Hi all,
Need your expertise again. Is there a function that can just pull the system ID (for Windows 2000) ?
thanks,
sammy
With my tools plugin Servoy Components – Plugins, Beans, Web Components, Angular Services & Servoy Developer Consulting you can do this:```
var user = plugins.it2be_tools.client().userName;
AND, it's FREEIT2BE:
With my tools plugin Servoy Components – Plugins, Beans, Web Components, Angular Services & Servoy Developer Consulting you can do this:```
var user = plugins.it2be_tools.client().userName;AND, it's FREE
thanks! the plugin works great on servoy developer but on the client side i get an error. Do have I have to push the plugin out to the clients somehow?
Nope, you shouldn’t. Java/Servoy takes care of that. Let me investigate later today and see what I can come up with…
IT2BE:
Nope, you shouldn’t. Java/Servoy takes care of that. Let me investigate later today and see what I can come up with…
This is the line of code I used:
globals.g_main_scan1 = plugins.it2be_tools.client().hostName
Hai Sammy, I don’t see an issue either using developer or client over here. I suggest you download the latest version of the tools plugin which I uploaded here today Servoy Components – Plugins, Beans, Web Components, Angular Services & Servoy Developer Consulting and see if the issue still occurs.
If the issue persist can you check if there is any error message in your logging/console?
Please inform me about your progress.
Cheers,
I have a customer who only wants to allow his employees to access our solution from the computer they use in his office. I have tried using gethostName and userName which do come close to what I need, but they are not foolproof.
Ideally I would like to check on something like the operating system’s registration code, to assure that the user cannot easily bypass the login system. Has anyone figured out a way to assure that client access is only from a specific computer?
Why don’t you offer the option to logon to a solution via the ldap plugin. I am working on/testing active directory support…
I was hoping to give this option to all my customers, because I suspect many of them would not want every employee to have complete access to the solution away from the office. I suspect that many of them do not have a ldap environment, so it seems like that would not be a good solution in this situation.
So far my thoughts on possible approaches are as follows. At time of first login allow user option to check a checkbox that says something like “Only allow access from the computer I am currently using”. If checked, a method would capture a unique piece of information regarding the client computer. Subsequent logins would check that piece of information to make sure it matches the current client computer’s information. If the information is blank they would be allowed in after they entered their username and password (assumption being that the checkbox was never checked), otherwise the unique id would have to match the unique id of their computer in order for them to enter.
Regarding the unique id for the client computer, at first I thought that hostName would work, but then after testing I realized that when used remotely it includes the ip address in addition to the computer name. The ip address could easily change, so that does not seem like a good option. The operating system login userName also seemed like a possibility, but someone could get around that pretty easily. Any other ideas?
Westy, would it help to grab the computer’s MAC address and associate that with each user? Marcel’s Tools plugin has a function to grab this address.
The sample code includes:
var addresses = plugins.it2be_tools.client().MACAddress;
if (addresses) {
for (var i = 0 ; i < addresses.length ; i++) {
message += "MAC address " + (i + 1) + ":\t\t" + addresses[i] + "\n";
}
} else {
message += "MAC address(es):\t\tnot available" + "\n";
}
Under what conditions would there be multiple MAC addresses for one client computer and when would there be none?
None shouldn’t happen. Multiple MAC addresses occur when you have more than one network card. Typical for Laptops with WLAN and LAN.
Don’t forget - you can write out your own “Client Preference”. In the past - I’ve just generated a random number - and written it to the preferences on the local client (and stored it in the DB for that user). Then on login - check to see if that number is in the client prefs.
The MAC address is also a good idea - because those don’t change (unless they change the network card).
Neither is bulletproof, but are going to usually be good enough.
bcusick:
Don’t forget - you can write out your own “Client Preference”…
Hi Bob,
With webclient is it written to the server or the client?
With webclient it appears that the MAC address is always the same, so it must be coming from the server.
Using application.getIPAddress() DOES return the ip address of the client computer when using webclient, so this may be a good option when clients have a static ip address.
Last night I did some tests using application.getIPAddress() from home with the following results (server is located at a different location at my office). At home I have a dsl line coming into a wireless router. One computer is wired directly to the router. Two other laptops are wireless. The computer connected to the router had one ip address. The two wireless laptops returned a different ip address, but both of the wireless laptops returned the SAME ip address (which surprised me).
In a common office environment where the client computer is on a local area network where there is a static internet ip address at the incoming router, but non-static local ip addresses on the client computers, will application.getIPAddress() return the router’s static ip address or the client computer’s non-static local ip address? I am not in an environment where I can test this.
When using the rich client getIPaddress will return the machines IP address. So when behind a NAT router this will be in the 192.168.x.x or 10.x.x.x or 172.16.x.x.-172.31.x.x range.
When using the webclient/headless client/batchprocessor you end up with the server IP.
Same goes for the MAC address.
ROCLASI:
When using the webclient… you end up with the server IP.
For us the getIPaddress with webclient is returning the ip address for the client and the getMACaddress is returning the MAC for the server. Still not sure about behind a NAT though.
I had expected the getIPaddress with webclient to only return the Server’s ip address, but somehow it is locating and grabbing the actual client ip address.
I stand corrected.
I bet it gets the IP from Tomcat like any webserver receives it.
Ofcourse no MAC address can be grabbed this way.
Westy:
I have a customer who only wants to allow his employees to access our solution from the computer they use in his office.
I’m thinking this must be a very silly suggestion. It just seems so basic. Why not just use the firewall to control this? Would it not be simplest to designate http and RMI ports for Servoy and close those ports in the firewall between the LAN and the outside world?
OTOH, maybe you meant he is trying to prohibit users from accessing the solution from a computer that is within the LAN but that is not at their own desk? I would certainly think the suggestion that was posted to store MAC address in a Users table and test that value would do the trick … and establish an IT protocol that if the NIC is changed in any user’s computer, or if a user’s whole computer is replaced, their record in the Users table must be updated with the new MAC address.
If a test for MAC id is run on outside computers in which an end-user may change their NIC, go wireless, or buy a new computer without knowledge of IT/DBA, it does get aggravating to field those support calls and step users through locating and properly reading off that address. But I have found testing for MAC ID works pretty well for applications used only in-house.
Though I think Bob’s suggestion to edit Client Pref has the biggest cool factor.
kazar
In our situation the solution uses webclient, so the client is always going to be on the server. Testing for MAC will return server info. However, testing for ip address does appear to return the ip address of the computer that the user is using to access the solution. So it appears that testing for ip address may be a good approach with webclient. I am still in the process of testing this in various environments.