I'm looking for just some orientation about how to control that an ASP.NET web site could be only loaded from an specific PC.
It seems obvious that the login web page should get the IP address or PC name from the client and check with a database query if that IP address plus the userid account match its database record.
However, catching the IP address with
Request.ServerVariables("REMOTE_ADDR")
could get a IP address distorted by a firewall, NAT or router configuration. So that option is discarded.
Other option that I've heard is about creating a dll file with a name like "license.dll", and store inside that dll file some credential or IP address or serial number. That data plus the userid account have to be stored in database . When user loads the web page, it should read first that dll file and get the credential inside it, make a query to database and match userid account and dll credential. If matching is correct, then web page is loaded.
Is it possible to store some credential in a dll file and make the web page able to read that dll?
Aucun commentaire:
Enregistrer un commentaire