This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes Servlets and the fly likes How to allow only some computers to access the web application in internet? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Servlets
Bookmark "How to allow only some computers to access the web application in internet?" Watch "How to allow only some computers to access the web application in internet?" New topic
Author

How to allow only some computers to access the web application in internet?

akash kumar
Ranch Hand

Joined: Jun 13, 2007
Posts: 63
I have a requirement where I have to allow only some of the computers to access the web application in the internet. How can I do it? I don't want to restrict them based on their IP. But I can install applications in the specific computers beforehand.
Nishan Patel
Ranch Hand

Joined: Sep 07, 2008
Posts: 688

I don't think so without IP Address you can restrict some computer on internet ..


Thanks, Nishan Patel
SCJP 1.5, SCWCD 1.5, OCPJWSD Java Developer,My Blog
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42039
    
  64
I don't want to restrict them based on their IP.

Why not?

Is it really machines you want to restrict, or is it users?


Ping & DNS - my free Android networking tools app
akash kumar
Ranch Hand

Joined: Jun 13, 2007
Posts: 63
Ulf Dittmer wrote:
I don't want to restrict them based on their IP.

Why not?

Is it really machines you want to restrict, or is it users?


It's Only the Machines. I want my web application to be accessible only if it is accessed from some machines and not on any other machines.
Nishan Patel
Ranch Hand

Joined: Sep 07, 2008
Posts: 688

Hi Akash,

It's Only the Machines. I want my web application to be accessible only if it is accessed from some machines and not on any other machines.


What kind of Machine do you want to say.

At least the machine identified with some unique key then you can restrict your machine .... DO you have another option except IP Address...
akash kumar
Ranch Hand

Joined: Jun 13, 2007
Posts: 63
Nishan Patel wrote:Hi Akash,

What kind of Machine do you want to say.

At least the machine identified with some unique key then you can restrict your machine .... DO you have another option except IP Address...


By machine I mean a normal PC. And for unique key we can use MAC address.
Nishan Patel
Ranch Hand

Joined: Sep 07, 2008
Posts: 688

Hi Akash,

By machine I mean a normal PC. And for unique key we can use MAC address.


yes, you can restrict user using MAC address.

Just do one thing store that MAC address to your database for restrict that machine. Now when request comes to your server check that MAC address available to your database just block that machine....
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42039
    
  64
How will the web app find out the MAC address of the client machine in the first place?
Nishan Patel
Ranch Hand

Joined: Sep 07, 2008
Posts: 688

Ulf Dittmer wrote:How will the web app find out the MAC address of the client machine in the first place?


I dont know weather it will help you or not but using java we can use something like....



and Using java script ....



I am not sure about it will work or not...
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 42039
    
  64
Nishan Patel wrote:
How will the web app find out the MAC address of the client machine in the first place?

I dont know weather it will help you or not but using java we can use something like....

That's not much use unless the web page contains a signed applet that can run this code.

and Using java script ....

Many companies prohibit the use of ActiveX controls in browsers, and it only works in IE on Windows to begin with.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16101
    
  21

akash kumar wrote:
Nishan Patel wrote:Hi Akash,

What kind of Machine do you want to say.

At least the machine identified with some unique key then you can restrict your machine .... DO you have another option except IP Address...


By machine I mean a normal PC. And for unique key we can use MAC address.


No you can't. MAC addresses can't cross LAN segment boundaries. IP addresses only work if there's no NAT mechanism or something similar blurring them - and they're not being randomly assigned by DHCP.

You could put security certificates on the authorized machines, however.


Customer surveys are for companies who didn't pay proper attention to begin with.
Nishan Patel
Ranch Hand

Joined: Sep 07, 2008
Posts: 688

Thanks Ulf,Tim


My code will not work...
akash kumar
Ranch Hand

Joined: Jun 13, 2007
Posts: 63
Thanks for all the replys. I will try the security certificates method.

Hi nishan! I really appreciate your helping tendency and thanks for posting a reply for my question. I am not trying to offend you but I had to ask it. You don't know the difference between the web application and a normal java program yet you are coming up with an answer regarding a web application which I have clearly mentioned it in my question. Moreover you are talking about "Enterprise Design Patterns" in your blog . Don't you think your answers are a bit misleading?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16101
    
  21

Nishan Patel wrote:
Thanks Ulf,Tim


My code will not work...


Well, it looks like it might work. Except for the one fatal flaw. It has to run on the client. Never trust a client.

We manually overrode the MAC addresses at one shop I worked at, replacing the low-order part of the ID with the corporate inventory asset number. We weren't necessarily limiting access to just one server/application, however. If there was trouble on the LAN, doing a RARP on the MAC would tell us whose machine it was without needing a separate MAC address database.

Another problem is that you can put multiple NICs in a box - or these days, even virtual NICs. Which is why the API returns a collection of MAC addresses instead of just "the" mac address. In order to post this message, in fact, I run from my desktop to a router to a switch to a dual-NIC host that acts as a gateway to the cloud router. And that's just the on-campus configuration!
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to allow only some computers to access the web application in internet?