Non-standard User Identification for web application
Posted on 2011-10-14
I am building a mobile web CRM appication that will require users to login to our server. We maintain an extensive user database/definition for these users who are logining in, what database they have access to, their access rights to individual tables, etc., and I need a different approach than the default methodology to track user access.
All communication after login will be via Ajax and Json, and I need to know how I can verify that each request coming from the user is coming from the original mobile device (whether it's an iPhone, iPad, Droid, etc.)
Since I'm pretty new to this, I was wondering what the IIS server, via Asp.MVC has in the way of information that can confirm that the same user that logged in, is the same one now that is making additional requests. Thanks for any infromation, links etc. that can guide me in the right direction!!