Auto redirect to login page

Okay this is probably going to be a really complicated question, but maybe someone can give me an idea on how this works.

I travel as part of my job.  When I stay at a hotel and try to open a browser to surf, I get redirected to the hotels portal rather than my home page.  Typically, there is an authentication process, but not always.  How is the redirect accomplished?

The reason I am asking is that we are working on a mobile application that will reside on an unsecure wireless network.  We can either enable security on the router (really big headache because this wireless router will be sitting on a customer network and would then require a VPN to cross networks) or run open with a redirect to our webpage to authenticate and open access to the internet.  Our application is web based and the mobile app is really nothing more that some forms that submit the data to our web site.  Our customer wouldn't be willing to spend the resource hours to set up the VPN access at all locations across the US, so we thought running an unsecure wireless connection that required some sort of portal security might be a better solutions.  
sfletcher1959VPAsked:
Who is Participating?
 
muffConnect With a Mentor Commented:

This process is called "Catch and Release", and the functionality is required in the wireless AP in order to accomplish it.  A device that does this is called a "captive portal"   It goes like this (it can vary, but this is the gist).

The customer connects to the unsecure AP and are given an IP address and DNS addresses as normal.  They then go to their browser and type in for example "google.com".  This is resolved to the correct address for google, and the web browser attempts to download the main page at google.com.  The AP steps in at this point and instead of the google page, they are given a page that redirects to an authentication page stored on the AP (or some other device in the network).

The user is required to authenticate, and once they do, they are redirected back to google.com and can surf as normal for the rest of their session.

Here is a bit more info: http://en.wikipedia.org/wiki/Captive_portal

There are any number of ways you can achieve this.  The cheapest end of the scale (and this does not equate to the worst) is to use an AP that can be flashed with the third party firmware DD-WRT.  This provides a few ways to do catch and release.  Linksys APs are often compatible.

Zyxel do a ready to go coffee shop style AP: http://www.zyxel.com/web/product_family_detail.php?PC1indexflag=20040520161256&display=8064&CategoryGroupNo=4E14C850-478D-4204-8C85-2994C9552426

Their VSG 1200 is for larger scale solutions.

In your searching, look for "hotel hotspot" or "coffee shop hotspot" and variants to get research what you need.

0
 
joefreedomCommented:
Check out the following page on Forms Authentication in ASP.NET 2.0:
http://msdn.microsoft.com/en-us/library/aa480476.aspx

Look at the section titled 'Forms Authentication Control Flow'

It does a good job at describing the sequence of events much better than I could, granted i'm not an expert in this realm.
0
 
sfletcher1959VPAuthor Commented:
Wow!  Exactly what I was looking for.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.