I need some advice/suggestions. Initially i have no idea where i need to post this but i think JSP would be the correct forum.
We are supposed to build a web interface that would require only specific clients to access the website. Right now theres one way to authenticate the user using a login Id and a password.
In order to restrict the access of the site we would like to provide another level of security.
I was wondering is there any way of locking the site access to a particular computer?
Are Certificates a way out?
Is there anyway to make the access non distributable even if the user name and password is known or leaked?
Any help regarding this would be appreciated
Money for nothing and Java for Free
Joined: Mar 22, 2005
From the request you know the IP address of the client machine, or at least the IP address of the clients ISP. Depending on the circumstances it may be feasible to check that against a range of allowed addresses, and allow or deny access as appropriate.