• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to allow only some computers to access the web application in internet?

 
akash kumar
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have a requirement where I have to allow only some of the computers to access the web application in the internet. How can I do it? I don't want to restrict them based on their IP. But I can install applications in the specific computers beforehand.
 
Nishan Patel
Ranch Hand
Posts: 689
Eclipse IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't think so without IP Address you can restrict some computer on internet ..
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't want to restrict them based on their IP.

Why not?

Is it really machines you want to restrict, or is it users?
 
akash kumar
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:
I don't want to restrict them based on their IP.

Why not?

Is it really machines you want to restrict, or is it users?


It's Only the Machines. I want my web application to be accessible only if it is accessed from some machines and not on any other machines.
 
Nishan Patel
Ranch Hand
Posts: 689
Eclipse IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Akash,

It's Only the Machines. I want my web application to be accessible only if it is accessed from some machines and not on any other machines.


What kind of Machine do you want to say.

At least the machine identified with some unique key then you can restrict your machine .... DO you have another option except IP Address...
 
akash kumar
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Nishan Patel wrote:Hi Akash,

What kind of Machine do you want to say.

At least the machine identified with some unique key then you can restrict your machine .... DO you have another option except IP Address...


By machine I mean a normal PC. And for unique key we can use MAC address.
 
Nishan Patel
Ranch Hand
Posts: 689
Eclipse IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Akash,

By machine I mean a normal PC. And for unique key we can use MAC address.


yes, you can restrict user using MAC address.

Just do one thing store that MAC address to your database for restrict that machine. Now when request comes to your server check that MAC address available to your database just block that machine....
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How will the web app find out the MAC address of the client machine in the first place?
 
Nishan Patel
Ranch Hand
Posts: 689
Eclipse IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:How will the web app find out the MAC address of the client machine in the first place?


I dont know weather it will help you or not but using java we can use something like....



and Using java script ....



I am not sure about it will work or not...
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Nishan Patel wrote:
How will the web app find out the MAC address of the client machine in the first place?

I dont know weather it will help you or not but using java we can use something like....

That's not much use unless the web page contains a signed applet that can run this code.

and Using java script ....

Many companies prohibit the use of ActiveX controls in browsers, and it only works in IE on Windows to begin with.
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18154
52
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
akash kumar wrote:
Nishan Patel wrote:Hi Akash,

What kind of Machine do you want to say.

At least the machine identified with some unique key then you can restrict your machine .... DO you have another option except IP Address...


By machine I mean a normal PC. And for unique key we can use MAC address.


No you can't. MAC addresses can't cross LAN segment boundaries. IP addresses only work if there's no NAT mechanism or something similar blurring them - and they're not being randomly assigned by DHCP.

You could put security certificates on the authorized machines, however.
 
Nishan Patel
Ranch Hand
Posts: 689
Eclipse IDE Java Scala
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Ulf,Tim


My code will not work...
 
akash kumar
Ranch Hand
Posts: 68
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for all the replys. I will try the security certificates method.

Hi nishan! I really appreciate your helping tendency and thanks for posting a reply for my question. I am not trying to offend you but I had to ask it. You don't know the difference between the web application and a normal java program yet you are coming up with an answer regarding a web application which I have clearly mentioned it in my question. Moreover you are talking about "Enterprise Design Patterns" in your blog . Don't you think your answers are a bit misleading?
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18154
52
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Nishan Patel wrote:
Thanks Ulf,Tim


My code will not work...


Well, it looks like it might work. Except for the one fatal flaw. It has to run on the client. Never trust a client.

We manually overrode the MAC addresses at one shop I worked at, replacing the low-order part of the ID with the corporate inventory asset number. We weren't necessarily limiting access to just one server/application, however. If there was trouble on the LAN, doing a RARP on the MAC would tell us whose machine it was without needing a separate MAC address database.

Another problem is that you can put multiple NICs in a box - or these days, even virtual NICs. Which is why the API returns a collection of MAC addresses instead of just "the" mac address. In order to post this message, in fact, I run from my desktop to a router to a switch to a dual-NIC host that acts as a gateway to the cloud router. And that's just the on-campus configuration!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic