Sasecurity Wiki
Don't have an account?
Register
Advertisement
Register
in: Sasecurity

TicKet

Sign in to edit

back to http://scratchpad.wikia.com/wiki/Sasecurity

So this means that to have a ticket of thirty minutes our portal timeout would need to be less than that? Surely this would then be unacceptable to our mainstream users (in member class). Many were complaining about the splash screen appearing every 2 hours, so we set it to 4.

We have a requirement for some cyber-cafe type access to our network, but need it to expire sooner than that which we have set for our mainstream members (not all of whom use auto-login via MAC address). Looks like we can't do it.

>> I have recently setup a Ticketed realm to allow the issue of one-time >> passwords for temporary access to our network. The problem is that >> the Tickets do not expire in accordance with the Ticket Timeout >> parameter (set a 30 minutes), but timeout in accordance with Portal >> Timeout (set at 4 hours).


> The ticket timeouts can last longer than the portal timeout, but they > can't last less than the portal timeout.

> Think of it this way:

> For the period of the ticket timeout, you will be authenticated > whenever the portal timeout asks you to authenticate. When the ticket > expires, you will be asked to authenticate the next time the portal > asks you to. > > So:

> ticket------------------------------> > portal---->---->---->---->---->---->---->

> each > is an authentication request. You will only be presented with > the splash screen after the last portal timeout.

> If you have it set the other way around:

> ticket----> > portal---------------------------------->

> You will only see the splash screen at the end of the portal timeout, > as otherwise you are not asked to authenticate.

ticketing system[]

I've had a great deal of trouble getting the ticket timeout function to work properly. The portal timeout works fine every time but the ticket timeout does not. I've been told by Richard Lander from customer support that this is a bug in the system somewhere and that it will be fixed in later versions. I wanted to post the information from the following emailexchanges on the mailing list in case anybody else is having trouble with ticket timeouts in order to avoid any undue frustration and aggravation. I would also like to ask for ANY IDEAS on why this function would not be working for me and does just fine for others. I've talked with another member of the list that is having the exact same problems as I am and others who are not. It does not seem to matter what build I use, the problem is the Hi - I reckon that you have found a bug in the system - I am sure that later releases will fix it, in the mean time work on the same ticket and session timeouts.

It has been a few weeks and I was wondering if any progress had been made on the issue of tickets timing out properly? Is there a different version of the Mesh software that I could use? It seems as if others are using the function currently with no troubles and we can't figure out why it is a problem for me. I have talked with another list member and he is having the same problem as I'm having. Any information is greatly appreciated. Sincerely, Jim Shope, (Hershey, Pennsylvania)


If you can work on the portal timeout for tickets in the short term I expect that this will fix shortly

Whewww, I have to admit there is a certain relief in at least knowing that there is a problem... :)

I'm hoping that you might be able to tell me what sort of timeframe you foresee for this so that I'm not blindly advising my current client. Is it a higher priority issue or something that will be fixed down the road as resources become available? I understand that these things take time, I'm just trying to decide whether I should be brainstorming ways to get around this or if I should just sit tight?


I've tested the portal timeout several times today and IT DOES drop the connections for the tickets every time at the right time...

could you please see if the "portal timeout" values affect the tickets too ? There might be a crossed wire somewhere that is tying the ticket timeout to the portal timeout.


However, I changed the ticket timeout to 30 and it still does not kick me off... :( Darn, darn, darn..

I made the changes per your suggestions as follows...

Portal style = Wiana

PCMCIA is on because I have a PCI-PCMCIA adapter in the Meshbox which is running the 200mw SMC card. I tried turning it off but then the wireless does not work at all it seems.

Turned off faster bootup

Set gateway tunnel to IP

Set the power to 200mw

I changed the ticketed realm to follow the form showed on the wiki, "TICKETxxxxxx". It is now "TICKETEDHUMMEL". The amount of characters shown by the x's is six and so I used hummel as the part after "ticketed" in this realm so the number of characters matches.

Are there any ports on my firewall that should be open? I can authenticate just fine everytime, I just don't get kicked off after 30 minutes...

I also used "getandverify tobuild25dev76" in order to be running the same build that works for you and still no go...

Any other possibibilities that you can think of? Anything at all is much appreciated... ~jim

Here's what I see wrong. I will recommend these changes - not actually make them. I'll leave that to you!

Portal Style = Wiana Based Ticket timeout is set to 10 hours!!! (Minutes are at the top, hours are at the bottom). PCMCIA is ON... does this have a PCMCIA adapter? Turn faster bootup OFF. Set the power for 100mw unless it is a 200mw card. Auto has been buggy. Gateway tunnel needs to be IP.

