Web authentication system
A typical Web authentication system consists of four basic components: authentication client, access device, local portal Web server, and AAA server.
Figure 86: Web authentication system using the local portal server
Authentication client
An authentication client is a Web browser that runs HTTP.
Access device
An access device has the following functions:
Redirects all user HTTP requests that do not match authentication-free rules to the Web authentication page before authentication.
Interacts with the AAA server to complete authentication, authorization, and accounting. For more information about AAA, see "Configuring AAA."
Allows users that pass authentication to access authorized network resources.
Local portal Web server
The access device acts as the local portal Web server. The local portal Web server pushes the Web authentication page to authentication clients and obtains user authentication information (username and password).
AAA server
An AAA server interacts with the access device to implement user authentication, authorization, and accounting. A RADIUS server can perform authentication, authorization, and accounting for Web authentication users. An LDAP server can perform authentication for Web authentication users.