Logging in users via certificate ...

[bsamson]

Here's the situation. I run a small internal website that I have coded from scratch for my company. Right now it is IP based and stores automatically get logged in. HOWEVER, some stores don't have a static IP and it changes seemingly everyday. This site contact links that auto log the user into some pretty sensitive sites. I was curious if there is a method of storing a file on each stores computer that a script will read and validate based on that.

 

Any help will be greatly appreciated! Thanks in advance!

 

--Brian

[shocker-z]

being as PHP is server-side i cant see that being possible.

 

However you could look at using hosts instead of IP?

 

$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);

 

you could strip it down to local exchange but then you still have possibility of someone getting in who shouldn't. how sencitive is the data?

 

Regards

Liam

[bsamson]

I dont know sensitive was the right word. The links redirect the user (and auto logins) to an activation site for a wireless carrier. We like this option b/c users dont know the passwords. Is there perphaps a ceritificate of some kind that I can have php look at before loading? Or perhaps use javascript to get contents of file? I am at a loss ... because everything as of right now is wrapped around the store's ip. Thanks in advance.

[MadTechie]

well the only thing i can think of would be a cookie..

 

you can't grab a file from te client PC.. that would be a security risk for all users on the web.. you could have them upload a file..

[shocker-z]

how about creating a few different domains?

 

Cheap enough and would do the trick if avalible.

 

liam