Smart Card Winlogon using Java

Similar Messages

• Smart Card Problem in Java with server

  Hi everybody.I use smart card authentication to sign my web application which was deployed in apache tomcat and I use servlet & jsp fro developing this web application.When deploy application on local machine there is no problem.
      public String getInfo(String password) {
          String certInfo = "";
          try {
              String configName = "C:/smartcards/config/pkcs11.cfg";
              String PIN = password;
              Provider p = new sun.security.pkcs11.SunPKCS11(configName);
              Security.addProvider(p);
              ((SunPKCS11) p).logout();
              KeyStore keyStore = KeyStore.getInstance("PKCS11");
              char[] pin = PIN.toCharArray();
              keyStore.load(null, pin);
              Enumeration aliasesEnum = keyStore.aliases();
              String alias = (String) aliasesEnum.nextElement();
              X509Certificate cert = (X509Certificate) keyStore.getCertificate(alias);
              certInfo += cert.toString();
          } catch (Exception e) {
              System.out.println(e.getMessage());
          return certInfo;
  The preceding method return String which was stored in smart card when I pass password of smart card.If password wrong load failed.
  Then I deployed this web app in the server.When I run this app everything is ok when I also remote desktop connected to server.When I close RDP I get Token has been removed exception on web server.How can I solve this problem.I want to also sign to app without remote desktop connection.

  Use PreparedStatement and SimpleDateFormat classes
  http://onesearch.sun.com/search/onesearch/index.jsp?qt=%2BPreparedStatement+%2BSimpleDateFormat+&qp=siteforumid%3Ajava48&chooseCat=allJava&col=developer-forums&site=dev

• How access to Smart Card Readers using Labview?

  I´am trying access to Smart Card Readers by Labview, but I have problems.
  I want to read SIM card GSM using Labview.!
  The file winscard.dll has the functions to access, but I dont have skill with "Using External codes in LabView".
  In MSDN library there is the specification about the functions for winscard.dll
  http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthn/security/smart_card_authentication.asp
  When you install a driver for some smart card reader you access to it by winscard.dll.
  Att. Enrique

  Finally I can acces to the smart card readers (PC/SC) with Labview,   this is the first part where I can establish the context and realease it, and  I can get the first  name of my list of PC/SC readers that I have connected to my computer.
  I was wearing the "Call Library Function"  for  winscard.dll
  For  Establish the context you need :
      function name :  SCardEstablishContext
  Calling conventions :  stdcall (WINAPI)
  function prototype :    long SCardEstablishContext(long SCARD_SCOPE_USER, long NULL1, long NULL2, unsigned long *hContextHandle);
  function name : SCardReleaseContext
  Calling conventions :  stdcall (WINAPI)
  function prototype :  void SCardReleaseContext(unsigned long hContextHandle);

• Credit Card Validatoin Using Java

  Hi
  I am working in a Java based web application which uses EJB, JSP, technologies. I am totally novice developer in credit card validation whch the system I am working on requires. So please help me how to go with. May be we must support all the possible credit cards. I am designing the system. I will be thankful if someone can help me out in this.
  Thanks in advance

  hi,
  try going through the posts in the following Thread at javaranch. it should help..
  http://www.javaranch.com/ubb/Forum32/HTML/000795.html
  the page explains the checksum algorithm, i suppose there is another algorithm, "the luhn's algorithm" that you could use to do credit card validation..
  cheerz
  ynkrish

• Does Java Card 2 API support all the smart card?

  Does Java Card 2 API support all the smart card? I guess all the java cards are smart card but all the smart card are not java card. so Java card 2 API supports only java card. It does not support all the smart card. Please somebody let me know wheather I am correct or not. Because I want to make an application which supports all the smart card. I am confuse wheather I have to use JavaCard API or OCF or any other framework/API. Please help me. Thanks

  I am clear with java card.
  But I want to make an application which can verify the PIN inside card and read logon certificate, which is saved inside card. Is there any framework which I can use to full fill my simple requiremnt. I dont want to deal with any applet inside card.

