Network access providers utilizing Access Controlled Network Sharing technology to provide user-specific provisioned access to private/public networks may also have a need to allow controlled access for unauthenticated users to a restricted collection of network destinations.
For example, a shopping mall owner may want to provide any on-site customer possessing a wireless device (such as a laptop computer, PDA, etc.) with access to the Web server for the mall, plus one or more other Web sites that are associated with the mall (e.g., the local Web server for a tenant in the mall, such as a department store or movie theater). In this case, the collection of Web servers that the mall owner will allow an anonymous user to visit is referred to as the “walled garden”.
In addition, the mall owner may intend to provide unlimited web access to customers who agree to register with the mall owner, and identify themselves (by providing credentials—typically, in the form of a user identifier and a password that were assigned at the time they registered) whenever they wish to be granted full access to the Internet. The process of verifying a customer's credentials is referred to as “authentication”.
Previous solutions would either 1) require that the network destination of the authentication service (i.e., the “captive” portal) be specified explicitly in a link on at least one of the web pages within the set of destinations that are members of the “walled garden”, or 2) require that the end-user manually enter the web address of the authentication service in the address bar of their web browser.