• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 237
  • Last Modified:

Manage /Control Multiple logins to a website

We host a website on tomcat. To be able to use our website we sell subscriptions. To ensure these are not abused we track IP's and ensure that only allowed IP's are able to log in.

However this means a public IP is allowed and if there are 10 pc's behind that public ip all are allowed. We always knew this and never bothered to look into it. But now with new licensing in place we want to be able to track how many different or individual pc's are accessing our Website.


Is there a way to record or obtain mac address of the remote pc's logging in or is there any other way to manage or control this.

Please advise thanks.
0
Clement P
Asked:
Clement P
3 Solutions
 
GiladnCommented:
I found this:
http://wiki.apache.org/tomcat/FAQ/Logging

please do tell what kind of firewall you are using, is embedded web tracking app/code like GOSTATS a good solution?
http://gostats.com/

hope this helps,

G
0
 
svenoveCommented:
MAC-address-information is not accessible after the connection passes through a router, so that's not an option.

How exactly do they log in? Username and password?
If so, you could perhaps implement some kind of system to check if the same username is logged in from different IPs at the same time?

An other option is to check the HTTP_USER_AGENT - this is the string that identifies the browser/OS and even this would be the same on two computers running the same OS and browser, combining that along with IP is a step closer at least. :)
0
 
COBOLdinosaurCommented:
If you are licensing IP instead of users then you really have little control beyond keeping a count of users logging on from the IP and limiting the number. cookies do not help much because they can be deleted by the use.

I will also confirm what svenove said about the mac address.  That can only be used by the router to map local devices.



Cd&
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
GiladnCommented:
comment:

you cannot "trace" or track those users since no authentication mechanism is involved
0
 
Clement PAuthor Commented:
Can we get internal IP of the users, by using any php code integreated on our website. combination of internal ip and external ip wil give us a clear idea.
0
 
GiladnCommented:
it depands, what exactly are you using in order to connect users? Firewall VPN? IPsec?
are users getting static ip address from your server?

please describe topology so I can be more helpful..

G
0
 
Clement PAuthor Commented:
sorry for not accepting the solutions .
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now