aspose file tools*
The moose likes JSP and the fly likes Suggestion for Secure site required Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JSP
Bookmark "Suggestion for Secure site required" Watch "Suggestion for Secure site required" New topic
Author

Suggestion for Secure site required

madhup narain
Ranch Hand

Joined: Dec 14, 2004
Posts: 148
Hi

I need some advice/suggestions. Initially i have no idea where i need to post this but i think JSP would be the correct forum.

We are supposed to build a web interface that would require only specific clients to access the website. Right now theres one way to authenticate the user using a login Id and a password.

In order to restrict the access of the site we would like to provide another level of security.

I was wondering is there any way of locking the site access to a particular computer?

Are Certificates a way out?

Is there anyway to make the access non distributable even if the user name and password is known or leaked?

Any help regarding this would be appreciated


Money for nothing and Java for Free
SCJP, SCWCD
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41885
    
  63
From the request you know the IP address of the client machine, or at least the IP address of the clients ISP. Depending on the circumstances it may be feasible to check that against a range of allowed addresses, and allow or deny access as appropriate.


Ping & DNS - my free Android networking tools app
madhup narain
Ranch Hand

Joined: Dec 14, 2004
Posts: 148
We were initially going on with the idea of checking IP addresse, but that may not be feasible if the client would be using a dial-up.

So is there anymore solution to doing this ?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41885
    
  63
Like you already suggested, client certificates would be a way to go.
madhup narain
Ranch Hand

Joined: Dec 14, 2004
Posts: 148
Hi

Where would be a good place for learning the basics of certificates, installing.

Thanks
 
Consider Paul's rocket mass heater.
 
subject: Suggestion for Secure site required