-08-02 11:42 | KimHagen | Note Added: 0003380 | |
2013-08-02 11:46 | KimHagen | Note Edited: 0003380 | |
2013-08-07 05:18 | KimHagen | Note Added: 0003388 | |
2013-08-12 06:02 | KimHagen | Note Deleted: 0003388 | |
2013-08-12 06:04 | KimHagen | Note Added: 0003390 | |
2014-11-29 08:28 | delta | Note Added: 0003616 | |
2014-11-29 08:28 | delta | Note Added: 0003617 | |
2014-11-29 08:29 | delta | Tag Attached: captive portal | |
2014-11-29 08:29 | delta | Tag Detached: captive portal | |
2014-12-22 20:02 | fdurand | Note Added: 0003628 | |
2014-12-22 20:02 | fdurand | Status | new => resolved |
2014-12-22 20:02 | fdurand | Resolution | open => fixed |
2014-12-22 20:02 | fdurand | Assigned To | => fdurand |
Copyright © 2000 - 2012 MantisBT Group |