Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
How do you make the authentication for a browser-based application dependent on the client machine? Say the admin can login only from this machine.
Assumptions: There is complete control over the network and all machines (client and server) involved.
I am looking for an apache/linux solution.
You need to come up with some way of identifying this machine. What iis important in your application? Physical location? IP address?
If you have complete control over the machines I would use SSL with client certficates, and put the client certificate only on the machine that must be used. See here for details on how to configure this with Apache
As that article says, you can set Apache to require the certificate, a user name and password AND limit connectivity to specifc IP addresses.
EDIT: You don’t need a separate web server to use client certificates.
You might need a separate URL depending on how your application works.
Note the example configures certificates only for a certain Directory
. So have certain classes of user login differently, or redirect them after login to the client-certificate-protected part of your website