-
前置条件 已有AP设备并上线,同时将该设备纳管至目标站点,具体操作方法请参见配套产品文档的“添加设备”章节。 第三方系统具备Portal认证和授权等能力。 云平台中继认证(API方式),需要通过RESTful接口来实现,所需要满足如下要求: 用户具备一定的Restful基本开发能力,并了解云平台的Restful API接口。 已具有云平台API权限的租户账号和对应的API接口操作权限管理账号,具体操作方法请参见用户身份认证。 父主题: 云平台中继认证(API方式)
-
认证流程 终端用户在访问互联网时,连接Wi-Fi的SSID,登录由第三方系统推送的Portal页面进行认证。第三方系统调用华为iMaster NCE-CampusiMaster NCE-WAN云管理平台认证授权API,给AP设备授权终端Wi-Fi接入权限,从而使终端用户访问互联网。 图1 iMaster NCE-CampusiMaster NCE-WAN与第三方系统通过API方式交互 第三方认证系统,可以根据客户需求进行Portal页面定制、广告推送等应用,主要包含如下两大子系统: 1:PortalServer:用于提供Portal认证功能。 2:授权平台:用于调用云平台的API接口,实现对终端的控制能力(如授权、授权结果查询、强制用户下线等)。 父主题: 云平台中继认证(API方式)
-
授权结果查询操作步骤 参见配套产品的Restful API参考中“授权结果查询”章节,发起HTTP请求。 HTTP请求示例: GET /controller/cloud/v2/northbound/accessuser/haca/authorizationresult/5ea660be98a84618fa3d6d03f65f47ab578ba3b4216790186a932f9e8c8c880d?nodeIp=192.168.211.236 HTTP/1.1
Host: 192.168.1.125:18002
Content-Type: application/json
Accept: application/json
Accept-Language: en-US
X-AC
CES S-TOKEN: CA48D152F6B19D84:637C38259E6974E17788348128A430FEE150E874752CE754B6BF855281219925 收到HTTP响应消息。 HTTP响应示例: HTTP/1.1 200 OK
Date: Mon,30 Jul 2018 10:00:00 GMT
Server: example-server
Content-Type: application/json
{
"errcode" : "0",
"errmsg" : "",
"psessionid" : "5ea660be98a84618fa3d6d03f65f47ab578ba3b4216790186a932f9e8c8c880d"
}
-
授权终端用户操作步骤 参见配套产品的Restful API参考中“授权终端用户”章节,发起HTTP请求。 HTTP请求示例: POST /controller/cloud/v2/northbound/accessuser/haca/authorization HTTP/1.1
Host: 192.168.1.125:18002
Content-Type: application/json
Accept: application/json
Accept-Language: en-US
X-ACCESS-TOKEN: CA48D152F6B19D84:637C38259E6974E17788348128A430FEE150E874752CE754B6BF855281219925
{
"deviceMac" : "4C-FA-CA-1F-02-00",
"deviceEsn" : "21500829352SG5900059",
"apMac" : "4C-FA-CA-C1-9C-20",
"ssid" : "SSID-API",
"policyName" : "aa",
"terminalIpV4" : "10.66.85.177",
"terminalIpV6" : "1030::C9B4:FF12:48AA:1A2B",
"terminalMac" : "64-80-99-CF-8A-32",
"userName" : "test",
"nodeIp" : "192.168.211.236",
"temPermitTime" : 300
} 收到HTTP响应消息。 HTTP响应示例: HTTP/1.1 200 OK
Date: Mon,30 Jul 2018 10:00:00 GMT
Server: example-server
Content-Type: application/json
{
"errcode" : "0",
"errmsg" : "",
"psessionid" : "5ea660be98a84618fa3d6d03f65f47ab578ba3b4216790186a932f9e8c8c880d"
}
-
强制用户下线操作步骤 参见配套产品的Restful API参考中“强制用户下线”章节,发起HTTP请求。 HTTP请求示例: POST /controller/cloud/v2/northbound/accessuser/haca/cutuser HTTP/1.1
Host: 192.168.1.125:18002
Content-Type: application/json
Accept: application/json
Accept-Language: en-US
X-ACCESS-TOKEN: CA48D152F6B19D84:637C38259E6974E17788348128A430FEE150E874752CE754B6BF855281219925
{
"thirdUserInfos" : [
{
"deviceMac" : "4C-FA-CA-1F-02-00",
"deviceEsn" : "21500829352SG5900059",
"terminalIpV4" : "10.66.85.177",
"terminalIpV6" : "1030::C9B4:FF12:48AA:1A2B",
"terminalMac" : "64-80-99-CF-8A-32",
"userName" : "test",
"psessionid" : "5ea660be98a84618fa3d6d03f65f47ab578ba3b4216790186a932f9e8c8c880d",
"nodeIp" : "192.168.211.236"
}
]
} 收到HTTP响应消息。 HTTP响应示例: HTTP/1.1 200 OK
Date: Mon,30 Jul 2018 10:00:00 GMT
Server: example-server
Content-Type: application/json
{
"errcode" : "0",
"errmsg" : "",
"success" : [
{
"message" : "success",
"psessionid" : "5ea660be98a84618fa3d6d03f65f47ab578ba3b4216790186a932f9e8c8c880d"
}
],
"failure" : [
{
"message" : "success",
"psessionid" : "5ea660be98a84618fa3d6d03f65f47ab578ba3b4216790186a932f9e8c8c880d"
}
]
}
