How to check ip address in GWT?
1,750 views
Skip to first unread message
Edwardxiong
Feb 6, 2012, 10:15:45 PM2/6/12
to Google Web Toolkit
My website is a pure GWT site. It need members to login with their
account and password. To prevent multiple users login with one same
account, I need to do some kind of ip address check. But I am not sure
how to do that in GWT. Can someone help me with that? Thanks.
account and password. To prevent multiple users login with one same
account, I need to do some kind of ip address check. But I am not sure
how to do that in GWT. Can someone help me with that? Thanks.
3xM
Feb 7, 2012, 2:04:27 AM2/7/12
to google-we...@googlegroups.com
You might want to use .jsp page as your host page. Something like this:
.
.
<head>
..
<script type="text/javascript" language="javascript">
<%
String ip_address = request.getRemoteAddr();
%>
var _ipAddress = <%= "\"" + ip_address + "\"" %>;
</script>
..
</head>
..
then when you need someones ip, you can call this:
public native String getIP() /*-{
return $wnd._ipAddress;
}-*/;
.
.
<head>
..
<script type="text/javascript" language="javascript">
<%
String ip_address = request.getRemoteAddr();
%>
var _ipAddress = <%= "\"" + ip_address + "\"" %>;
</script>
..
</head>
..
then when you need someones ip, you can call this:
public native String getIP() /*-{
return $wnd._ipAddress;
}-*/;
Paul Robinson
Feb 7, 2012, 4:08:00 AM2/7/12
to google-we...@googlegroups.com
This depends entirely on what server-side technology you choose to use. It's not really a GWT thing.
Paul
Edwardxiong
Feb 7, 2012, 4:27:19 AM2/7/12
to Google Web Toolkit
Server side is struts2. But all call to server is RPC call. So server
side do not have this RPC call's request.
Don't understand why this is not a GWT thing.
If not in GWT but in struts2, I can get the ip address through every
servlet request easily. But in GWT, I don't know how.
side do not have this RPC call's request.
Don't understand why this is not a GWT thing.
If not in GWT but in struts2, I can get the ip address through every
servlet request easily. But in GWT, I don't know how.
Edwardxiong
Feb 7, 2012, 4:49:43 AM2/7/12
to Google Web Toolkit
Thanks! I will try this.
But hard to imagine that there are no standard method in GWT to do
this job.
But hard to imagine that there are no standard method in GWT to do
this job.
Paul Robinson
Feb 7, 2012, 5:01:33 AM2/7/12
to google-we...@googlegroups.com
On 07/02/12 09:49, Edwardxiong wrote:
> But hard to imagine that there are no standard method in GWT to do
> this job.
GWT is a client-side technology. Depending on what server-side technology you use, you will have different ways of identifying the client's IP in the server. From a servlet (and hence also from jsp), you can get it from the HTTPServletRequest.> But hard to imagine that there are no standard method in GWT to do
> this job.
If you were to use PHP in the server, you'd use something completely different.
Paul
Jens
Feb 7, 2012, 5:18:30 AM2/7/12
to google-we...@googlegroups.com
Its not a GWT thing because the server decides if you are logged in or not. You should only do a RPC.login(user, password) and the server checks the credentials and then check if the user is already logged in from a different IP (in case of a java servlet you would use HTTPServletRequest to get the request IP).
Security always needs to be done on the server because you cant trust the data coming from a GWT app. Its a JavaScript app and a potential attacker has full control of the JavaScript source code (sure the JavaScript is obfuscated but its not really a problem for an attacker). So everything regarding login/logout/access control has to be decided/checked on server side.
-- J.
Edwardxiong
Feb 7, 2012, 8:20:47 AM2/7/12
to Google Web Toolkit
Thanks so much for your help. I got your idea.
Edwardxiong
Feb 7, 2012, 8:21:07 AM2/7/12
to Google Web Toolkit
thank you for your help!
Reply all
Reply to author
Forward
0 new messages