We are currently building a web-based application that has the need to associate a user with the physical workstation they are on. Ideally the application would be confined to the browser meaning no client application running on the machine outside of the browser.
There isn’t a restriction on what information is used to track the workstation (IP, Mac Addr, Workstation Name), however a static IP is not guaranteed; the network may use DHCP.
Basically the question is: is there a way to associate a web user’s session with a physical machine, from within the browser.
Please note that IE8 is the targeted browser; and a PHP framework such as CakePHP or Symfony will be used.
EDIT: Any static information to link the machine is acceptable it doesn’t have to be Mac Address. Also users can move machines so we need to update their machine when they move preferably automatically without interaction from them.
The answer to your “Basically…” question is: Probably not, and if there is, you can’t rely on it to stick around.
While I realize you have a target browser at this time, you should still probably design your tools to accommodate future software or policy changes. Requiring ActiveX is probably not the best idea.
If you have other authentication systems available, you can attach to them. There are options for BrowserID, NTLM and other techniques available for *AMP stacks, and I suspect Symfony support any of them would be fairly easy to find. I’ve used NTLM with Drupal for internal web applications with great success. If you’re using Active Directory to store user info, web apps can authenticate using LDAP and record persistent cookies.
If you’re afraid that cookies may be removed, you can consider an Evercookie. While that won’t be associated with the physical machine (i.e. it won’t withstand an OS reinstall), it’s pretty dang close.