Restrict Web Page access based on MAC / IP

This solution is a combination of .Net / Java applets. Java Applet is used to get the MAC from the client machine and then it is sent back to the server and there it will be used to restrict the client access or grant it access based on the ACL (Access Control List) defined in the XML.

Java Applet to Get MAC Address :

import java.net.NetworkInterface;
import java.net.SocketException;
import java.util.Enumeration;
import java.util.ArrayList;
import java.applet.Applet;

public class MacAddressApplet extends Applet
{
public static String sep = ":";
public static String format = "%02X";

/**
* getMacAddress - return the first mac address found
* separator - byte seperator default ":"
* format - byte formatter default "%02X"
*
* @param ni - the network interface
* @return String - the mac address as a string
* @throws SocketException - pass it on
*/
public static String macToString( NetworkInterface ni ) throws SocketException
{
return macToString( ni, MacAddressApplet.sep, MacAddressApplet.format );
}

/**
* getMacAddress - return the first mac address found
*
* @param ni - the network interface
* @param separator - byte seperator default ":"
* @param format - byte formatter default "%02X"
* @return String - the mac address as a string
* @throws SocketException - pass it on
*/
public static String macToString( NetworkInterface ni, String separator, String format ) throws SocketException
{
byte mac [] = ni.getHardwareAddress();

if( mac != null ) {
StringBuffer macAddress = new StringBuffer( "" );
String sep = "";
for( byte o : mac ) {
macAddress.append( sep ).append( String.format( format, o ) );
sep = separator;
}
/* My extra Code for Vista*/
if (macAddress.length ()! = 0)
(
macAddress.toString return ();
)
/* End of patch*/
return macAddress.toString();
}

return null;
}

/**
* getMacAddress - return the first mac address found
*
* @return the mac address or undefined
*/
public static String getMacAddress()
{
try {
Enumeration
nis = NetworkInterface.getNetworkInterfaces();

// not all interface will have a mac address for instance loopback on windows
while( nis.hasMoreElements() ) {
String mac = macToString( nis.nextElement() );
if( mac != null )
return mac;
}
} catch( SocketException ex ) {
System.err.println( "SocketException:: " + ex.getMessage() );
ex.printStackTrace();
} catch( Exception ex ) {
System.err.println( "Exception:: " + ex.getMessage() );
ex.printStackTrace();
}

return "undefined";
}

/**
* getMacAddressesJSON - return all mac addresses found
*
* @return a JSON array of strings (as a string)
*/
public static String getMacAddressesJSON()
{
try {
String macs [] = getMacAddresses();

String sep = "";
StringBuffer macArray = new StringBuffer( "['" );
for( String mac: macs ) {
macArray.append( sep ).append( mac );
sep = "','";
}
macArray.append( "']" );

return macArray.toString();
} catch( Exception ex ) {
System.err.println( "Exception:: " + ex.getMessage() );
ex.printStackTrace();
}

return "[]";
}

/**
* getMacAddresses - return all mac addresses found
*
* @return array of strings (mac addresses) empty if none found
*/
public static String [] getMacAddresses()
{
try {
Enumeration
nis = NetworkInterface.getNetworkInterfaces();

ArrayList
macs = new ArrayList();
while( nis.hasMoreElements() ) {
String mac = macToString( nis.nextElement() );
// not all interface will have a mac address for instance loopback on windows
if( mac != null ) {
macs.add( mac );
}
}
return macs.toArray( new String[0] );
} catch( SocketException ex ) {
System.err.println( "SocketException:: " + ex.getMessage() );
ex.printStackTrace();
} catch( Exception ex ) {
System.err.println( "Exception:: " + ex.getMessage() );
ex.printStackTrace();
}

return new String[0];
}

/**
* getMacAddresses - return all mac addresses found
*
* @param sep - use a different separator
*/
public static void setSep( String sep )
{
try {
MacAddressApplet.sep = sep;
} catch( Exception ex ) {
// don't care
}
}

/**
* getMacAddresses - return all mac addresses found
*
* @param format - the output format string for bytes that can be overridden default hex.
*/
public static void setFormat( String format )
{
try {
MacAddressApplet.format = format;
} catch( Exception ex ) {
// don't care
}
}

public static void main( String... args )
{
System.err.println( " MacAddress = " + getMacAddress() );

setSep( "-" );
String macs [] = getMacAddresses();

for( String mac : macs )
System.err.println( " MacAddresses = " + mac );

setSep( ":" );
System.err.println( " MacAddresses JSON = " + getMacAddressesJSON() );
}
}


Java Applet to Get OS Version :

import java.net.*;

public class GetOSName extends java.applet.Applet {
public String OSName;
public String Vendor;
public String URL;
public String Version;
public String OSArch;
public String OSVersion;

URL location;
public void start() {
Vendor = System.getProperty("java.vendor");
URL = System.getProperty("java.vendor.url");
Version = System.getProperty("java.version");
OSArch = System.getProperty("os.arch");
OSName = System.getProperty("os.name");
OSVersion = System.getProperty("os.version");
}

public String getOSName() {
OSName = System.getProperty("os.name");
return OSName;
}


}


The above two applets are used in the CheckAccess.aspx file to get the MAC Address and then the page will autopost back with the MAC Address to the server.

CheckAccess.aspx File:

In this file add both applets and onload of page call the following functions to get the MAC address and then postback that form back to the server.

Add the both applets in the Page.

