This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Java in General and the fly likes Client Authentication(How to limit the computer to access to j2ee application) Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "Client Authentication(How to limit the computer to access to j2ee application)" Watch "Client Authentication(How to limit the computer to access to j2ee application)" New topic
Author

Client Authentication(How to limit the computer to access to j2ee application)

hu ecko
Greenhorn

Joined: Mar 28, 2008
Posts: 5
A j2ee application is deployed in tomcat, user in parent company(Intranet) or child company(Internet) will access to this application,

Here is a requirement:

Just specific computers can access to this application located in parent company,
that is, just the computer in company can access to this application, other computers outside of company can not access to application.

PS: The IP Address of child company is dynamic.

Do you have any experience about this kind of requirement?
Do you have any solution for this requirement?

Thank you very much!!!
Oleg Tikhonov
Ranch Hand

Joined: Aug 02, 2008
Posts: 55
Hello,
i think that a more appropriate way is to use JAAS.
In login mechanism you can add as "parameter" the name of this computer/s or its MAC address/es.

Cheers,
Oleg.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41040
    
  43
For users on the internal network you can just look at the IP address - they will generally be something like "192.168.x.y".

If the users on the outside don't have a common IP then I'd add username/password scheme to authenticate them (which is probably a good ideas to use for everyone, actually).


Ping & DNS - my free Android networking tools app
Sunil Vasudevan
Ranch Hand

Joined: Mar 05, 2007
Posts: 107
Is having username/password not considered safe enough?

Well, I did have such a requirement in one of my previous client(A Bank) due to sensitive data and they had put a restriction on the computers that can access the system. This was handled using client side certificates. It is a painful process as each system that would interface with the secure system would need to request for a client certificate. Here we had a server connecting to another server and we had limited number of servers.

In your case, the solution below might provide some pointers:
Have a user register a computer using a registration screen that would save a flash object on the user system. When the user logs in, read the flash object and the data stored in it to identify if this is a registered computer and registered to a specific user. This is similar to storing a cookie, but cookies can be deleted easily.




Sunil.V<br />SCJP2, SCWCD1.4, SCBCD1.3
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Client Authentication(How to limit the computer to access to j2ee application)
 
Similar Threads
How to allow only some computers to access the web application in internet?
Sleeping Threads
Question on Extensibility
testing application
connection error when running web aplication using Tomcat 6.0