Smart Card application with EJB?

Hallo
I have the following problem:
I have to write an application which should be accessible from the internet. The whole application has to be on the server. Every user who wants to get access to the application has to insert a smartcard into the Reader who is installed on his local system. The application has to read some information (username or password for example) from the card and to prove if the user is allowed to start the Application.
Does anybody has an idea how to realize this? Is it possible to realize this with EJB or do i have to use an other technology?
Thanks for your answers

Well i did not use the java smart card technology. I used the Java native interface to implement the classes who have to read from the card. I got an api dll from the producer of the smart card. So i used the Java native interface to realize the logic of the smartcard application. This part of my programm is written in c++. The problem is that the whole programm is on a server but for getting access to the smartcard reader the dll s (the api dll from the producer and my dll for the jni) have to been installed on every client......
You said that i have to write a swing client who picks the information from the smartcard and sends it afterwards to the enterprise system. Is there no other possibility to solve this problem without writing a swing client ?

Similar Messages

  • What does it take to build smart card applications?

    Just out of interest I was wondering what does it take to build smart card applications:
    - Can I do it at home with my PC or do I have to have access to expensive hardware?
    - How difficult is it to master given that I do it on my own with no help. Does it involve a lot of hardware issues?
    - If hardware is required (a smart card and a cable connection), where do I get it and how much does it cost?

    Let me rephrase my question.
    I understand that the deployment process may not be so easy. That does not disturb me.
    I just want to know whether I'll experience hardware probelms. If reading/writing to the card involves putting it inside and taking it outside from the device just like a floppy disk without any complications, then I don't have any worries.
    By the way, does the reader device is used for both reading AND writing?

  • CAC or smart card use with Oracle database and web server

    I've been asked to smart card (CAC) enable our Oracle web server and database access. We currently use CAC to access many of our other applications.
    Where can I find the following information
    Oracle software required (and is it an additional cost)
    How to integrate Oracle App server (web server) with CAC.
    How would I need to change the database users accounts to be CAC enabled rather than database users accounts.
    Thanks
    steven jackson
    [email protected]
    614-692-9768

    Virtualisation is not certified for Oracle RAC on Windows.
    +Certified Software on Oracle VM [ID 464754.1]+ note states:
    Oracle Real Application Clusters (RAC)
        Oracle 10.2.0.4 and up (10gR2) and 11.1.0.7 and up (11gR1) and 11gR2 RAC for Linux x86 and Linux x86_64 certified on Oracle VM
            Guest OS: Oracle Linux 5.1 (and above) RHEL 5.1 (and above) for Linux x86 / Linux x86_64
            Paravirtualized (PV) mode only (Guest OS and drivers)
            Only supported on Oracle VM 2.1.2 and above
            Live-migration of an Oracle RAC VM is supported with Oracle VM 2.2.1 and above.
            Previous versions are not supported. Please refer to this link for best practices.
            Over-committing CPUs is not recommended, but supported with the following restrictions:
                The total amount of VCPUs allocated to guest domains (running Oracle RAC guests), should not exceed
                two times (2x) the amount of real CPUs / cores in the Oracle VM server.
                The amount of VCPUs allocated to a single guest domain should not exceed the amount of real CPUs /
                cores in the Oracle VM server.
                Maintain Oracle VMs default VCPU allocation for dom-0: Oracle VM will allocate 1 VCPU for each real CPU or core to dom-0.
                CPU pinning is only recommended for hard partitioning. If no hard partitioning is required, CPU pinning should not be used.
            Static support only (dynamic support is being planned):
                Dynamic resizing of guest virtual machine is not supported (VCPU, memory and I/O)
                Virtual Machine Pause/Restore of an active Real Application Cluster virtual machine is not supported.

  • Smart Cards slow with Sun Ray Windows Connector

    I'm succesfully using smart cards to log on to Windows 2003. But the problem is that it's very slow!
    If i enter a wrong pin code, its fairly quick to respond with an error but when entering the right one it takes like 13-15 seconds to log on. The smart card slot on Sun Ray 2 is flashing all that time, so it seems like it's reading the certificate takes that long?
    Any ideas how to make it quicker?

