• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Devaka Cooray
  • Ron McLeod
  • Jeanne Boyarsky
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
  • Tim Holloway
Bartenders:
  • Martijn Verburg
  • Frits Walraven
  • Himai Minh

Time based licensing

 
Ranch Hand
Posts: 109
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi all,

i have an web application in which i want to restrict the user from using the system after pre-defined time. for eg: when i set up my application in a machine i will provide a license for 2 months and after two months the application should not allow any user login? how to do this ? any help would be highly appreciated

thanks
 
Ranch Hand
Posts: 263
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Assuming its a desktop application.

At the time of install, make a entry in Windows Registy about installation date/time. Always check that at the time of login, and if it is more than 2 months in the past - do not allow login!

OR

At the time of install capture the system date time, hash it with a secret key, and store that information in the file system in your installed dir. Everytime at the time of login check this hash and do the needful.

Were you thinking on these lines or something else?
 
Bartender
Posts: 11497
19
Android Google Web Toolkit Mac Eclipse IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There is a more simpler way possible, though not foolproof.

You mentioned a web application.
When tomcat explodes the war file, the last modified timestamp of the corresponding folder matches the time it was exploded. Just check that with the current system time.
 
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can write a serial number generator, which encodes the expiration date in itself so you can always check the decoded date against the current date. This method prevents the user to easily find and modify the expiration date.
 
jeff rusty
Ranch Hand
Posts: 109
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thank you all for your quick reply..

But unfortunately the solutions you have mentioned can be by-passed by the user by changing the system time.

for eg: today i am deploying the web application and giving it a license for 2 months, after two months if the user backdates to today's date then he can extend another two months.

Is there is foolproof solution to this or am i missing something?

thanks
 
Miklos Szeles
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm also curious if there's a really good solution for this. My first idea is to connect to some public time server and get the time from there(if it is possible). Or measure running hours or store the date and time on install(and update after every check) and check at startup to detect time manipulation.
 
Ranch Hand
Posts: 144
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Miklos Szeles wrote:I'm also curious if there's a really good solution for this. My first idea is to connect to some public time server and get the time from there(if it is possible). Or measure running hours or store the date and time on install(and update after every check) and check at startup to detect time manipulation.



The only relatively fullproof way to do this is to reject access by default and only grant usage access at login if your web app can succesfully verify that that user has a valid, non-expired license by checking with a remote server controlled by you that has this license information available. I say relatively fullproof because if the licensee has access to the deployed JAR files it is possible to reverse engineer your code and remove this obstacle.
 
Once upon a time there were three bears. And they were visted by a golden haired tiny ad:
the value of filler advertising in 2021
https://coderanch.com/t/730886/filler-advertising
reply
    Bookmark Topic Watch Topic
  • New Topic