> A friend asked me a general question, which I am not sure how to implement.
> How to implement a network system, where a user will be given a password to
> login, which will then allow it to access internet for one session only ?
> (For another session, another password will be given.)
> Another scenario is: a user can bring its laptap, plugs in into a network
> port and login for a single session.
That's a fairly broad question. How is a 'session' defined? By time, by
visiting one page, one website? Is it restricted to port 80/443 TCP, or
does it imply any type of connection to anything the internet? What does
the rest of the network look like (i.e. do 'normal' users expect
unrestricted internet access, what routers/firewalls are in place?
The canonical answer is: install a router/firewall that makes sure
nothing on the network has internet access, and install a squid proxy
(either in transparent proxy mode, or put a small web server on the
network that server a proxy-autoconfiguration file that points new
clients to the proxy). Configure the squid to use some authentication
scheme that you control with your definition of 'session'. That could be
implemented as a simple username/password file with a couple of php or
perl scripts to manage it, an LDAP server, or some PAM modules.
I would Google for 'Internet Cafe setup', there are lots of ways to do this.