开发者

Flex 4.5 - unique computer information

I am developing a flex 4.5 web based application and I need to make sure if the client chooses a certain level of security, each user can log only from an authorized computer.

So the question is how can I get some unique computer information? Anything like HDD serial number, CPU specifications, motherboard information, even the user that is logged into the Operating System can do.

So far the information on the web 开发者_Go百科isn't giving me much hope that this can be achieved, but I had to ask. Thanks in advance.


I suppose the only option available for web application is to create unique id from fields of flash.system.Capabilities class.

Other strategy which can be used is to generate unique UID in process of computer's authorization and then store it in local storage using SharedObject. Then web app tries to read authorization data from SharedObject on web app start. If there is no such data computer isn't authorized.


Richard is right. For security, unique identifying information is not available for applications running through Flash Player. You could write an Active X control (for IE) or a plugin (for Mozilla based browsers) to obtain additional information for your app if users (and their IT administrators) allow it. Information available will vary depending on the browser and operating system the user is running.

Adobe Air, on the other hand, allows access to additional network information including MAC address in the NetworkInfo class. Maybe it's worth considering an installed client app for users who require the additional security. Take a look at: http://www.adobe.com/devnet/air/flex/articles/retrieving_network_interfaces.html


This is not easy using a browser based Flex application, but there are some workarounds.

The browser based Flash Player can communicate with an AIR app on the desktop using localconnection. So, you could create an AIR app that utilizes NativeProcess to retrieve your machine specific information.

You could also use NativeProcess from a AIR app without using the browser at all.

A third option would be to install an application server on the client machine and have the browser based app communicate with the server to retrieve the client information.

I consider most of these options too difficult to be practical, but it depends on how important this feature is to you.


The Flash Player security sandbox will not let you read anything unique about the system on which the SWF is running, so I'm afraid this is not possible. The closest you will get is likely Capabilities.serverString along with maybe IP address, but the serverString property just lists all the capabilities of the client, which is obviously not a unique thing, and also might change from time to time for the same computer.


Warning: my knowledge of server-side scripting is limited to say the least. This isn't a technical solution, but rather a different approach to your problem.

An alternative solution to would be to inspect the raw packet at the server in order to obtain data such as the IP and MAC address. Based on this the server can then deny or allow the login attempt.

I am used to working on embedded web servers running on micro controllers where C-based black magic is rather common, so I am not sure if this is possible or practical in a more traditional environment.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