remove authentication credentials at logoff (or reboot/shutdown)

  • 1
  • Question
  • Updated 5 years ago
  • Answered

We are using an student SSID at our school. Because we mostly use BYOD on this SSID we have chosen for a captive web portal. When a user is authenticated by the CWP, the credentials are automaticaly used after a reboot. We want that users need to re-authenticate after a reboot (because someone else can use the same system). Is this configurable in the hivemanager?
Photo of Hans Matthé

Hans Matthé

  • 42 Posts
  • 2 Reply Likes

Posted 5 years ago

  • 1
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Consider how this works. After being authenticated via the CWP, the session is tied to the MAC address of the client. This is usually an independent process to a logon/logoff event on the device itself. (Where's the feedback loop to the AP to know it should end the session if the connection to the AP is persisted?)

Additionally, on the reboot front, you could easily enter in to a disruptive false positive situation if the AP was too aggressive on when it considers a client to have disconnected, which would then require interactive reauthentication in the browser.

Perhaps look at using 802.1X rather than a CWP?

(BYOD should also mean privately owned devices, not ones that you own/manage and hand out, or that are shared.)