UCTrust Workgroup
Child pages
  • Existing Campus Wireless Authentication

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Next »

Existing Campus Wireless Authentication

Campus

Wireless Authentication "Portal"

Backend Authentication System

Information Requested of Guest Users

How Authorization Decision Is Made

Do your IdP assert the "member of community" affiliation?  If so, how is it defined?

UCB

locally designed and supported web-based captive portal

"CalNet": campus auth'n system based using Kerberos

ephemeral login name and password, created by sponsor

must be sponsored by a faculty or staff member

 

UCD

Aruba

Kerberos

Name, e-mail, phone, and password are required.  Title, organization and address are also requested.  The sponsor must login to access the registration page.

Must be sponsored by a UCD faculty or staff member.  The guest access is good for 7 days but may be renewed for up to 30 days.

 

UCLA

Web-based interface of Aruba wireless controllers; will migrate to locally developed web-based interface with Shibboleth implementation. New web interface communicates with controller via vendor provided API.

RADIUS interface to UCLA Logon ID system

Name, e-mail address, and phone number of guest and sponsor

Faculty and staff may sponsor guest accounts via http://www.bol.ucla.edu/services/accounts/info/guest.html

UCLA defines "member" as current UCLA employees and students. For additional information, see UCLA's attribute dictionary entry on eduPersonAffiliation

UCR

Unencrypted: Cisco Webauth (with custom portal page), Encrypted: WPA2-Enterprise PAP

RADIUS to LDAP (via IDEngines Appliance)

Library guest users have unimpeded access; those who sponsor other guests must provide name, purpose, and lifetime of guest credentials.

(Does this question refer only to guests?) Anyone may use library guest wireless; other guests must be sponsored by faculty or computing staff; all other campus affiliates have access.

 

UCSD

 

 

 

 

 

UCSC

Unencrypted: Clean Access capture portal. Planning to migrate to a new lightweight WAP solution in a few months that may replace Clean Access.
Encrypted: WPA-Enterprise MS-CHAPv2

Unencrypted: RADIUS to Kerberos
Encrypted: RADIUS to LDAP

Unencrypted: Portal Guest button offers limited functionality to wireless. Divisions/Users may request temporary sundry accounts.
Encrypted: No guest access today

Guest button is automatic. Campus account management team grants sundry accounts. Note: Sundry accounts provide access to more than just campus wireless.

We do not currently assert this value.


  • No labels