    I have done the same setup with SunRay 170.
    Approx the same delay is experienced with my setup.
    When I meet my Card Vendor next time around I will ask about
    how many times the CERT is read.
    The Sunray 2 is faster , alot faster than sunray 170 so the delay
    must be the speed that card transactions can be performed.
    //lars

  • Smart card logon with third party CA combined with ADFS to Office 365

    Greetings,
    I've been trying figure out how to implement ADFS to Office 365 in MS cloud in our environment, with little luck. I have a working 2012 domain and we are already using smart card logon on Windows 7/8 workstations. Certificates on smart cards are issued by
    3rd party CA. This far every thing is fine and working, necessary root certificates are added to trusted Trusted Root Certification Authorities, UPN suffixes and users' UPNs are set according to UPN on the certificates and users successfully log on to
    workstations with smart cards.
    Now I face the requirement to enable SSOto Office 365 with accounts from our AD. I've been told by our MS partner and Dr. Google that in order to do that user account name (upn) in AD and in O365 need to match. Now the fact that account UPN in our AD is
    not usable in O365 (because it is set to match 3rd party certificate UPN) and I have not found a way to enable smart card log on without changing UPN in AD. 
    Does anyone has experience of such a configuration? Is it possible to use AD federation to O365 at all in our case?
    Best regards, and thanks in advance
    Timo

    On Fri, 25 Apr 2014 09:27:05 +0000, Timo Kallioniemi wrote:
    Now I face the requirement to enable SSOto Office 365 with accounts from our AD. I've been told by our MS partner and Dr. Google that in order to do that user account name (upn) in AD and in O365 need to match. Now the fact that account UPN in our AD
    is not usable in O365 (because it is set to match 3rd party certificate UPN) and I have not found a way to enable smart card log on without changing UPN in AD. 
    Does anyone has experience of such a configuration? Is it possible to use AD federation to O365 at all in our case?
    This is not a general Windows server security issue. You should post your
    question in an O365 support forum.
    http://community.office365.com/en-us/f/default.aspx
    Paul Adare - FIM CM MVP
    Technology is dominated by two types of people: Those who understand
    what they do not manage. Those who manage what they do not understand.
    -- Putt's Law

  • Unable to pair BB Smart Card Reader with Pc/Laptop

    Hi, I have 2 new BB smart card readers (SCR) and Im trying to pair with the PC and I can not. The SCR software can not detect the SCR. I put the ID of the device on the software and is trying to looking for it but can not. It says "Unable to connect to the specified Blackberry smart card reader". I have another SCR and I don't have problems to pair with the computer only with the new ones. The SCR have the last OS. Do you know what could be the problem? I think is a bug of the new SCR.

    mzamora wrote:
    Andy, may be nothing so where can I post it? Is there a general discussion?
    Hello,
    if I were you, I'd post in the "General Blackberry Smartphone Functions and Features" forum.
    The search box on top-right of this page is your true friend, and the public Knowledge Base too:

  • Simulation of Smart Card Application

    Hi ppl,
    Sorry I have some stupid questions again. It's just after I've read some books but still I'm a little confused about some concepts, I really hope you guys can help me out.
    First, in order to simulate the smart card operation. What exactly is needed to implement? I thought it was just the card and the reader, I mean just two programs, one for card and one for reader, talking ato each other. But after I've read some books, some said it involes three entities, the host, that is the application, the terminal, usually the reader, and the card. So I wanna know how many entities are involved actually.
    All along I thought it was just two entities, the card and reader communicating using ISO7816-4 commands. But now I saw some books saying the 3 parties version. So is it they're actually talking about different scenarios? If a reader has CPU power then it can generate commands to the card and so there're only two parties. But if the reader is simply a device as an interface for converting the programmed commands into electronic signals for transmission, then 3 entities are needed. Is that the case? Well, this is just my wild guess. So what do you guys think?
    Thanz!!
    Franky

    So you mean that middle ware is actually at the transport level? So yes when I go to the ATM, the prompt that I got is an application that asks me for PIN and so the card is acting on behalf of me and the reader is acting on behalf of the card company? Did I get it right?
    And one more thing, so in the ATM scenario, is it assumed that we trust the machine? Bcoz we have to key in the PIN, so if it is compromised, it is a security problem. Or is it bcoz there is already a mutual authentication carried out between the card and the reader so if the I am asked for the PIN, I can trust my card for authenticaing the machine.
    And o...last question, more low level, how do the card determine is it is a ATR packet or transmission has already started? I mean how does the card know if it is still negotiating the transmission protocol(T=0 or T=1)or one of the transmission protocols is already in use?
    Thanz very much !!
    Franky

