Captive portal type of user authentication system is used popularly in the network services for open environment such as wireless LAN(WLAN), because the system is easy to use, easy to manage and compatible with various user terminals. But, as it is difficult to determine the end of the user’s session, there is the risk of hijacking of the authenticated session. In this paper, we propose a method to detect the end of a session, where a user uses a web browser without plug-ins. For this purpose, an Ajax code is sent to the terminal after authentication. And the Ajax code keeps a TCP connection between the terminal and the watch-process at the gateway by using HTTP Keep-Alive function and delayed HTTP response. When the closure of the TCP connection is detected, the watch process terminates the authenticated session. The method can work with almost all browsers. We also propose a method for acquiring IPv4 and IPv6 addresses in the IP dual stacked network. We have implemented the method in our captive portal system named “Opengate”. As the result, the system becomes more useful, because it can be applied to the IP dual stack network and can be maintained more securely for a variety of users.
[1]
Partha Dasgupta,et al.
Secure wireless gateway
,
2002,
WiSE '02.
[2]
Kenzi Watanabe,et al.
An User Authentication Gateway System with Simple User Interface, Low Administration Cost and Wide Applicability
,
2001
.
[3]
Kenzi Watanabe,et al.
Implementation of IPv6 functions for a network user authentication system opengate
,
2005,
SIGUCCS '05.
[4]
Jesse James Garrett.
Ajax: A New Approach to Web Applications
,
2007
.
[5]
Pekka Nikander,et al.
Authorization and Charging in Public WLANs Using FreeBSD and 802.1x
,
2002,
USENIX Annual Technical Conference, FREENIX Track.