119
Figure 37
Portal system components
Authentication client
An authentication client is a Web browser that runs HTTP/HTTPS or a user host that runs a portal client
application. Security check for the user host is implemented through the interaction between the portal
client and the security policy server.
Access device
An access device refers to a broadband access device such as a switch or a router. An access device has
the following functions:
•
Redirects all HTTP requests of unauthenticated users to the portal Web server.
•
Interacts with the portal authentication server and the AAA server to complete authentication,
authorization, and accounting.
•
Allows users that pass portal authentication to access authorized Internet resources.
Portal authentication server
The portal authentication server receives authentication requests from authentication clients and interacts
with the access device to authenticate users.
Portal Web server
The portal Web server pushes the Web authentication page to authentication clients and forwards user
authentication information (username and password) to the portal authentication server. The access
device also redirects HTTP requests from unauthenticated users to the portal Web server.
The portal Web server can be integrated with the portal authentication server or an independent server.
AAA server
The AAA server interacts with the access device to implement authentication, authorization, accounting
for portal users. Now only a RADIUS server can act as an AAA server in a portal system.
Security policy server
The security policy server interacts with the portal client and the access device for security check and
authorization for users.
Authentication client
Authentication client
Authentication client
Security policy
server
Portal authentication
server
Access device
Portal Web server
AAA server