<!--[if !IE]> Firefox and others will use outer object -->
<embed type="application/x-java-applet"
name="macaddressapplet"
width="0"
height="0"
code="MacAddressApplet"
archive="macaddressapplet.jar"
pluginspage="http://java.sun.com/javase/downloads/index.jsp"
style="position:absolute; top:-1000px; left:-1000px;">
<noembed>
<!--<![endif]-->
<!---->
<object classid="clsid:CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA"
type="application/x-java-applet"
name="macaddressapplet"
style="position:absolute; top:-1000px; left:-1000px;"
>
<param name="code" value="MacAddressApplet">
<param name="archive" value="macaddressapplet.jar" >
<param name="mayscript" value="true">
<param name="scriptable" value="true">
<param name="width" value="0">
<param name="height" value="0">
</object>
<!--[if !IE]> Firefox and others will use outer object -->
</noembed>
</embed>
<!--<![endif]-->



<!--[if !IE]> Firefox and others will use outer object -->
<embed type="application/x-java-applet"
name="GetOSName"
width="0"
height="0"
code="GetOSName"
archive="GetOSName.jar"
pluginspage="http://java.sun.com/javase/downloads/index.jsp"
style="position:absolute; top:-1000px; left:-1000px;">
<noembed>
<!--<![endif]-->
<!---->
<object classid="clsid:CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA"
type="application/x-java-applet"
name="GetOSName"
style="position:absolute; top:-1000px; left:-1000px;"
>
<param name="code" value="GetOSName">
<param name="archive" value="GetOSName.jar" >
<param name="mayscript" value="true">
<param name="scriptable" value="true">
<param name="width" value="0">
<param name="height" value="0">
</object>
<!--[if !IE]> Firefox and others will use outer object -->
</noembed>
</embed>
<!--<![endif]-->

Script to Get MAC Address:


<script type="text/javascript">



var macs = {
getMacAddress : function()
{
document.macaddressapplet.setSep( "-" );
//alert( "Mac Address = " + document.macaddressapplet.getMacAddress() );
var myText = document.getElementById("txt_Mac");
myText.value = document.macaddressapplet.getMacAddress() ;

},

getMacAddressesJSON : function()
{
document.macaddressapplet.setSep( "-" );
document.macaddressapplet.setFormat( "%02x" );
var macs = eval( String( document.macaddressapplet.getMacAddressesJSON() ) );
var mac_string = "";
for( var idx = 0; idx < addresses = " + mac_string ); var myText = document.getElementById(" value =" mac_string;" style="font-weight: bold;">Hidden Fields:

<input type="text" value="" id="txt_Mac" runat="server" />
<input type="text" value="" id="txt_OS" />

Function to get MAC Adress depending on OS Version:

function GetMACAddress()
{
var OSName = document.GetOSName.getOSName();
var my_OS = document.getElementById("txt_OS");
my_OS.value = OSName;
if(OSName == "Windows XP")
{
macs.getMacAddress();
}
else
{
macs.getMacAddressesJSON();
}
}

Auto Postback functions:
function SubmitForm()
{
var myText = document.getElementById("txt_Mac");

if(myText.value.length > 0)
{
var jsVar = "http://localhost:2582/CheckAccess.aspx";
__doPostBack('callPostBack', jsVar);
}
}

CS file:


protected void Check_IP_MAC()
{
XPathDocument xpDoc = new XPathDocument("ACL XML File");
XPathNavigator xpNav = xpDoc.CreateNavigator();

//Gets the IP addresses from the file and compare it with the users IP

XPathExpression xpExpression = xpNav.Compile(@"/users/user/ip");
XPathNodeIterator xpIter = xpNav.Select(xpExpression);

string _userIP = Request.UserHostAddress.ToString();
string _userMAC = txt_Mac.Value;

bool _IPCheck = false;
bool _MACCheck = false;

while (xpIter.MoveNext())
{

if (xpIter.Current.Value == _userIP)
{
_IPCheck = true;
}

}

//Gets the MAC addresses from the file and compare it with the users MAC

xpExpression = xpNav.Compile(@"/users/user/mac");
xpIter = xpNav.Select(xpExpression);

while (xpIter.MoveNext())
{

if (xpIter.Current.Value == _userMAC)
{
_MACCheck = true;
}

}

//Sets the Session if the MAC / IP validates
if (_IPCheck == true && _MACCheck == true)
{
Server.Transfer("WEB PAGE LANDING FILE");
}
else
{
Server.Transfer("ERROR FILE");
}
}

Ref: http://techdetails.blogmatrix.com/:entry:techdetails-2008-02-11-0000/ , http://www.spiration.co.uk/post/1186/Java%20detect%20brower,%20JVM%20vendor,%20Java%20version%20etc

Comments

Unknown said…
Please provide working downloadable code, as code given here does not work properly. Even the applet code does not get compiled properly. I was able to remove those. But how to use jar files in .net application?
Rizwan Shah said…
This code is just to give you an idea that how things will work.

And the other thing that how you will use jar file in .net application, it can be done using javascript on client side then access those variable from java applet and insert them in some hidden fields and then it can be posted to the server side to be used in .net code.
test said…
/* My extra Code for Vista*/
if (macAddress.length ()! = 0)
(
macAddress.toString return ();
)

Can anyone help out in this coding section?

I'm dont really understand them.
Thanks
test said…
/* My extra Code for Vista*/
if (macAddress.length ()! = 0)
(
macAddress.toString return ();
)

Can anyone explain on this coding section?

I dont really understand the purpose of this coding section.

Possible to correct this coding section as well?
Web Dev said…
Thanks for the great Article. I was looking all over the web for this.
Unknown said…
this is a great article ,I have been search for away to get client MAC address for long time.I downloaded the macaddressapplet from the ref link but don't know how to use your code to make it,could you please provide source code.!

Popular posts from this blog

DevOps - Key Concepts - Roles & Responsibilities - Tools & Technologies

Rewriting the DotNetNuke Url Rewriter Module

Trouble In the House of Google