Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / March 2007

Tip: Looking for answers? Try searching our database.

C# ASP .NET (VS2005) - how to obtain caller's IP address

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
j.a. harriman - 15 Mar 2007 18:14 GMT
Hi,
Can someone point me to an MSDN or other location where I can obtain the
caller's IP Address?

I'd like to put this in the "WebMethod" portion of the program.

The intent is not so much for security, as it is for me to identify
customers, and do not want to rely on them putting an "identity" in the
message to the service.

Thanks.  Jeff
Reply to this Message
John Saunders - 15 Mar 2007 18:45 GMT
> Hi,
> Can someone point me to an MSDN or other location where I can obtain the
[quoted text clipped - 5 lines]
> customers, and do not want to rely on them putting an "identity" in the
> message to the service.

If your customer is behind any sort of proxy or firewall, you'll get the
address of the proxy or firewall, and not the client machine. You can't rely
in the IP address for anything.

John
Reply to this Message
j.a. harriman - 15 Mar 2007 18:53 GMT
Other than having them insert something in the request, do you have any other
thoughts on this that I might be able to look at?
Thanks.

> > Hi,
> > Can someone point me to an MSDN or other location where I can obtain the
[quoted text clipped - 11 lines]
>
> John
Reply to this Message
John Saunders - 15 Mar 2007 19:12 GMT
> Other than having them insert something in the request, do you have any
> other
> thoughts on this that I might be able to look at?

It depends on what you're trying to do. For instance, how certain do you
need to be that the request is from one of your customers? Is this some form
of authentication?

You might consider having the customer include some data signed via XML
Digital Signature. This data would be signed in such a way that if you are
able to verify the signature, it will imply that only your customer could
have signed it. .NET 2.0 includes the new SignedXml class in the
System.Security.Cryptography.Xml namespace. It makes it much easier to
generate and verify digital signatures.

Basically, the network isn't going to do this job for you. Speaking at a
somewhat network-theoretical level, your desire to identify your customer is
pretty much an Application-layer function. That means that it's something
between your Application and the customer's Application. You can't depend on
something from the Network layer to do this for you. The Network layer has
the right to do anything it wants with Network-layer data like the IP
Address.

So, if _you_ want to be certain who _your_ customer is, then _you_ have to
do it.

John
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.