Hi all as I am new to lotus notes applications have a doubt regarding request and response objects are present or not.
Let me take one example. I have a task to generate the IP Address of the client machine whoever is using my lotus notes web application. But when i use this below java code using agents it is giving me the Windows server IP Address instead of client IP address who has used my application.
InetAddress thisIp = InetAddress.getLocalHost();
System.out.println("IP ADDRESS:;::"+thisIp.getHostAddress());
But when it comes to java we have request and response objects where we can use proxy and capture the IP from the client machine.
Can anyone tell is it possible to use some other keywords instead of request and response.
For a web application, the client's address is a CGI variable called REMOTE_ADDR. No need to get any fancier than that. Just as an aside you have access to Java and all (or at least most) of its might within agents as well, but you don't need that for just the remote Web client's IP address.
Related
Password rest mail currently sending private ip. I want below
$REMOTE_ADDRESS$ variable of liferay set public ip in password reset notification.
Internally liferay use request.getRemoteAddr(). How should i configure liferay so request.getRemoteAddr() give correct ip address.
I'm assuming, that you're using mod_proxy_http to forward requests from your Apache httpd to tomcat (or whatever appserver you use). This means, that there's a separate HTTP request, originating from your webserver. I'm assuming that this is the address that you see, no matter what request you handle.
One way to tackle this, is to use AJP as the forwarding protocol, instead of HTTP. You can do this by utilizing mod_proxy_ajp or mod_jk. This means that you can't encrypt the traffic between your web- and application server, however, it handles the remote host and other issues by default.
There might be other options, e.g. experimenting with adding the header X-Forwarded-For. I personally prefer AJP over HTTP as the forwarding protocol, that's why I never bothered to try the alternatives.
Basically, this does not involve Liferay at all: The remote host gets lost on the connection from Apache httpd to your appserver. Liferay just retrieves what the appserver tells it about the request.
I deployed my .NET CORE solution in AZURE environment (PAAS).I used following code snippet there to get client's ip address
dtoItem.LogIP = HttpContext.Connection.RemoteIpAddress.ToString();
I used standard .net core libraries and did necessary changes into Startup.cs as well
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto,
RequireHeaderSymmetry = false,
});
I believe I have implemented everything in correct manner. But still I haven't got accurate client IP address. I am always getting client's public IP instead of his private IP. Since this can be repeated (Same office 2 users have same public IP) I need client's private IP instead of his public IP.
Is it possible to get private IP address in PAAS solution. If it is not possible, is there a way to track client's PC information. (Such as IP Address, MAC address).
Is it possible to get private IP address in PAAS solution?
No it is not possible as shared in this SO post and this answer address this about MACAddress
On the client side javascript, there is no API exposed to get the IPAddress(obviously due to security consideration) .Then you can get the IPAddress on the server side but typically if you are accessing internet from your company,it would go through the corporate proxy and the Ipaddress seen by the server will never be the actual client IP but the proxy server's address. So this is limited on the server side as server only sees the proxy (public IP address).
If it is not possible, is there a way to track client's PC information. (Such as IP Address, MAC address) ?
What you can reliably track is the user agent. Breaking the user agent down, we get the some information about browser ,OS versions. But user agent can easily be spoofed with some browser extension .
If you are looking for browser finger printing or tracking ,have a
look at Panopticlick which shows some more information like
fonts > installed, screen resolution,plugins installed etc to track
any client. fingerprintjs2 javascript library helps to track
using 26 parameters as of today
There is no straight forward answer to this. The thread shared by Rob has some great insights. However, one needs to understand that a lot can happen to the request before it reaches the server. The intermediary networking devices can manipulate the TCP headers so it may not reflect the correct IP Address that you need.
From a solution perspective, this might be perfectly possible, if you develop your own client and log this information somewhere so that you can track it. Otherwise there is no reliable way to get this information.
I created a Tcp server using net module in NodeJS and tried to get the mac address info from each client to generate uuid. However, in the Socket object, there is no information about it. Also I tried to get read mac address from arp table, but it's not working either. Any other ways to figure it out?
Because the MAC address belongs to the layer 2 of the OSI layers you will not be able to access it unless you are in the same address space because it gets stripped out by routers.
Explanation
MAC address, belongs to layer 2 "Data Link Layer" of 7 OSI Layers. The clients' MAC addresses are only visible to the routers they directly connect to.
