I'm having trouble with the the hot spot services walled garden. If I white list a domain by its DNS entry (e.g. www.apple.com or apple.com) unauthenticated traffic still get's blocked to those URLs.
I'd like to white list Apple, because when an iOS device joins an open Wi-Fi network it checks for captive portals by opening www.apple.com in a pop up window. If the portal intercepts the request, then the portal's login page will display. A user must authenticate with the network at this step. You cannot close this popup and still be connected to the network.
The Ruckus captive portal will only do a one time IP lookup of any DNS entry in the white list. If you are trying to white list a cloud based web service that could come from many different IPs, then you are out of luck. It was simply not designed to handle that case correctly.
I got it working by using Squid to do the captive portal. You can write squid rules to handle FQDN's, respond with 302's, manipulate IP tables, and check authorization. It's non trivial though.
We're experiencing a similar problem when trying to authenticate a user via the Facebook API. @rotoole, might you share with us more details on your work-around. We've dabbled in several of the concepts you've mentioned but still unsuccessful. Thanks
BC, my company makes a solution, if you are interested. There are several approaches that will work either HTTP proxy based or RADIUS based. There are some other companies that also provide out of the box solutions. Just depends what you're looking to accomplish. Happy to chat, if you like: firstname.lastname@example.org