3com WX2200 3CRWX220095A User Manual
478
C
HAPTER
21: C
ONFIGURING
AAA
FOR
N
ETWORK
U
SERS
To change the Web Portal WebAAA session timeout period, use the
following command:
following command:
set service-profile name web-portal-session-timeout seconds
You can specify from 5 – 2,800 seconds. The default is 5 seconds. Note
that the Web Portal WebAAA session timeout period applies only to Web
Portal WebAAA sessions already authenticated with a username and
password. For all other Web Portal WebAAA sessions, the default Web
Portal WebAAA session timeout period of 5 seconds is used.
that the Web Portal WebAAA session timeout period applies only to Web
Portal WebAAA sessions already authenticated with a username and
password. For all other Web Portal WebAAA sessions, the default Web
Portal WebAAA session timeout period of 5 seconds is used.
Configuring the Web
Portal Logout
Function
You can configure Web Portal WebAAA to allow a user to manually
terminate his
terminate his
or her session. When this feature is enabled, after a Web
Portal WebAAA user is successfully authenticated and redirected to
the requested page, a pop-under window appears behind the user’s
browser. The window contains a button labeled “End Session”. When
the user clicks this button, a URL is requested that terminates the user
session in the Mobility Domain.
the requested page, a pop-under window appears behind the user’s
browser. The window contains a button labeled “End Session”. When
the user clicks this button, a URL is requested that terminates the user
session in the Mobility Domain.
The user’s logout request is sent to one of the WX switches in the
Mobility Domain. It does not have to be the WX that the user was
authenticated on, or the WX where the user session currently resides. The
WX receiving the logout request determines which WX switch has the
user session. If it is a local session, the session is terminated. If another
WX switch in the Mobility Domain has the session, then it redirects the
request to that WX.
Mobility Domain. It does not have to be the WX that the user was
authenticated on, or the WX where the user session currently resides. The
WX receiving the logout request determines which WX switch has the
user session. If it is a local session, the session is terminated. If another
WX switch in the Mobility Domain has the session, then it redirects the
request to that WX.
This feature is useful for allowing Web Portal users a way to manually log
out of the network, instead of waiting to be logged out automatically
when the Web Portal WebAAA session timeout period expires.
out of the network, instead of waiting to be logged out automatically
when the Web Portal WebAAA session timeout period expires.
To enable the Web Portal logout functionality, use the following
command:
command:
set service-profile profile-name web-portal-logout mode
{enable | disable}
{enable | disable}
To specify a Web Portal logout URL, use the following command:
set service-profile profile-name web-portal-logout
logout-url url
logout-url url