That's an excellent idea!  What I'd probably do is write a separate program
that can set/update the cookie this way we in the IS department would have
full control of setting th ecookie.  It could be password protected and
encrypt the location in the cookie so the layman couldn't configure his own
easily.

Now the question is (and admittedly I havn't done the research yet) is there
any environment variable (like the remote IP address) that may be unique to
a PC that I can read in from my CGI program.  If so then the set cookie
program could use this also to generate the encrypted key this way a layman
couldn't copy a cookie from one machine to another ane beat the system.

----- Original Message -----
From: "Anton Gombkötö" <gombkoetoe@assoft.com>
To: <web400@midrange.com>
Sent: Thursday, March 28, 2002 1:07 PM
Subject: Re: [WEB400] Obtaining IP address of client using CGIDEV2


Hm.

I don't know any method to retrieve the MAC address and i don't even think
that this would be appropiate for a browser application. If that is somehow
possible, i expect it to be turned off by a security patch.. ;-)

What about cookies then?

When the cookie isn't set, i'd ask for the necessary id. Then the cookie is
set, and until someone kills the cookie, the application could know which
PC this is.
But this approach also depends on the security demands for your
application. When users have advantages / fun of entering false id's, this
isn't very useful.

(But when online.babylon.com translated "swipe" right, they do have to
enter their badge id? Then it's just the same.

But if i'm wrong and it's something like a little key that is somehow read
by a device at the PC, i assume that there is a piece of software that does
that. Then this application could read the MAC address and send it to the
iSeries with the "url click".)


best regards /  Mit freundlichen Grüssen

Anton Gombkötö
Avenum Technologie GmbH

http://www.avenum.com

_______________________________________________
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/web400
or email: WEB400-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.