[pfsense-2.3.1] captive portal redirect-url before auth

aurel

The problem is not of url but of this code

it doesn't works in 2.3 version can you help me

require("globals.inc");
$request_uri = urldecode(str_replace("/index.php?redirurl=", "",  $_SERVER["REQUEST_URI"]));
$portal_redirurl = urldecode("$PORTAL_REDIRURL$");
if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) {
	Header("Location: $PORTAL_REDIRURL$");
	exit;
}
?>

Gertjan

:8000 ?

From what version did you upgrade ?
What I recall is that port "8000" hasn't been used for years - and, first of all, shouldn't be hard coded anywhere.

It easy to proof this to yourself : use a no tampered pfsense portal  (clean install - minimal setting) and a clean browser.
Then go to http://www.google.com (NOT https://www.goolge.com) and it works ….

If you have portal troubles, please know that this one exists : https://doc.pfsense.org/index.php/Captive_Portal_Troubleshooting

Can you tell me (and yourself) what this command gives back :

ipfw -x 2 show | grep 'fwd'

"x 2" because the command "ipfw zone list" said me to do so.

aurel

8000 it's an error (it's old port) sorry it's 8003 in my config

so captive portal work perfectly with redirect-url before authentication in 2.2

i upgrade in 2.3 and problem appear

the command said fwd on port 8002 tcp 80 but i have juste one zone on port 8003

i think to delete portal and go to config from scratch

what do you think about?

aurel

so i'm test config from scratch (i delete the old portal and recreate it)

Now loop stop but stay on blank page

https://domain.com:8003/index.php = blank page
and
https://domain.com:8003/index.php?zone=zone_name = blank page

vikram29

Hi All,

Me too facing a similar issue.

I need to show a video before authenticating. The video shows correctly before authentication but it doesn't redirect to the CP.
I placed a link on the video page http://10.10.10.1:8002/?zone=local and also http://10.10.10.1:8002/index.php but both return a blank page when the link is clicked.
Me too running 2.3 version.

Please help.

Regards,
Vikram

Gertjan

@aurel:

https://domain.com:8003/index.php = blank page
and
https://domain.com:8003/index.php?zone=zone_name = blank page

Basic - normal 'http' works ? If so, its a https (SSL == certificate issue ?)
If not, it could be a DNS "domain.com" issue (pfSense needs to knwo who "domain.com" so it can inform the client, because browser can not work with "domain.com", they use "IP/index.php like 192.168.2.1/index.php. If the translation "domain.com" to "192.168.2.1" (done by pfSense) doesn't work, then do not use "domain.com" (which has to be used if you activated "https" login - certoficates works with domaine names, nt IP's), or do not use https.

Btw : go here and read the very first subject https://forum.pfsense.org/index.php?board=2.0 not all is important for you, but it shwon what need to be done so https login works.
Actually, it explain how to set up a https web server (the one used by pfSense which presents a login page to the visitor) - it can be pretty daunting if it is your first time …..

aurel

Hey
With ip address it is the same problem
Https work find whitout pre-auth redirect URL, it is really in this case when you want tout go back from the page to CP index

vikram29

Hey,

The problem is solved. Using different method although.
Reference post https://forum.pfsense.org/index.php?topic=4937.msg61808#msg61808

Regards,
Vikram

aurel

No it is a different method but this problem is not solved. ;)

Gertjan

I agree, I do not understand  what the difference is between:
"Pre-authentication redirect URL" (html : preauthurl)
and
"After authentication Redirection URL" (html : redirurl)

If "After authentication Redirection URL" is set (and only that one) with an URL, I get redirected to that page after login.
If "Pre-authentication redirect URL" is set (and only that one), I get redirected to that page after login.

Now, check out the code in /etc/inc/captiveportal.inc - line 1952.
The codes explains what happening ….. but now, what is the meaning of "Pre-authentication redirect URL" if both "Pre-authentication redirect URL" and "After authentication Redirection URL" are present (the second overwrites the first when both set)

Do you need the "Pre-authentication redirect URL"  page ? (which means to me : before the login page, visitor are redirected else where )

aurel

"Pre-authentication redirect URL" (html : preauthurl)
and
"After authentication Redirection URL" (html : redirurl)

In fact if you want "force" user to see something else for exemple contract agreement, advertising etc.. you use pre-authentication redirect URL.

