hi all,
i have some problem or lets say some assighment, one of my portal, is an inhouse project which is used by internal employees..So I have put on a check on the index page that it will visible to only certain ips i dont want it open for all the people those are not concerned with it..

Now i want it that is there any way that, as some of our sales person are on the move they usually carry the pdas or laptops, and they move around the world..There fore is there any way that we can allow then acess..on the run any where in the world.. and the acess will be restricted to these particular person..not any body else..I think I am Clear with my query..

I want that I allow the acess to only those persons who are somehow related to my company..and the acess will be any where in the world...I dont have their static IP.. even them i want the acess restricted to my marketing people..Not to any body else..

Thanks,
Deeppak

use htaccess file to grant access to the ips in youre company.
then for all other ips require a password.

You could just use a simple login page.

The thing is that i don't want the employees even that are using the portal in house and have their user ids,to have acess of the portal out side the office premises...I want that, i allow only limited persons to have acess..outside th office premises...Take example i want the ceo of the company...to have acess.not every body since he is on the move always....so is their any process which we can adopt...use and passwords is the implementation which we are using internally, and that also restricted to certain ips....that is only within office premises..or outskirts branches ...Since we have their ips..What to do in this case since the persons are on t he move ...and there is a check on the index page that restrict the ips which are not from aour premises... If i do it your way just check the user name passwords their are some problems like i could not achieve my purpose.

Firstly the site will be available to the existing employees from every where,,by using their user name and ids,
and secondly i could not meet my objective to restrict the persons on essecing the site from outside..

I hope now i am more clear.

Thanks,
Deeppak
Reply With Quote

Set up a typical user/password login implementation with a user table in the database for storing login IDs and passwords. In the user table, add a column which indicates whether or not they are allowed to access the application from outside. Then your login validation would be in two parts: (1) validate the login/password and (2) if the user is valid but is not allowed outside access, validate that their IP address is in the approved list. (I suppose you could reverse the above logic, and only ask for a login/password if the user is not accessing it from a valid IP, but that would be less secure, as anyone who hacked into your network - or happens to physically be on site for some reason - would be able to access the application without having to log in.)