Web Apps

Oct 22, 2010 at 10:38 PM


Is this suitable for web applications? And when I mean this I think also to a way for binding the web app with the URL / domain name.

Oct 22, 2010 at 11:25 PM

Not sure if I understand the question.

In a Web application you usually login and the server knows the rights of the logged user.

This solution is design for Windows apps where the software provider don't have control of the copies of the software.


Oct 23, 2010 at 12:50 AM
Edited Oct 23, 2010 at 12:51 AM

A couple of things.

First, all applications could be considered web applications, since they can have access to the internet, and grab information from the server.  From that perspective, I'm not sure you answered his question.

Secondly, the software vendor has no control over applications based on Silverlight/WPF or even AJAX.  Activation is different from authorization, and what I think he's saying is that even before you authorize, possibly a number of users, you want the entire use of the web app to be activated.

I hope I explained that clearly, and await your answer.

Oct 23, 2010 at 5:03 AM

If we are talking about activating the whole Web Application, as a product that is installed in a server, I believe it should be possible with a few changes.

During the activation process, the current release checks for machine identifiers like mac-address or computer name (which in this scenario is not the more recommended), but it can be changed providing a custom “machine identifier” to look for the domain name or requesting url.

In the source code see the Activatar.Test project for a mock implementation of a custom IMachineIdentifierProvider. A custom IMachineIdentifierProvider can be easily implemented to check for the computer’s domain name or the url request. Note that different IMachineIdentifierProvider can be used to check the validation of the Product License.

The Product License validation can be executed in the Application_BeginRequest() method of the Global.asax or an HttpModule can be implemented. Wherever is implemented, it is important to note the performance implications if a new validation is performed in every request, so the ProductLicense object should be cached.

Maybe there are other implications I’m missing. I’ll be glad to know about them.

Hope this answer the question.


Oct 24, 2010 at 8:38 PM

Hi @all

First i think that I have to explain what I consider to be an web application in this context: an application that is executed in an web-browser environment.

For my scenario is not very important the end user at the client side. All that cares for me is on server-side. Let supose that I develop a number of similar (but not identical) apps for the customer. What I want to control is that the application 3 (for example) is not used with the required changes as an application 4. If the customer need an application form, after I deploy it to him I think to bind the app to his URL: http://www.customer-domain-name.com/application-number-4/

Is something similar with the Telerik's Sitefinity or Kentiko aproach: every usage of their CMS require a license key binded to the URL of the instance of the usage.

So one more time, I'm not interested about final user computer, but about customer server.

Oct 25, 2010 at 12:49 PM

In my last answer I wasn't talking about the end client user either. I was talking about activating the server application.

In you scenario, let’s say you deploy your web app in the customers' server with features A, B, C and D implemented, though the customer only paid for B and C.

Since the web app is not activated, the administrator of the web site needs to activate it accessing an activation page you provide inside the web application. For instance:


The administrator will enter the product key you provided them (i.e. via e-mail) that will activate only features B and C. This is because the product key has information of the features that will be enabled.

During the activation process, a hash of the domain/site will be sent to your activation server, and it will sent back a license valid only for servers in that domain.

After that, whenever somebody access the web application, only features C and D will be available, because your application can check the enabled features from the ProductLicenseInfo.