跟踪使用动态IP地址的移动客户端的最佳方式
[英]Best way to track mobile clients which use dynamic IP addresses
问题描述
I need to track users of my mobile application. 
我需要跟踪移动应用程序的用户。 When they are connected using wifi, they have a static IP address which never changes - this makes tracking easy. 当使用wifi连接它们时,它们具有永不改变的静态IP地址 - 这使得跟踪变得容易。 However, if they use their mobile network their IP addresses change on every request which makes tracking difficult. 但是,如果他们使用他们的移动网络,他们的IP地址会在每次请求时发生变化
I'm interested to see how other may have approached this problem and implemented a suitable tracking strategy in this situation? 我有兴趣看看其他人如何解决这个问题并在这种情况下实施了合适的跟踪策略?
EDIT: The solution needs to be as secure as possible to prevent users circumventing being tracked. 编辑:解决方案需要尽可能安全,以防止用户绕过跟踪。
Thanks 谢谢
2 个解决方案
解决方案1
2 2011-06-20 10:06:29
I assume by tracking you mean that a webservice knows that two differents requests are from the same user ? 我假设通过跟踪你的意思是web服务知道两个不同的请求来自同一个用户?
If so then you just need to use the standard web tools for this : Sessions and cookies. 如果是这样,那么您只需要使用标准的Web工具:会话和cookie。
Make your app generate a unique id at launch and send this unique id as a cookie or variable with every requests you make to your webservice. 让您的应用在启动时生成唯一ID,并将此唯一ID作为Cookie或变量发送给您对Web服务的每个请求。 This way you really uniquely identifie them. 这样你就可以真正唯一地识别它们。
Also note : Wifi can give you a static Ip address inside the network in which the device is connected bu not on the Internet. 另请注意:Wifi可以在网络内部为您提供静态IP地址,设备连接的网络不在Internet上。 The external(public) ip you can retrieve is the one of your router. 您可以检索的外部(公共)IP是您的路由器之一。 Most of the time and with most internet providers, if the connection fails for some reason, the router will have a new ip affected to it. 大多数时候和大多数互联网提供商一样,如果由于某种原因连接失败,路由器将有一个新的IP受其影响。 Beside if two persons are using the same router to connect to your webservice, they will have the same public ip address. 除非两个人使用相同的路由器连接到您的Web服务,否则它们将具有相同的公共IP地址。
EDIT : The usual way of being more secure is the one used by most websites : The UID used to authenticate a user is generated by the web server(and not the app) on the first request/authentication of a session. 编辑 :更安全的常用方法是大多数网站使用的方法:用于验证用户的UID是由Web服务器(而不是应用程序)在会话的第一次请求/验证时生成的。 This UID is passed from the webserver to the app that then resend it with every requests. 此UID从Web服务器传递到应用程序,然后随每次请求重新发送。 This limits "session stealing" to the duration of the session. 这将“会话窃取”限制为会话持续时间。 Request that do not send a UID or a UID that does not exists in the database are illegitimate. 不发送数据库中不存在的UID或UID的请求是非法的。
EDIT 2 : The OP added in the comment below that what he really wants is limits the number of requests made by a single user in a certain time. 编辑2 :OP在下面的评论中添加了他真正想要的是限制单个用户在特定时间内发出的请求数量。 Pratically, this means uniquely identifying a device. 实际上,这意味着唯一地识别设备。 One way to do this is to compute a UID on the device at first launch and store it on the device. 一种方法是首次启动时在设备上计算UID并将其存储在设备上。 Then send this UID to the webservice with each request. 然后使用每个请求将此UID发送到Web服务。 The webservice will be responsible to limit the number of hits by a specific UID. Web服务将负责限制特定UID的命中数。
Note : Be careful of how you generate the UID. 注意:请注意如何生成UID。 Android as a Android_ID but it is known to be null sometimes and to change over time. Android作为Android_ID,但有时会被称为null并随着时间的推移而变化。 This guy seems to have found a not to easily spoofable Device UID : 这家伙似乎找到了一个不容易欺骗的设备UID :
解决方案2
0 2011-06-20 10:07:01
You should be able to use the device id: http://developer.android.com/reference/android/telephony/TelephonyManager.html#getDeviceId () 您应该能够使用设备ID: http : //developer.android.com/reference/android/telephony/TelephonyManager.html#getDeviceId ()
Edit: Or create an UUID the first time the app launches, more suggestions and information here: http://android-developers.blogspot.com/2011/03/identifying-app-installations.html 编辑:或者在应用首次启动时创建UUID,此处提供更多建议和信息: http : //android-developers.blogspot.com/2011/03/identifying-app-installations.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.