  • Smart Card Problem with AnyConnect over RDP

    Hello,
    For ASA 5545, v-8.6(1)2 and AnyConnect v-3.1.0165, I'm trying to start an AnyConnect client tunnel on a remote RDP (both ends Windows 7) machine and am having problems. The RDP is configured to proxy smart card devices which generally works fine. I'm using current SafeNet eToken with current client software. When I start AnyConnect from client machines (no RDP), the tunnel opens with no problem using the smart card. When I try to start the tunnel on the remote machine via RDP, I'm prompted for cert selection and smart card PIN, but get a popup from AnyConnect: 'VPN connection terminated, smart card removed from reader'. When I try to start the tunnel via RDP but use the ASA web server to start, the tunnel starts up fine with the smart card.
    For the problem condition, the Windows event log on the remote RDP machine shows 3 entires (see below) wrt acvpnagent show smart card removal errors but the USB device is always inserted. Also, in investigating, I changed the client profile 'server list' config to SSL instead of IPSec. Same failure but the popup does not show.
    VPN connection terminated, Smartcard removed from reader.
    Description: VPNMGR_ERROR_SMARTCARD_REMOVED:A smartcard required for the connection has been removed
    Thanks in advance for any assistance.
    Mike

    This can be resolved by going to services and disabling Smart card

  • PIV II Contactless Smart Card Support with Blackberry 10 Devices?

    I've seen documents describing NFC smart card support and ISO 14443 compliance in Blackberry 10 software and devices, but this doesn't really make it clear... Does the NFC support in BlackBerry 10 devices allow it to use certificates on a PIV II contactless smart card (which follows ISO 14443) for signing and encryption of e-mail? (without needing the separate Bluetooth-connected BlackBerry smart card reader)

    OK, undestood, I am neither of those. Just a user.
    POP email does not push instantly. I will tell you what another user here commented in another thread... any business now a days that is still on POP email is somewhat like using candles to light your offices. You need to be on IMAP.
    Perhaps you can check and see what it would take to convert. In most cases, it should be simple.
    And if you do, ASK if that IMAP has PUSH enabled.
    Or in naval terms... like sticking with a sail as the lastest technology when steam propulsion is available.
    1. If any post helps you please click the below the post(s) that helped you.
    2. Please resolve your thread by marking the post "Solution?" which solved it for you!
    3. Install free BlackBerry Protect today for backups of contacts and data.
    4. Guide to Unlocking your BlackBerry & Unlock Codes
    Join our BBM Channels (Beta)
    BlackBerry Support Forums Channel
    PIN: C0001B7B4   Display/Scan Bar Code
    Knowledge Base Updates
    PIN: C0005A9AA   Display/Scan Bar Code

  • How to Smart Card integrated with database ..im beginner

    Dear,
    im beginner for Technologies Smart Card.. I have ACOS2 and reader ACR30D ..I hope u can helping me..please my question?
    1. How to java or Visul Basic integrated and presenting data on file in card (like name, address, phone number, ..etc)?
    2. Please give me sample project in Visual Basic..?
    its just for finnal test me.
    Thanks for all
    Best Reagard,
    [email protected]

    hello,
    Check the section titled Reference Implementation on this page out.
    http://www.opencard.org/index-downloads.shtml
    Also if you really need codes in VB, this guys have stuff like that
    http://www.motechno.com/x509-sdk.0.html
    Tha development kit MAY be all you need
    All the best,

  • J2me application with ejb

    Hi,
    i wish to access an ejb from my j2me application.
    Can I create stub for that ejb and use it with my application?
    or
    shall I use a servlet for the access of EJB ?
    I need a value to be returned from a function in my ejb. If i am using servlet then, i should return any xml file which contains the value returned from ejb function. this xml file should be sent to the client.
    Please help me.
    Thanks in advance

    If EJB like RIM? I'd guess not, you would have to have a HTTP/servlet go between.

  • How to Compile and run Smart Card Application

    hi
    any one can help me reagrding Javacard API. i download the JavaCard Development Kit from sun and install on my machine but i didn't get all java files and class files of JavaCard API. where i obtain those files so my application get compile and run.
    pls help me i m new in this technology.
    Thanks in Advance.

