需要将对移动网站的访问限制为特定的已注册移动设备 [英] Need to limit access to a mobile website to specific registered mobile devices

问题描述

我已经进行了大量研究，但似乎找不到解决方案来解决如何将对安全移动网站的访问限制为仅预先注册的设备.

I've researched a ton and can't seem to find a solution for how to limit access to a secure mobile website to ONLY PREVIOUSLY REGISTERED devices.

我已经就地安全登录，但是我们还必须确保只有注册的设备才能访问该网站.我们不能让用户与他人共享登录信息并允许其他人登录和使用受保护的信息.

I already have a secure login in-place, but we must also insure that ONLY registered devices access the site. We cannot have users sharing login information with others and allowing others to login and use the protected information.

反正有这样做吗?

我研究过尝试使用JavaScript，PHP或类似方法获取设备的MAC地址，但这似乎不是一种选择.

I've looked at trying to acquire the devices MAC address using JavaScript, PHP, or something similar, but this doesn't seem to be an option.

推荐答案

您不能这样做，因为网站通常会注册用户而不是其移动设备，因为关于物理设备，携带的信息无法真正唯一.进行基于客户端(而不是基于用户)身份验证的正确方法是使用客户端证书.

You can't do that because websites usually register users as opposed to their mobile devices as nothing can be truly unique about a physical device but the information it carries. The proper way of doing client based (as opposed to user based) authentication is to use a client certificate.

如果您只是想简化移动设备上用户的登录体验，则可以查看此.

If you just want to simplify the sign-in experience for your users on mobile device you may want to take a look at this.

这篇关于需要将对移动网站的访问限制为特定的已注册移动设备的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！