After user logon the captive portal he is redirect to a website (for exemple a famous search engine ;) ) but he can go where he want ….before not

Gertjan

@aurel:

In fact if you want "force" user to see something else for exemple contract agreement, advertising etc.. you use pre-authentication redirect URL.

After user logon the captive portal he is redirect to a website (for exemple a famous search engine ;) ) but he can go where he want ….before not

Yep, that's what I make of it ….

But, if you can 'read' some PHP :
@Gertjan:

Now, check out the code in /etc/inc/captiveportal.inc - line 1952.

which I find surprising.

julio_cdn

@aurel:

The problem is not of url but of this code

it doesn't works in 2.3 version can you help me

Usar el sgte codigo

o en todo caso agregar la linea , a su portal que ya tengan.

Saludos

require("globals.inc");
$request_uri = urldecode(str_replace("/index.php?redirurl=", "",  $_SERVER["REQUEST_URI"]));
$portal_redirurl = urldecode("$PORTAL_REDIRURL$");
if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) {
	Header("Location: $PORTAL_REDIRURL$");
	exit;
}
?>

empbilly

For me was happening the same problem. I have a custom page to make the user login, but after the update did not occur redirection. I checked my .html file and noticed a slight difference. The code below was missing.

P.S. At the configuration page of the captive portal has this information.

Example code for the form:

I put this entry and voila !!! It worked!!! In 2.2.6 version I didn't have this line and was working normal.

Some explanation?

ghinthsh

@empbilly:

For me was happening the same problem. I have a custom page to make the user login, but after the update did not occur redirection. I checked my .html file and noticed a slight difference. The code below was missing.

P.S. At the configuration page of the captive portal has this information.

Example code for the form:

I put this entry and voila !!! It worked!!! In 2.2.6 version I didn't have this line and was working normal.

Some explanation?

Nice to know CP works in 2.3

I'll try it later i hope it is the same for pfsense 2.3 clean installation using the same procedure.

aurel

yes in 2.3 you must change index page and add the zone field

for me it's when i use the pre-redirurl before authentication

i can't return on the captive portal to connect me

the url

https://hotspot.domain.com:8005/index.php?zone=zone_name

loop on pré-redirurl page

i think that code below is a part of my problem

$request_uri = urldecode(str_replace("/index.php?redirurl=", "",  $_SERVER["REQUEST_URI"]));
$portal_redirurl = urldecode("$PORTAL_REDIRURL$");
if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) {
	Header("Location: $PORTAL_REDIRURL$");
	exit;
}

Gertjan

@aurel:

the url
https://hotspot.domain.com:8005/index.php?zone=zone_name
loop on pré-redirurl page

Maybe.
But who is gonna use an URL like that ?

My setup permits me to :
People visit a http site (let's say : http://www.google.com)
They are intercepted, and redirected to my captive portal page : (which is : https://portal.my-pfsense-domain.tld/….. but who cares)
They identify themselves.
When accepted, they are redirect to the initial URL they were requesting, in this case http://www.google.com

aurel

for me

https://doc.pfsense.org/index.php/Captive_Portal_Pre-authentication_Redirect

not working on 2.3

can i open a bug in pfsense redmine project ?

Riroxi

same issue here on 2.3

Riroxi

Got the trick.

To Pre-authentication redirect URL works, just remove this line:

require("globals.inc");

From the official help: https://doc.pfsense.org/index.php/Captive_Portal_Pre-authentication_Redirect

Then, the code will look like this:

$request_uri = urldecode(str_replace("/index.php?redirurl=", "",  $_SERVER["REQUEST_URI"]));
$portal_redirurl = urldecode("$PORTAL_REDIRURL$");
if(!stristr(urldecode("$PORTAL_REDIRURL$"), $request_uri)) {
        Header("Location: $PORTAL_REDIRURL$");
        exit;
}
?>

Upload to Portal page contents and be happy

Works fine to me.

Cya