File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Clojure in Action this week in the Clojure forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

IP based authentication

 
Vipsha Sharma
Greenhorn
Posts: 5
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

How to implement IP based authentication thru Java. We are maintaining one website for which we need to enable the IP access.We actually got a request from our client to make the content of this website free for the users belongs to Norway.
I need to have an idea how the logic to be built and which java API I can use.

This is urgent.

Help would be appreciated.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64192
83
IntelliJ IDE Java jQuery Mac Mac OS X
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Originally posted by Vipsha Sharma:
This is urgent.

Please read this.
 
Rahul Bhattacharjee
Ranch Hand
Posts: 2308
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Vipsha Sharma:

Have you thought anything in this direction ? Do let us know so that we can add to that.

Here is what I think about it.This concept might be possible of clients having static IP's , but what about other web clients connected to internet using dynamic IP's.One more petential problem which designing is that HTTPServletRequest can give you the IP of the last proxy through the request has passed.So it might be tricky to get the IP of the request initiating client.
 
Santhosh Kumar
Ranch Hand
Posts: 242
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
From Javadoc: <code>
Servlet.getRemoteAddr()
Returns the Internet Protocol (IP) address of the client or last proxy that sent the reque
</code>

So the ip you get in your servlet could be the actual ip of the user, or proxy of the user's internet connection. You can findout from the network portion of the IP address, if that ip belongs to a particular geographic location. Most of the time the network portion of the proxy ip too would resolve the approximate location of the user's ip so, with grain of salt, you can use that to authorize the content.

Just a note: From the question content, I believe you are trying to "authorize" based on the ip. It is important to get the termanalogies right so people who tries to answer, need not get confused.
 
Richard Green
Ranch Hand
Posts: 536
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Setup a filter that looks at the IP address of the request and deny's/allow's access to it.
 
Vijay K Vivek
Greenhorn
Posts: 27
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Richard,
When you mean set up a filter, do you mean writing a servlet filter and filtering based on IP address. If I use the request.getRemoteAddress as suggested previously will it not still have the same issues of an approximate IP address and we can never be sure of the real source?
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic