Link to home
Start Free TrialLog in
Avatar of marcelocbf
marcelocbf

asked on

PHP: How uniquely identify computer ?

HI Experts,

I'm building an application in PHP, and besides the user authentication I need to also authorize computers.
So, I'd like to know if there is, or the best way, to uniquely identify a computer using those server-side tools or anything else ...

Note: I cannot use the computers' IP addresses since most of them will be accessing behind NAT.

Thanks,
ASKER CERTIFIED SOLUTION
Avatar of b0lsc0tt
b0lsc0tt
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of marcelocbf
marcelocbf

ASKER

Can you please, tell me, at least the tecnology I should use so I can start research ? It is gonna be an Internet page, but will not be public. Actually the users will be my employees, but they will be able to access from another computers on the Internet. I want to limit these computers. So, there will be not a problem if the user will be required to install something ...

Thanks,
If you just need to work with IE then you can look into ActiveX and making and ActiveX object.  If this needs to work with various browsers then you will need an applet.  Different languages can be used but the most common is Java.  It is especially common because most browsers and computers already have the "engine" to run it.  You should also look at getting the applet "signed" so when you release it the browsers will be more likely to trust it.

As far as methods of identifying the computer I can't help with that.  As you look into Java there should be some info on it.  I just haven't had the need or chance yet to work with Java or develop applets so my knowledge is limited and just from what I have read.  Developing them definitely isn't my expertise.

I hope this helps.  Let me know if you have any other questions for me.  Let me know if you still have a question about why PHP won't work.

bol
No thanks,
I could imagine why PHP doesn't work ...
I look into Java or find somebody to develop it for me ...

Thanks again ...
Your welcome!  I'm glad I could help.  Thanks for the fun question and good luck. :)

bol
well nobody mentioned cookies here? you are still subject to the user's settings allowing cookies on their machine, but in your case (being an employee-used system), this might be something you can mandate to your employees. at any rate, placing a cookie from the server to the local machine would be a great way to identify what user belongs to which logged-in computer. what you can do is place a hash of the username and password as 2 cookie objects and use that to check against the server's DB-stored user/pass.

for example, in PHP, you might do:

setcookie("username", md5($user['username']));
setcookie("password", $user['password']); // should already be stored as a hash in the DB!

... then elsewhere in your code, check to see if the user has a cookie set like so:

if(isset($_COOKIE['username']) && isset($_COOKIE['password'])){
  if(these local hashed values == the DB values for this user after hashing...)
    do_whatever();
}

hope this helps,

Arion
Thanks my friend,

Actually, my project took a different direction ... I' now using Java as back-end and using an Flex-based w/ AIR for GUI installed in each authorized computer ...

But yeah ... cookied would be a great choice ..

Thanks again for your help ...