Some of this obviously has nothing to do with tickets timing out, but just improves the performance. If you note, the shortest period you can set it to is 30 minutes. I bet this is why it won't timeout after 10 minutes! ;)


Just curious if you had any luck yet with checking things out? If not, please do not let me rush you! I am happy to wait till it is convenient for you. I've tried a few different things today such as switching the realm for tickets to just plain "TICKETED" and also setting the portal style to "ticketed" as per the post below... still no go... :(

The ticketed option under portal style is for, well, tickets.

We run an internet café in the local pub and have the node for the pub set as, portal mode = Auth only, portal style = ticketed, portal timeout 12hrs, ticket timeout 60 min, lock to realm prefix = Ticketed, twin realm prefix = user realm 

The above allows normal users to log on to the node and stay on for 12

hrs (MAC or user/psw depending on user) and ticketed users to be kicked off after 60 minutes.


> I do not have a static IP... it is a Comcast cable connection. > > The meshbox is a mini-itx box, EPIA V 800mhz processor, SMC 200 mw > card. It > is the only box that I have currently. > > I'm just doing some testing right now for a client that owns a small > motel here in Hershey, PA. He wants the room guests to have a full 24 > hours on a ticket and restaurant guests to have 3 hours. > > I do have a firewall in place at the moment so if I need to change something > please let me know.

> Email me your Wiana details & I'll take a look at that for you. Also, > do you > have a static ip for shelling into your gateway box remotely. If not, > hopefully the 1.x.x.x.mesh.wiana.org approach will work. > > I assume the first part is misconfiguration. The web browser & movie player > have been removed to save space. Don't worry about flash type. The GMT

> +13 is a known issue that Jon has on the backburner. > > What type of gateway do you have? I assume that since you bought these from > Ultramesh you have WRAP board units for repeaters?

> Hi, my name is Jim and I've posted quite a few times lately to the > Mesh mailing list. > > I am out of ideas on how to make a few basic things work with the MeshBox... > I'm hoping that you may have a bit of time to assist me. > > I've just received a new MeshBox from UltraMesh so that I could be assured > that the hardware was not going to be the problem here. > > I would not mind in the slightest if you were able to log into my > wiana account and see if you could see a problem. > > In a nutshell... :) > > 1. I have tried to get the one time use tickets to work in every way > that I > know how. I just can't see what I'm missing... The portal will timeout just > fine and the one time tickets allow me to get in no problem, but the ticket > timeout just won't work. > > 2. The web browser and movie player do not work either. After using > winSCP to look around it does not seem as if they are even > installed... I see the shortcuts to them in the file system but not > the files themselves > > 3. Flashtype won't change from anything but MeshAP32 on Wiana and I > was thinking this may be the trouble? After looking at the wiana.conf > file it says that the flashtype is meshbox32 though... > > 3. Last, I can't change the time from anything other than GMT13+ > (minor issue at this point though)


We use one-time use tickets on our network for temporary users & for a new hot-spot we just set up at a restaurant. I have portal timeout set to 72 hours, and the ticket timeout is for 20 hours on each node except at the restaurant, where it's set to 1 hour. We are using build25 - dev76 and all works as it's supposed to.

realm[]

Set your main realm as realm 1 and the ticketed realm as realm 2, all will work fine, well it does for us! I have set up and run Ticketed realms before in the first “Lock to realm prefix” but this seems to stop MAC address users from logging in, when I removed it and put back as a normal real all was OK. Can anyone tell me if I can run a Ticketed realm on the second realm setting? And will this still stop MAC uses from logging in.


edit me[]

{{{ So this means that to have a ticket of thirty minutes our portal timeout would need to be less than that? Surely this would then be unacceptable to our mainstream users (in member class). Many were complaining about the splash screen appearing every 2 hours, so we set it to 4.

We have a requirement for some cyber-cafe type access to our network, but need it to expire sooner than that which we have set for our mainstream members (not all of whom use auto-login via MAC address). Looks like we can't do it.

>> I have recently setup a Ticketed realm to allow the issue of one-time >> passwords for temporary access to our network. The problem is that >> the Tickets do not expire in accordance with the Ticket Timeout >> parameter (set a 30 minutes), but timeout in accordance with Portal >> Timeout (set at 4 hours). > > > The ticket timeouts can last longer than the portal timeout, but they > can't last less than the portal timeout. > > Think of it this way: > > For the period of the ticket timeout, you will be authenticated > whenever the portal timeout asks you to authenticate. When the ticket > expires, you will be asked to authenticate the next time the portal > asks you to. > > So: > > ticket------------------------------> > portal---->---->---->---->---->---->----> > > each > is an authentication request. You will only be presented with > the splash screen after the last portal timeout. > > If you have it set the other way around: > > ticket----> > portal----------------------------------> > > You will only see the splash screen at the end of the portal timeout, > as otherwise you are not asked to authenticate. > }}}

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed

More Sasecurity Wiki