116
Figure 43
Portal system components
Authentication client
The authentication client is an entity seeking access to network resources. It is typically an end-user
terminal, such as a PC. The client can use a browser or portal client software for portal authentication.
The security check for a client is implemented through the communications between the client and the
security policy server.
Access device
The access device controls user access. It can be a switch or router that provides the following functions:
•
Redirecting all HTTP requests from unauthenticated users to the portal server.
•
Interacting with the portal server, the security policy server, and the authentication/accounting
server for identity authentication, security check, and accounting.
•
Allowing users who have passed identity authentication and security check to access granted
Internet resources.
Portal server
The portal server listens to authentication requests from authentication clients and exchanges client
authentication information with the access device. It provides free portal services and pushes web
authentication pages to users.
Authentication/accounting server
The authentication/accounting server implements user authentication and accounting through interaction
with the access device.
Security policy server
The security policy server interacts with authentication clients and access devices for security check and
resource authorization.
The components of a portal system interact in the following procedure:
1.
When an unauthenticated user enters a website address in the browser's address bar to access the
Internet, an HTTP request is created and sent to the access device, which redirects the HTTP request