The Design And Implementation Of A Network Authentication System Based On The Layer 2 Portal

The portal authentication technology has been developed for over ten years.It is mainly applied to the management and control of access users in the network authentication system.A portal authentication system based on a Layer 2 network with flexible interaction and good interactivity is designed.First,the user's HTTP request is redirected by the authentication server and the request information is sent to the Web server.Then the user information encapsulated into data packets is processed multiple times in the remote server and authentication server.After the system authentication business is completed,this authentication method will be used in conjunction with 802.1X authentication and MAC address authentication to realizing the diversification of user access modes.The user uses a Web browser sends HTTP packets to trigger Layer 2 portal authentication.In the process of authentication,the MAC address is used as the unique identifier of the user,and the user's specific authority and attribute are assigned by setting the user's authentication status.After the authentication succeeds,the user is authorized to send data to the kernel driver to realize the control of the user data packets and traffic.After the authorization succeeds,the accounting information is sent to the driver by the remote service for real-time accounting.Hot-Standby mechanism and maximum user settings are used to ensure that the user size of the growing business needs.The use of data between servers closely linked to identify and process different types of data messages.In order to meet the effectiveness and continuity of access network resources,the system design a series of rules to match the function in a specific environment of the user.In the process of interacting with the other two authentication modes,the order of user access to network resources is defined by designing the authentication priority.In order to ensure the uniform management of user information and the coordinated scheduling of user attributes,real-time control of user data is realized by frequent data interaction between port security and other authentication modules.In the realization of user access under the premise of diversification,the system can more efficiently handle user requests.The experimental results show that the system can meet the management and control of the access users well,guarantee the users to access the network with the best access mode,and have perfect functional properties and high performance requirements.