how to interface JSON with Coova chilli
By default JSON interface makes use of CHAP passwords. So, in this article, we will learn following things.
JSON interface and JSON service terms are used interchangeably and refer the same thing.
chilli.conf – It is main config file that will source various secondary configuration files under the chilli directory. It also defines the scripts to start and shutdown the chilli program.
main.conf – it is automatically generated and overwritten.
hs.conf – it is created by startup script
local.conf – it is also created by startup script
defaults – it contains the default values that will be used by /chilli/functions to produce the /chilli/main.conf file
config – it starts out as a copy of defaults file and subsequently modified by the user. it is used together with defaults file to generate main.conf file during startup scripts.
JSON in coova chilli
Status can be checked http://10.1.0.1:3990/json/status
Chilli daemon will then redirect to the page defined in the HS_UAMFORMAT variable.
A simple captive portal page
<!-- A purely HTML based captive portal using the JSON interface of CoovaChilli -->coova hotspot
And, chilli.js file will be like
We assume that the user got an IP from the coova chilli daemon, and navigates to a web page.
If the ‘HS_UAMHOMEPAGE’ value is defined, it will redirect the user first to this page.
As mentioned before, this is typically a ‘splash’ type page which will then redirect the user to the ‘/prelogin’ service.
User gets a captive portal page.
The ‘/prelogin’ service will redirect the user to the page defined as the HS_UAMFORMAT variable.
This will then be the index.html page which we created.
It will be called with a query string containing info such as the IP and port that the coova chilli daemon runs on, as well as the site the user tried to connect to.
index.html calls chilli.js
The index.html page sources the chilli.js file.
It will use this info to get the /www/chillijs.chi file.
The content of /www/chilli.chi gets dynamically created by the haserl program to include coova chilli specifics specified in the configuration files.
chillijs.ch calls chillijs.chi.sh
Chillijs.chi.sh is a shell script which does the following.
Run config.sh which will source the variables defined in ‘defaults’ and ‘config’ files.
Sources the ChilliLibrary.js file.
Set certain attributes of the chilliController object based on the values received from the config.sh script.
Sources the chilliController.js file.
As a note, if you are curious to see more detail on the JSON communication between the captive portal page and the coova chilli daemon’s JSON interface, you can activate Firebug in Firefox and add
echo “chilliController.debug = true;”
to the chillijs.chi.sh script.
This will output dedug info to Firebug’s console.
chillController.js calls chilliform.chi
Chilliform.chi calls chillifrom.chi.sh
Chilliform.chi.sh is a shell script which sources the json_html.tmpl file and replace the innerHTML of the ‘loginForm’ object with this text.
User gets his logon page
After all the above is completed the user is faced with a logon page asking for their credentials.
Using FreeRADIUS PAP passwords and JSON
The code in the ChilliLibrary.js uses CHAP (Challenge and Reply protocol) but you can with little effort get it to work with PAP. We need a few things in place for this.
The password will be passed in cleartext, thus to prevent other people to potentially sniff the packets and obtaining a username and password pair, we have to use HTTPS.
Modify the ChilliLibrary.js to accommodate PAP passwords
The logon query to the JSON service for CHAP passwords looks like this:
The logon query for PAP passwords looks like this
where $pappasword is the value returned by the UAM JSON web service for the challenge from the coova chilli daemon.
You need to modify the ChilliLibrary.js file to authenticate with PAP by changing the following line under ‘chilliController.logonStep3′.
/* Build /logon command URL */
//var logonUrl = chilliController.urlRoot() + 'logon?username=' + escape(username) + '&response=' + resp.response;
var logonUrl = chilliController.urlRoot() + 'logon?username=' + escape(username) + '&password=' + resp.response;
This will now attempt to logon using PAP instead of CHAP.
Define the UAMSERVICE
Specify where the JSON UAM web service reside by defining the following setting:
Ensure the value of HS_UAMSECRET is the same as in the uam.pl file.