How to Implement Yahoo Registration

This Help topic describes the steps for implementing guest registration using Yahoo as a way to obtain end user information.

In this scenario, the Guest Registration portal provides the option to register as a guest or log into Yahoo in order to complete the registration process. If the end user selects the Yahoo option, ExtremeCloud IQ Site Engine OpenID to securely access the end user's Yahoo account, obtain public end user data, and use that data to complete the registration process.

  NOTE: Guest OAuth (for example, Google, Yahoo) may not support native mobile browsers and display a “user agent” error. To access the network, use a standard browser application (e.g. Google Chrome).

Guest Registration using Yahoo has two main advantages:

  • It provides ExtremeCloud IQ Site Engine with a higher level of user information by obtaining information from the end user's Yahoo account instead of relying on information entered by the end user.
  • It provides an easier registration process for the end user. ExtremeCloud IQ Site Engine retrieves the public information from the end user's Yahoo account and uses that information to populate the name and email registration fields.

This topic includes information and instructions on:

Requirements

These are the configuration requirements for Yahoo Registration.

  • The ExtremeControl engine must have Internet access in order to retrieve user information from Yahoo.
  • The ExtremeControl Unregistered access policy must provide access to the Yahoo site (either enable all SSL or make allowances for Yahoo servers).
  • The ExtremeControl Unregistered access policy must provide access to HTTPS traffic to the Yahoo OpenID servers.
  • A Unique Yahoo application must be created on the Yahoo Developers page (see instructions below).
  • The Portal Configuration must have Yahoo Registration enabled and include the Yahoo Application ID and Secret (see instructions below).

Creating a Yahoo Application

When implementing guest registration using Yahoo, you must first create a Yahoo application. This generates an Application ID and Application Secret that are required as part of the ExtremeCloud IQ Site Engine OpenID process. Use the following steps to create a Yahoo application.

  1. Log into your existing account or create a new account.
  2. Access the Create Application page at https://developer.yahoo.com/apps/create/.



  3. Enter a name for the application in the Application Name field. Use a name that clearly indicates what its purpose is, for example, Extreme Networks Guest Registration.
  4. Select Web Application for the Application Type.
  5. Enter an Callback Domain in the following format https://<AccessControlengineFQDN>. Yahoo uses the Callback Domain to redirect the user back to the engine with an Access Token.
     NOTES:Yahoo OAuth APIs require your engine's FQDN resolves to a top level domain (.com, .net, .edu, .org, .mil, .gov, or .int. You cannot use a domain not classified as top level (e.g. MyGateway.MyCompany.Local) or the engines IP address, which can require you to reclassify your domain and hosts.

    Use only lowercase when entering the host and domain suffix (e.g. .com).
  6. Select Create App.

    The Client ID and Client Secret display at the top of the window.
    s



    Your application is created and ready to use.

    You need to add the client ID and client secret to your portal configuration.

Portal Configuration

The client ID and client secret assigned during the creation of the Yahoo application must be provided in the Portal Configuration in order for the entire process to complete properly.

  1. Open the Control > Access Control tab.
  2. In the left-panel tree, expand the Configuration > Captive Portals > Website Configuration > and select Guest Registration.

  3. In the Customize Fields section, select the Open Editor button to open the Manage Custom Fields window where you can change registration portal fields. Yahoo registration uses only the First Name, Last Name, and Email Address fields, and the Display Acceptable Use Policy (AUP) option. All other fields only apply to regular guest registration. If the Display AUP option is selected, the captive portal verifies that the AUP has been acknowledged before redirecting the user to Yahoo.
  4. Select the Yahoo Registration checkbox.
  5. Select Edit.
  6. Enter the Client ID in the App ID field and the Client Secret in the App Secret field.
  7. Select Save. Warning messages display stating that Verification Method and Sponsorship are not used for Yahoo registration, and that an FDQN is required will be enabled.
  8. Enforce the new configuration to your engines.

How Yahoo Registration Works

After you have configured Yahoo registration using the steps above, this is how the registration process works:

  1. The end user attempts to access an external Web site. Their HTTP traffic is redirected to the captive portal.
  2. In the Guest Registration Portal, the end user selects the option to register using Yahoo.
  3. The end user is redirected to the Yahoo login. If Acceptable Use Policy option is configured, the captive portal verifies that the AUP has been acknowledged before redirecting the user to Yahoo.
  4. When logged in, the end user is presented with the information that ExtremeCloud IQ Site Engine receives from Yahoo.
  5. The end user grants ExtremeCloud IQ Site Engine access to the Yahoo information and is redirected back to the captive portal where they see a "Registration in Progress" message.
  6. Yahoo provides the requested information to ExtremeCloud IQ Site Engine, which uses it to populate the user registration fields.
  7. The registration process completes and network access is granted.
  8. The word "Yahoo" is added to the user name so you can easily search for Yahoo registration via the Registration Administration web page.

Special Deployment Considerations

Read the following deployment consideration prior to configuring Yahoo Registration.

To provide access to your network via a wireless connection, create an L7 host record for the Unregistered Role on your Wireless Controller for login.yahoo.com. This domain is subject to change and can vary based on location.

Networks using DNS Proxy

Yahoo Registration for networks redirecting HTTP traffic to the captive portal using DNS Proxy requires additional configuration.

In order for Yahoo Registration to work properly with DNS Proxy, all domains/URLs necessary to properly load the Yahoo web page must be added to the Allowed URLs/Allowed Domains section of the captive portal configuration. Otherwise, the ExtremeControlengine resolves DNS queries for these components to the ExtremeControlengine IP causing the page to not load properly.

As of February 2017, you must add the following domains in order for Yahoo registration to work with DNS Proxy. This domain is subject to change and can vary based on location.

login.yahoo.com

Related Information

For information on related help topics: