• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 231
  • Last Modified:

ASP.net Recognising specific mobile devices

Hi,

I am developing a highly secured ASP.net (VB) administration website.

At the moment, one of the security features in that logins are only accepted from certain pre-registered IP addresses.

We now wish to allow mobile devices to access the site, but obviously this breaks the pre-registered IP address security.

Is there a way to pre-register specific devices, and then identify and only allow these to connect?

Thanks,

Richard
0
rpm
Asked:
rpm
  • 5
  • 3
  • 2
1 Solution
 
CodeCruiserCommented:
I don't think there is a way to achieve this. Identifying information is not sent in web requests.
0
 
Meir RivkinFull stack Software EngineerCommented:
not without forcing the devices installing some kind of client side authentication code, which passes unique identification and device information on every request to your web admin.
0
 
rpmAuthor Commented:
Sedgwick:

Is that possible for iOS devices?

Richard
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Meir RivkinFull stack Software EngineerCommented:
yes, u can use UIDevice currentDevice object to access device info:
http://stackoverflow.com/questions/7880715/how-to-add-device-information-while-sending-request-to-server

so basically the authentication against your web admin will be using the device info to detect if device is authorize to access your web admin and register it for future requests.
0
 
CodeCruiserCommented:
But that requires an ios app right?
0
 
Meir RivkinFull stack Software EngineerCommented:
yes.
there's no simple workaround to detect device requesting web page without passing some kind of authentication code to the server.
0
 
rpmAuthor Commented:
How would I integrate such an app with the web browser, or can't that be done?

Richard
0
 
Meir RivkinFull stack Software EngineerCommented:
in the web admin, you should have a download link which runs a script on your mobile, gather device info and pass it to the admin web page, then the admin authenticate the device and either authorize access or not.

its a bit like the windows genuine validation, which u have to run in order to validate your windows before allow you to update and stuff like that.
0
 
rpmAuthor Commented:
Ok, that's sounds like a good approach, although I think I will have to subcontract that job, as it is a bit beyond me!

Unless anyone knows of an off the shelf solution I can buy to do this?

Richard
0
 
Meir RivkinFull stack Software EngineerCommented:
it should be an easy task even for a novice programmer cause all the code is in the internet.
and it can be developed in almost in any script language or .net so you won't have hard times to find someone to develop this feature.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 5
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now