Captive Portal With Facebook Authentication - Need Help



  • Hi,

    I have developed Captive Portal Page that allows user to Login with Facebook, Post Authentication user will have Internet Access. For this
    I have added certian urls in Allowed host names to have limited Internet Connectivity so that user can do authentication. For example I have added api.facebook.com, edge-mqtt.facebook.com, static.ak.facebook.com, graph.facebook.com, m.facebook.com and more.

    Adding this URL's allowed user to goto Facebook Page for Authentication when there is no Internet Connectivity (Becuase I have added them in Allowed host names).

    Issue: When Authentication is not done It seems that the list is not complete. Facebook keeps on adding URL's and when ever there is new URL in backgroud Facebook will try to open URL and since there is no Internet Connectivity facebook page will keep trying opening URL unless timeout. Upon timeout Login page is shown.

    Can some one share Full list of ULR's that needs to be added in Allowed Hostnames? I have tried with wireshark and packet capture but seems that I need to enter more URL's in order to Imporve the speed of Authentication.

    Any altername method to do this?

    Sincere Thanks,

    Ameet Parse


  • Banned

    Just… DO... NOT... DO... THIS!!! This is such a horrible idea from the very beginning that it's not worth debugging.



  • @SmartCodar:

    Facebook keeps on adding URL's and when ever there is new URL in backgroud Facebook will try to open URL and since there is no Internet Connectivity facebook page will keep trying opening URL unless timeout. Upon timeout Login page is shown.

    and finally, the FB server detected that 'you' (your users) have aceBook access problems and the 'blacklist' you (your IP) altogether for a while.

    @SmartCodar:

    It seems that the list is not complete.

    and they keep doing so - this list http://bgp.he.net/search?search[search]=facebook&commit=Search never ends, and is still growing.
    Which is under stable: a 'good - final' solution after years of doing so will give the impression that 'it is always the same' and FB will LOOSE clients. CLienst/users want NEW things every day ….
    Their is only ONE solution : sign up with FB, some kind of contract that YOU, as a third party person, will use THEIR authenticity system that fires a signal (call-back) to your server (== Captive Portal).
    Go to one of their offices.
    Bring along a coding specialist (the public API won't lett you do what you need - you will have aces to another API (which also is evolving)
    Bring along a lawyer
    Bring along a huge amount of cash (Hey, you thought FB was free like 0 $ ? - they DO make money)

    You'll be having your FB authenticate pint with fixed URL's and IP's (never ever tell somebody about them, because if they become public, a simple ddoss will blackout these points, having big clients (who paid FB) leaving in the dark ..... and they will yell, because they paid for it)

    Etc etc.

    The secret of why FB works for everybody (well, they do go down, globally) is that works VERY distributed. If one FB host isn't available, another one. If one is overloaded, another one pops up. Capture this behavior with a what a

    Btw : tis question has been asked many times.
    It will be asked again next day, or tomorrow.

    To answer it, you should know what a "Captive Portal" is.
    How FB works (API).
    Mix up the to together and your have a real "Misssion Impossible 8" (the exception might be : be friends with the owner or your bank).

    I will NOT exclude the fact that a solution MIGHT exist.
    Maybe something like this: redirect the visitor to a local page that EXPLAINS:
    That the visitor should authenticate with FB in ONE minute. You open up your pfSEnse Captive portal for ONE minute for every new IP/MAC.
    After that, if it had NO FB call-back that says : Ok, this user (IP/MAC) logged in, your shut down the connection for X hours.


Log in to reply