A3 Online Help

Menu path: Configuration > Advanced Access Configuration Overview > Portal Modules.

The Portal Modules page lists the elements used to construct CWPs for Connection Profiles. The theory behind CWP modules is described in Captive Web Portal.

The display is a pictorial representation of the connections and flow between portal modules. New root modules are listed across the top of the page.

top

The underlined root module (Default portal policy in this case) is displayed below.

portal tree

The root of the tree on the left, in the box labeled step 1. Additional steps in the portal module are shown connected to its right. Each box can be edited by clicking on the box to reveal an edit and delete button.

edit or delete icons

Selection of the first symbol allows the entry to be edited. Existing modules are displayed at the bottom of the screen by category.

portal choices

Items are chosen from these categories and placed in steps 1, 2, or 3. As a module is moved over the display arrows appear to indicate where the module can be legally placed.

New Root modules are created by selecting new root module icon at the top of the page. A root module can be deleted by selecting the delete button at the top of the page; a second selection is required to confirm the deletion. The root module and all connections are saved with the save icon button. The scale of the display can be changed with the make smaller icon and expand buttons.

Other modules are created by clicking new module icon at the bottom of the page. The choices by category are:

Multiple
- Choice
- Chained
Authentication
Other
- FixedRole
- Message
- Provisioning
- Select Role
- Survey
- URL

Root

Root modules occupy the top of the CWP display tree and can reference any other module, although Chained and Choice modules are most often used. The Root module operates in the same manner as a Chained module. It is a simple container that defines all the modules that are used in a sequential manner to the user. Network access is allowed after the client has completed all modules contained in the Root, .

The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	special_guest_root
Description	A description that accompanies the ID.	Executes from other offices
Modules	One or more other modules. Select for the first module, then use the sign for more. The drop-down list offers the choice of all other modules, organized by type. Modules can be reordered by selecting its number and moving it up or down in the list.

Chained

Chained modules are move clients through an ordered set of modules. For example, registration via Goggle, and then payment using PayPal. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	multiple_auth_chain
Description	A description that accompanies the ID.	Oauth then SMS
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.
Modules	One or more other modules. Select for the first module, then use the sign for more. The drop-down list offers the choice of all other modules, organized by type. Modules can be reordered by selecting its number and moving it up or down in the list.
Authentication sources	The authentication source to be used in the module. If no source is specified, all the sources of the connection profile will be used.
Sources by class	For advanced users, authentication sources are selected from source code modules by their class.
Source by type	For advanced users, authentication sources are selected from source code modules by their type.
Source by auth class	For advanced users, authentication sources are selected from source code modules by their authentication class.

Choice

Choice modules are used to offer users a set of authentication choices or chained modules. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	multiple_auth_chain
Description	A description that accompanies the ID.	Oauth then SMS
Show First Module when None are Selected	If enabled, if the client selects none of the choices, then the first one will be used.
Mandatory fields	The information fields that the user must fill in for the authentication.	email
Fields to Save	A list of fields that will be saved throughout the registration process.	firstname lastname
Template	The name of the template used to frame the page.	content-with-choice.html
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.
Modules	One or more other modules. Select for the first module, then use the sign for more. The drop-down list offers the choice of all other modules, organized by type. Modules can be reordered by selecting its number and moving it up or down in the list.
Authentication Sources	The authentication source to be used in the module. If no source is specified, all the sources of the connection profile will be used.
Sources by Class	For advanced users, authentication sources are selected from source code modules by their class. One or more specifications of the form pf::Authentication::Source::<name> can be used in a Choice module. The <name> component can be any of the authentication sources defined in Configuration > Policies and Access Control > Authentication Sources or one of the predefined classes: Internal sources: ADSource, EAPTLSSource, HtpasswordSource, HTTPSource, LDAPSource, PotdSource, RADIUSSource, and SAMLSource External sources: EmailSource, NullSource, SMSSource, and SponsorEmailSource Social login sources: OAuthSource (all of the following), FacebookSource, GithubSource, GoogleSource, InstagramSource, KerberosSource, KickboxSource, LinkedInSource, OpenIDSource, PinterestSource, TwilioSource, TwitterSource, WindowsLiveSource Authorization sources - AuthorizationSource Billing sources: BillingSource (all of the following), AuthorizeNet, ClickatellSource, AuthorizeNetSource, MirapaySource, PaypalSource, and StripeSource Exclusive sources: AdminProxySource, BlackholeSource, and EduroamSource
Source by Type	For advanced users, authentication sources are selected from source code modules by their type. Internal sources: AD, EAPTLS, Htpassword, HTTP, LDAP, Potd, RADIUS, and SAML External sources: Email, Null, SMS, and SponsorEmail Social login sources: OAuth (all of the following), Facebook, Github, Google, Instagram, Kerberos, Kickbox, LinkedIn, OpenID, Pinterest, Twilio, Twitter, WindowsLive Authorization sources - Authorization Billing sources: Billing (all of the following), AuthorizeNet, Clickatell, AuthorizeNet, Mirapay, Paypal, and Stripe Exclusive sources: AdminProxy, Blackhole, and Eduroam
Source by Authentication Class	For advanced users, authentication sources are selected from source code modules by their authentication class. internal external billing exclusive

