untangle · singhrohit23 · Aug 22, 2025
diff --git a/captive-portal/hier/usr/share/untangle/conf/apache2/conf.d/capture.conf b/captive-portal/hier/usr/share/untangle/conf/apache2/conf.d/capture.conf
@@ -18,3 +18,13 @@ Alias /capture @PREFIX@/usr/share/untangle/web/capture
     PythonHandler mod_python.publisher
     PythonDebug On
 </Location>
+
+<Location /capture/login>
+    DirectoryIndex login.py
+    Order Allow,Deny
+    Allow from All
+    Require all granted
+    AddHandler mod_python .py
+    PythonHandler mod_python.publisher
+    PythonDebug On
+</Location>
diff --git a/captive-portal/hier/usr/share/untangle/web/capture/handler.py b/captive-portal/hier/usr/share/untangle/web/capture/handler.py
@@ -2,7 +2,8 @@
 from mod_python import util
 from mod_python import Cookie
 import sys
-
+import requests
+import json
 if "@PREFIX@" != '':
     sys.path.insert(0, '@PREFIX@/usr/lib/python3/dist-packages')
 
@@ -94,7 +95,7 @@ def index(req):
 
     # get the original destination and other arguments passed
     # in the URL when the redirect was generated
-    args_keys = ['AUTHCODE', 'AUTHMODE', 'APPID', 'METHOD', 'NONCE', 'HOST','URI']
+    args_keys = ['AUTHCODE', 'AUTHMODE', 'APPID', 'METHOD', 'NONCE', 'HOST','URI', "CP"]
     args = _split_args(req.args);
     for key in args_keys:
         if not key in args:
@@ -105,6 +106,21 @@ def index(req):
 
     # load the configuration data
     appid = args['APPID']
+    #adding suport for direct captive portal page, covers multiple cp's scenario
+    if args.get('CP') == "Direct":
+        if args.get('APPID') == "Empty":
+            appid = Uvm().getUvmContext().appManager().app("captive-portal").getAppSettings().get("id")
+        else:
+            appid = args.get('APPID')
+
+        if appid:
+            #this url needs to be overriden
+            args['HOST'] = 'microsoft.com'
+            args['METHOD'] = 'GET'
+            args['URI'] = '/'
+            args['APPID'] = str(appid)
+            args['NONCE'] = Uvm().getUvmContext().appManager().app(appid).generateNonce(
+            args['HOST'], args['METHOD'], args['URI'])
     captureSettings = _load_capture_settings(req,appid)
     captureApp = None
 
@@ -414,7 +430,11 @@ def _generate_page(req,captureSettings,args,extra='',page=None,template_name=Non
                 page = "<html><head><title>Captive Portal Error</title></head><body><h2>Invalid Captive Portal configuration</h2></body></html>"
                 return(page)
 
-        path = req.filename[:req.filename.rindex('/')]
+        #handle direct captive portal page scenraio, need to get actual path for pickpage.html
+        if args.get('CP', None) and args['CP'] == "Direct":
+            path = req.filename[:req.filename.rfind('/login/')]
+        else:
+            path = req.filename[:req.filename.rindex('/')]
         template_file_name = f"{path}/{template_name}"
 
         webfile = open(template_file_name, "r")

diff --git a/captive-portal/hier/usr/share/untangle/web/capture/login/login.py b/captive-portal/hier/usr/share/untangle/web/capture/login/login.py
@@ -0,0 +1,21 @@
+from mod_python import apache
+from mod_python import util
+from mod_python import Cookie
+
+
+
+import sys
+import os
+
+# Add parent directory (/usr/share/untangle/web/capture) to sys.path
+sys.path.insert(0, os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
+
+import handler  # Now this works
+
+def index(req):
+    #handle the condition for appid being passed.
+    if req.args:
+       req.args = f"{req.args}&CP=Direct"
+    else:
+        req.args = f"CP=Direct"
+    return handler.index(req)
diff --git a/captive-portal/src/com/untangle/app/captive_portal/CaptivePortalApp.java b/captive-portal/src/com/untangle/app/captive_portal/CaptivePortalApp.java
@@ -1047,6 +1047,22 @@ protected void destroyActiveUser(CaptivePortalUserEntry user)
         entry.setCaptivePortalAuthenticated(false);
     }
 
+     /**
+     * Fetch nonce required for direct static page
+     * 
+     * @param host
+     *        The host address for the traffic
+     * @param uri
+     *        The uri for the traffic
+     * @param method
+     *        The http method for the traffic
+     * @return String Nonce
+     */
+    public String generateNonce(String host, String uri, String method)
+    {
+        return replacementGenerator.getCaptivePortalParams(host,uri,method);
+    }
+
     /**
      * Called by the traffic handlers to allow passing traffic for authenticated
      * users.

diff --git a/captive-portal/src/com/untangle/app/captive_portal/CaptivePortalReplacementGenerator.java b/captive-portal/src/com/untangle/app/captive_portal/CaptivePortalReplacementGenerator.java
@@ -111,4 +111,20 @@ protected String buildRedirectUri(CaptivePortalBlockDetails redirectDetails, URI
 
         return super.buildRedirectUri(redirectDetails, redirectUri, redirectParameters);
     }
+
+     /**
+     * Fetch nonce required for direct static page
+     * 
+     * @param host
+     *        The host address for the traffic
+     * @param uri
+     *        The uri for the traffic
+     * @param method
+     *        The http method for the traffic
+     * @return Nonce
+     */
+    protected String getCaptivePortalParams(String host, String uri, String method){
+        CaptivePortalBlockDetails captivePortalBlockDetails =  new CaptivePortalBlockDetails(host, uri, method);
+        return super.generateNonce(captivePortalBlockDetails);
+    }
 }