Hi Andreas,
I think I understand what you are asking here. I can see there would be a desire to limit which machines could login to an application like Jira. However I don't think this can be done in the Jira Application level. And I'll try to explain why.
Right now, Jira does show user sessions, you can see this in Jira Server if you are a system admin by going to the Cog Icon -> System -> User sessions or /secure/admin/CurrentUsersList.jspa
This lists seesion Id, username, protocol, IP address, etc. But it doesn't list the MAC address. This isn't something that a Java application like Jira will try to lookup for the connections it receives. I thought perhaps someone might want to try to write a plugin to do that, but from reading other posts like https://stackoverflow.com/questions/839973/how-to-get-a-clients-mac-address-from-httpservlet
The answer listed there by user atom255 explains why this is problematic in most environment:
You're probably not going to get what you want. (the client's MAC address)
If the server is close enough (directly connected via hub or maybe a switch) you can ARP for the MAC Address. If you do this for an IP across the Internet you're probably going to get the inside interface of the closest Router or Switch.
Because of the way TCP/IP works the MAC address used in the 'frame' will get ripped off and re-assembled each at each hop the information takes between the server and the host.
So it doesn't look promising given this approach. Perhaps other related questions like https://community.atlassian.com/t5/Jira-questions/Restrict-login-based-on-IP-address/qaq-p/115250 might help? I know it's not the same thing you were asking, but there is a discussion there about ways to restrict specific IP addresses from reaching your Jira site at all, either via iptables, or by the proxy configuration.
I hope this helps.
Andy
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.