• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

IP based authentication

 
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

How to implement IP based authentication thru Java. We are maintaining one website for which we need to enable the IP access.We actually got a request from our client to make the content of this website free for the users belongs to Norway.
I need to have an idea how the logic to be built and which java API I can use.

This is urgent.

Help would be appreciated.
 
Sheriff
Posts: 67748
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Vipsha Sharma:
This is urgent.


Please read this.
 
Ranch Hand
Posts: 2308
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello Vipsha Sharma:

Have you thought anything in this direction ? Do let us know so that we can add to that.

Here is what I think about it.This concept might be possible of clients having static IP's , but what about other web clients connected to internet using dynamic IP's.One more petential problem which designing is that HTTPServletRequest can give you the IP of the last proxy through the request has passed.So it might be tricky to get the IP of the request initiating client.
 
Ranch Hand
Posts: 242
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
From Javadoc: <code>
Servlet.getRemoteAddr()
Returns the Internet Protocol (IP) address of the client or last proxy that sent the reque
</code>

So the ip you get in your servlet could be the actual ip of the user, or proxy of the user's internet connection. You can findout from the network portion of the IP address, if that ip belongs to a particular geographic location. Most of the time the network portion of the proxy ip too would resolve the approximate location of the user's ip so, with grain of salt, you can use that to authorize the content.

Just a note: From the question content, I believe you are trying to "authorize" based on the ip. It is important to get the termanalogies right so people who tries to answer, need not get confused.
 
Ranch Hand
Posts: 536
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Setup a filter that looks at the IP address of the request and deny's/allow's access to it.
 
Greenhorn
Posts: 27
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Richard,
When you mean set up a filter, do you mean writing a servlet filter and filtering based on IP address. If I use the request.getRemoteAddress as suggested previously will it not still have the same issues of an approximate IP address and we can never be sure of the real source?
 
reply
    Bookmark Topic Watch Topic
  • New Topic