How do I get unique incoming request IP address

Question

There are four people who are sharing a same wifi connection, according to below definition there IP must be unique.
An IP address is a numerical label assigned to each device participating in a computer network that uses the Internet Protocol for communication.

Q1. IS IT SO OR NOT?

For uniquely identifying them I tried:

request.remoteAddress

But I get same IP for those all four person.

Q2.HOW UNIQUELY IDENTIFY THEM?(should I say them to pass some token like thing to identify them uniquely? but I will prefer unique IP)

Answer 1

The correct phrasing is that they all 4 are behinds a NAT firewall -- that is;

• They all have unique IP addresses on their internal network (like 192.168.xx or other internal IP address) see http://en.wikipedia.org/wiki/Private_network and RFC1918 for details.
• They are connecting to the public internet though a firewall/gateway which does network address translation (see http://en.wikipedia.org/wiki/Network_address_translation for details).

This is the common way for most home/office networks to connect to the internet, for two reasons -- it require much fewer public internet addresses, and it also makes the network more secure as avoiding public addresses for internal resources means that there is less likelyhood for that you fail to configure you firewalls correctly.

The downside is that IP addresses are by no means a unique ID for the users -- that is what Cookies are for.

Answer 2

It may be that these 4 persons are connected from the same network. In this case the ip address will be seen as the same ip address for the external networks.

Answer 3

Requests sent from a router to a server outside that local network will all have the same IP address. This is one reason session ids are useful. If you need an identifier that MUST be unique for each user even if they are underneath the same local network you will need to use session variables.

Consider looking at this post Where is session.id in Play 2.0?

Essentially create your unique ID. (Code taken from referenced SO post)

// Generate a unique id
String uuid=session("uuid");
if(uuid==null) {
    uuid=java.util.UUID.randomUUID().toString();
    session("uuid", uuid);
}

Answer 4

All the 4 users are accessing using the same internet line. Thus the Public IPAddress of all of them will be same. If you have a native application, then on first request that you make to your server, send the device ID with the request. Device ID combined with IP Address should be fairly unique, unless the device ID on all the devices are same (very rare). Another solution can be that you generate a unique Id (JSessionID when session is created on server can be used) on the first request to the server and send it in response. Then pass the unique Id on all subsequent request.

If you are using web browser of the mobile, then you can create session (JsessionId cookie will be generated by server). Mobile browser will take care of sending the jsessionid cookie with each request.

Answer 5

I am afraid there is no easy way to identify users since they can always modify the data they send you. That is why almost all the web services require log in (their own system or Facebook, Google, etc.). The problem, however, is, if someone registers enough accounts they can keep requesting you all the time. To avoid this problem, you may want to introduce Captcha verification every so often even after registration.

Also, not every user has static IP meaning they can change IP every time they get blocked (if you do block by IP, if I understand the question correctly).

Answer 6

They all have unique IP addresses on their internal network (like 192.168.xx or other internal IP address) see http://en.wikipedia.org/wiki/Private_network and RFC1918 for details. They are connecting to the public internet though a firewall/gateway which does network address translation (see http://en.wikipedia.org/wiki/Network_address_translation for details).