    My program Test.java in F:\Tomcat5\webapps\Ambika\WEB-INF\Classes. I compiled in the format below. I got like this. What should I do for this? But yesterday I compiled like this only, It compiled and the folder com\cert\Test.class is created. Today again I compiled the pgm after deleting the already created folder 'com\cert', I got the error like this.
    I've given my pgm and the thing I've got when I compiled it.
    Test.java
    package com.cert;
    public class Test
         public void display()
              System.out.println("Hai");
    F:\Tomcat5\webapps\Ambika\WEB-INF\Classes>javac -d F:\Tomcat5\webapps\Ambika\WEB-INF\Classes\Test.java
    javac: no source files
    Usage: javac <options> <source files>
    where possible options include:
    -g Generate all debugging info
    -g:none Generate no debugging info
    -g:{lines,vars,source} Generate only some debugging info
    -nowarn Generate no warnings
    -verbose Output messages about what the compiler is doing
    -deprecation Output source locations where deprecated APIs are u
    sed
    -classpath <path> Specify where to find user class files
    -cp <path> Specify where to find user class files
    -sourcepath <path> Specify where to find input source files
    -bootclasspath <path> Override location of bootstrap class files
    -extdirs <dirs> Override location of installed extensions
    -endorseddirs <dirs> Override location of endorsed standards path
    -d <directory> Specify where to place generated class files
    -encoding <encoding> Specify character encoding used by source files
    -source <release> Provide source compatibility with specified release
    -target <release> Generate class files for specific VM version
    -version Version information
    -help Print a synopsis of standard options
    -X Print a synopsis of nonstandard options
    -J<flag> Pass <flag> directly to the runtime system
    F:\Tomcat5\webapps\Ambika\WEB-INF\Classes>
    Plz help me.
    thanks in advance
    Ambika

  • Reading smart card contents with ActiveX

    Hi
    Dear All,
    I have a java card and i write a simple calculator in it by using jcop. Now i want to execute these functions by a activeX control. I tried to see in google but could not find my solution. So plz do help me out that from where i should start and what are the actual steps of doing it ?
    thank u !!

    Sir you are right that it is java card forum, but i think my thread is somehow related to the java card as i am using java card on the other hand. Being a Java forum, if you were using Java to communicate with the card it would be more relevant :)
    Sir plz can u suggest me any web link or book where i can get required material...Some reading material from the Microsoft site:
    http://technet.microsoft.com/en-us/library/bb742533.aspx
    http://msdn.microsoft.com/EN-US/library/aa374731.aspx#smart_card_functions
    You may also find ISO7816-4 useful.
    Cheers,
    Shane

  • Can't Sync Smart Card Reader with D830

    I can see the SCR through the laptop bluetooth software and can connect that way.  But when I try to click connect on the "BlackBerry Smard Card Reader Options" I get the message:
    No Local Connectable Bluetooth Radio Found

    Hi,
    Please delete all configuration in the second RD Gateway and you can manually re-configure the second RD Gateway, whether the same issue still exists?
    Please apply these KBs to your target servers and clients.
    The Security event that has Event ID 4625 does not contain the user account name on a computer that is running Windows Vista, Windows Server 2008, Windows 7, or Windows Server 2008 R2
    http://support.microsoft.com/kb/2157973
    A Windows Server 2008 R2-based Remote Desktop server denies some connection requests randomly under heavy logon or logoff conditions
    http://support.microsoft.com/kb/979530
    Technology changes life……

  • Problem with CertificateRequest when using a smart card

    Hello,
    I have used the ssl debug statement to determine that ssl server is sending a CertificateRequest and a list of CAs. The smart card is opened via a password and I think X509KeyManagerImpl compares the Issuer of the smart card certificates with the server sent CAs. However since the issuer is an intermediate CA and only the root CA is in this list, the smartcard certificates are rejected. I CAN'T have the intermediate CA place in the ssl server list.
    Using SSLConnect (KeyManager, X509TrustManager, null). The KeyManager is using NSS and the TrustManager is using opensc-pkcs11 via SunPKCS11. The OS is Linux, kernel 2.6.35.10-74.fc14.i686.
    The intermediate CA is in the local cert store.
    The application being used is DavMail.
    Am I correct in stating that the the smart card certificates are checked against the server sent CAs?
    Does anyone know how to get Java to use he local cert store to find the intermediate CA and then verify it against the Root CA in the server sent list?

    Placed in wrong forum. Moved it to Security Java Secure Socket Extension (JSSE)

Maybe you are looking for