aspose file tools*
The moose likes JSP and the fly likes Suggestion for Secure site required Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Suggestion for Secure site required" Watch "Suggestion for Secure site required" New topic
Author

Suggestion for Secure site required

madhup narain
Ranch Hand

Joined: Dec 14, 2004
Posts: 148
Hi

I need some advice/suggestions. Initially i have no idea where i need to post this but i think JSP would be the correct forum.

We are supposed to build a web interface that would require only specific clients to access the website. Right now theres one way to authenticate the user using a login Id and a password.

In order to restrict the access of the site we would like to provide another level of security.

I was wondering is there any way of locking the site access to a particular computer?

Are Certificates a way out?

Is there anyway to make the access non distributable even if the user name and password is known or leaked?

Any help regarding this would be appreciated


Money for nothing and Java for Free
SCJP, SCWCD
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39547
    
  27
From the request you know the IP address of the client machine, or at least the IP address of the clients ISP. Depending on the circumstances it may be feasible to check that against a range of allowed addresses, and allow or deny access as appropriate.


Ping & DNS - updated with new look and Ping home screen widget
madhup narain
Ranch Hand

Joined: Dec 14, 2004
Posts: 148
We were initially going on with the idea of checking IP addresse, but that may not be feasible if the client would be using a dial-up.

So is there anymore solution to doing this ?
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39547
    
  27
Like you already suggested, client certificates would be a way to go.
madhup narain
Ranch Hand

Joined: Dec 14, 2004
Posts: 148
Hi

Where would be a good place for learning the basics of certificates, installing.

Thanks
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Suggestion for Secure site required
 
Similar Threads
how do you store user's password?
Fast access to web in j2ee environment
Use wss4j for service and method level acces control
Accessing LDAP Registry using Java API
Login to a ssl enabled site using encrypted password