Authentication

Authentication modules are used to implement a particular form of authentication. The fields in this module's definition vary slightly depending on the type of authentication. The possible authentication modules are:

Billing
Blackhole
Choice
Email
Login
Null
Facebook
Github
Google
Instagram
LinkedIn
OpenID
Pinterest
Twitter
WindowsLive
Password
SAML
SMS
Sponsor

The super set of the fields used in these methods is:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	login_policy
Description	A description of the authentication type that will be displayed.	Enter your email address
Mandatory fields	The information fields that the user must fill in for the authentication.	email
PID Field	The name of the field that will be associated with the user - the personal ID.	email
Authentication Source	The authentication source to be used in the module. If no source is specified, all the sources of the connection profile will be used.
Fields to Save	A list of fields that will be saved throughout the registration process.	firstname lastname
Require AUP	If checked the AUP (acceptable use policy) will be presented to the client.
AUP Template	The template that holds the AUP text.	aup_text.html
Template	The template for the page display.	content-with-choice.html
Signup Template	The name of the template used for signing in to a service.	signin.html
Username	The user name used for all authentications.
Forced Sponsor	If specified, the sponsor email to be used. Otherwise, the user must specify the sponsor's email address.
Landing Template	The name of the template used for OAuth sign in.	oauth2/landing.html
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.
Modules	One or more other modules. Select for the first module, then use the sign for more. The drop-down list offers the choice of all other modules, organized by type. Modules can be reordered by selecting its number and moving it up or down in the list.
Authentication Sources	The authentication sources to be used for the authentication, chosen from those available in Authentication Sources. If blank, then the authentication sources specified in the Connection Profiles will be used. Select for the first source, then use the sign for more.
Show Advanced Source Filtering	This advanced feature allows source from internal classes, types , and authentication classes that are part of the connection profile to be added to the available sources.

Provisioning

Provisioning modules are used to perform actions without user input. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	provision_role
Description	A description that accompanies the ID.	Sets role to guest
Skip	Indicates whether or not the provisioning can be skipped.
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.

FixedRole

FixedRole modules are used to associate specific roles for the user. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	provision_role
Description	A description that accompanies the ID.	Sets role to guest
Roles	A selection of defined Roles that will be affected during authentication.	guest admin
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.

Message

Message modules are used to display messages to clients. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	provision_role
Description	A description that accompanies the ID. HTML in this field will not be escaped.	Sets role to guest
Message	The message to be displayed.
Template	The template that will be used to display the message.	message.html
Skip	Indicates whether or not the provisioning can be skipped.
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.

Select Role

The Select Role module allows administrators to select specific roles for other clients. Every time an administrator is registered with one of the members of Admin Roles field where the SelectRole portal module is active, then the administrator will be asked which role from the list in Roles should be assigned to the device. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	set_user_role
Description	A description that accompanies the ID.	Admin sets user's role
Admin Roles	A set of roles that are considered administrators for this operation.	admin
Roles	A set of roles for the administrator to choose from.	sales marketing employees
Template	The template used to display and select the role.	select-role.html
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.

Survey

The Survey module is used to present a survey to users. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.
Description	A description that accompanies the ID.
Survey	The survey to use. Surveys are defined in the survey.conf file.
Template	The template used to display and select the role.	select-role.html
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.

URL

URL modules are used to redirect users to external web pages. External web sites should use the Fencing page to set registration and/or isolation passthroughs for the external web pages. The fields in this module's definition are:


Field	Usage	Example
Name	A name used to identify the module. The ID can only include alphanumeric characters, dashes, and underscores.	get_token
Description	A description that accompanies the ID.	Obtain XYZ service token
URL	The URL to which users should be redirected.
Skip	Indicates whether or not the provisioning can be skipped.
Actions	One or more actions to be performed when the CWP page is displayed. Select for the first action, then use the sign for more. The drop-down list offers choices described in Module Actions. Actions can be reordered by selecting its number and moving it up or down in the list.

Module Actions

The actions that can be performed in modules are:


Action	Usage	Example
Role	Sets a user role.	guest
Unregistration date	Sets the unregistration date for the user in yyyy-mm-dd format.	2020-01-01
Access duration	Sets the user's access duration, chosen from a list that varies from hours to days.	1h
Time balance	Sets the user's time balance, chosen from a list that varies from hours to days.	5D
Bandwidth balance	The amount of data that can be transferred. The format is:`[DIRECTION][LIMIT][INTERVAL(optional)]`The DIRECTION can be set to inbound (IN), outbound (OUT), or total (TOT) bandwidth. The LIMIT number can be set in units of bytes (B), kilobytes (KB), megabytes (MB), gigabytes (GB), or petabytes (PB). The INTERVAL is the time window during which potential abuse will be measured; this can be set in number of days (D), weeks (W), months (M), or years (Y).	IN50GB1m