Routers will partially disassemble the packet to get at the layer 3 "Network Layer" headers in order to determine where the packet should be shipped, where IP address is being used.
Then, Layer 4, "Transport Layer", is where you're talking about specific protocols, like TCP.
Therefore, as a server, you CANNOT get the clients' MAC address unless you are connected to your clients in layer 2.
I did something similar before for class rooms in production environment. In my case, I have access to all client machines. Either you have admin access to all clients or you can pre-register the client into your database somehow, you can do the following. If not, please ignore this answer.
Create another NodeJs program hosted a web service in Clients (Don't forget to implement some kind of security). This program could be just a simple ExpressJs with getmac node module.
Register all IPs or domain name of the clients to Server database. Could be manual or, in my case, when Client turned-on it's auto send a request to server to register itself. (Implement client-server validation if needed)
When Server needed the mac from client, Server app sends a request to each pre-registered client to get its mac address or any other information Server needs from clients.
Net client in node js does not provide the mac address. You have the choice between :
1- sending the #mac your self: i mean in the client side you send the Mac address as data when you establish connection with the server.
2- use socket.io insteed net . It will afford you all the information you want
I have tried to send a DNS packet to get an IP of some web-site.
In some cases, like google, the IP was right and when i typed it in the url line it sent me to google.
But in other cases (for example : stackoverflow.com) its gave me an IP that didin't linked to the web-site.
To be sure that my packet is right, i tried to do Nslookap in the command line, and the result was the same.
So i cant find the right IP adress of a web-site.
There is the message that appear when I'm trying to enter stakoverflow
Fastly error: unknown domain: 151.101.65.69.
Please check that this domain has been added to a service.
You (generally speaking) can not open the website just by entering the IP address in your browser's address bar because web servers (and possibly many other network components that are between you and the web server) often do not host only one web site on that IP address so they rely on exact domain name typed in address bar to serve the right content.
I think, it's caused by yours internet restriction. Try to contact your ISP (your internet provider) about this problem. He will probably know more about cause of this problem.
Short answer: you need a host header.
Long answer: Since HTTP/1.1 introduced in 1997 (and then updated in 1999 and in 2014), the request needs a host header. That allows the web server to route a request to a corresponding server configuration, a virtual server in Apache speak. Some servers don't have this configured and is allowing requests to any host to be served from the same web server configuration.
HTTP/1.1 also allowed multi-tenant proxies, as Fastly, to exist in the Internet. Fastly is a CDN - content delivery network - that allows to cache websites content on closer to users and deliver it locally (faster than from a cloud or a colo, thus the name).
When you're not specifying the domain for the request, it looks like your client (or a library) is using the IP address as the host header. That's why the response from Fastly talks about domain: unknown domain: 151.101.65.69.
While Fastly do support service pinning to a dedicated IP address, which would have worked for your request - it doesn't look like stackoverflow is using the feature as they might not need it.
I'm working on a system with three parts that communicate over HTTP. The parts are the Service, the ServiceRegistry, and the Client. The Service and the ServiceRegistry are self-hosted OWIN applications. The nature of the client doesn't matter.
In my design, the Service POSTs to the ServiceRegistry to "register" itself. The ServiceRegistry reads Request.GetOwinContext().Request.RemoteIpAddress to determine where the Service is located and GETs back to the Service to perform some handshaking (the port for this GET is supplied in the original POST). Finally, the Client comes along and performs a GET to the ServiceRegistry asking for the location of the Service and receives back the IP address and port on which it can directly interact with the Service.
This works well when all three parts are running on different machines.
However, when the configuration is that the Service and the ServiceManager are running on MACHINE01 and the Client is running on MACHINE02 the system fails. What appears to be happening is (when both parts are located on one machine) RemoteIpAddress receives a link-local version of the IPV6 address. I strip off the Scope ID from the IPV6 address and return the address and port to the Client. But, to the Client running on a different machine, this is an unreachable address.
Can anybody suggest how I can read the remote IP address from the OWIN request in such a way that it will be reachable from another machine on my network?
When you are connected with any address, I don't think there is a way to get other addresses of the peer.
You could either implement and use some registry of address mappings between link locale addresses and global addresses. (Always in the hope the peer accepts requests on its global address as well.)
Or if you have access to it I'd propose to modify the requesting peer to send the request originating from its global address. This can normally achieved with source address selection. But I have no idea how you do this on the .NET platform as I am working on Unix systems.