How to differentiate user based on client machine.

Hello every one.
I am tryin to develop a vaadin application. In my application there are different types of user, let say a manager and a accountant. My requiment is, i have 10 systems and manager is allowed to use vaadin application from 1 to 6 systems and accountant is allowed to use vaadin applicatio in rest of systems.

If Manager is try to login in my vaadin application in 7th or 8 th system the we should not allow him to login to vaadin application and accountant is not allowed to use my vaadin application in 1 to 6 systems.

How can achive this requirement. Please suggest.


In Vaadin (or pretty much any Web Framework) you can get these informations about the client:
When these machines have a static IP inside the Network you make the Web Application reachable you could tell them appart using the IP. Other then that there really isn’t much else to do.
Browser only send a small amount of information, like Browser Type Version, … but generally nothing about the actual Computer.

Is there any possiblity if we a client side java application to achive this requirement ?
We try to send MAC address from client system but we are facing some issues.

You can call a method in your UI upon successful logon which writes user parameters to the UI; name, authentication level - as you wish. Then refer to these parameters elsewhere in your application to allow or deny functions.

Note that sending the MAC address in the payload or other similar methods are easy to circumvent by a knowledgeable malicious user.

I’d recommend using https and certificate based client authentication as a part of the login process.