• How to use Smart Card API's (OCF) in Web Application

  Hi frnds,
  For our new smart card based project, i have few queries,
  1. Can we choose web based application for smart card based projects?
  2. How servlet will communicate with opencard CTListener class?
  3. While the card insertion and remove how the event will be reflet the servlet?
  4. For that is it needed to design the client UI by using Swing?
  5. Without Swing will servlet give all solution for smart card connection and events?
  Rgrds,
  dhaya.

  I am also looking for smart card Authentication using web. Any info really appreciated

• The use only smart cards for several hundred users

  How can I assign soon as possible,
  use only the smart card for
  a few hundred users? I also have
  a group of people who would like to allow the use of
  a login and password, and smart card.
  Using GPO to the computer,
  will be applied to the station, and I would just like
  to the user. I know that
  the card user can select
  to use a smart card, but
  how to do it automatically for a group of people
  (several hunderd)?

  I would use LDAP query via GUI tools (like AD Administrative Console) or console tools (Active Directory PowerShell module) get target users by using some filter and enable smart card checkboxes. GPO cannot be used to make changes in AD.
  My weblog: en-us.sysadmins.lv
  PowerShell PKI Module: pspki.codeplex.com
  PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
  Check out new: SSL Certificate Verifier
  Check out new:
  PowerShell FCIV tool.

• Simulation of smart card

  Hi ppl,
  I'm a student working on a project of simulation of smart card. It involes no hardware at all so the physical layer transmission is ignored. I'm gonna implement the smart card operation using two programmes "card.c" and "reader.c" in the same computer. Yes, it's C not java, but the idea is the same. I just wanna ask is that the programmes r about the same? I mean what exactly should the reader.c and the card.c do? Is it the reader.c simply sends out commands and then the card.c listens and waits for the commands like the client of a client-server scenario? And then once the card.c receives commands, it extracts the useful data according to the ISO17816-4 and then sends back response and the reader.c again provess the data recoived and sends another commands. And the transmission goes on, is it like that?
  Plz give me some hits on these. Desperate for some help really.
  Thanz sooo much ppl!!
  Franky

  Here's what I'm gonna do in the programs.
  At the very first, the reader sends a reset RST to teh card and waits for repsonse. The card then responses with answer to reset ATR, this gives all the communications protocol used afterwards, so the card will choose like T=1.
  And then the reader sends the GET CHALLENGE command to the card asking for a random number e.g. A and response from the card gives the challenge A to reader.
  Reader then sends the encrypted challenge [A] with the EXTERNAL AUTHENTICATE command to card, the card replies with a YES or NO indicating if the challenges match.
  Reader sends its challenge B with command INTERNAL AUTHENTICATE, card replies with encrypted challenge .
  This finishes the challenge-response operation for mutual authentication. I read from books that the key used to encrypt and decrypt the challenge is the master key. But I have no clue how both entities can get hold of the key beforehand. Maybe there's sth like PKI for that.
  And then, should there be a verification by using the PIN? So after this verification, the real data and message exchange should occur rite? And I read from books that some cards require every access to the card to have a PIN verification. Well, I think that's almost it for the security part. And I'll have to find some source on how to make a read application of the smart card, like a payment card or identification card. I think one of the most popular standards for payment card is EMV, and I dunno much for the identification card.

• How to configure smart card login in sunray 2fs??

  Hi all,
  Please help me to configure smart card login using Sun Ray Server Software 4.0... How to assign a smart card for a particular user? Do I need to flash th smart card for user information or any other method exists?

  I'm not sure what you know or don't know about this so I'll give you what I know:
  1. Create a token reader and a token
  * Plugin a Sun Ray DTU/client
  * Check the MAC address of the Sun Ray you just plugged in
  * Access the Sun Ray admin GUI
  * Choose the 'Desktop Units' tab
  * See if your Sun Ray DTU is listed (if it isn't listed you have Sun Ray Server configuration issues...)
  * If it is listed click the identifier
  * Check the status of the DTU to see if this particular unit is already a token reader (normally it is not, i.e. by default a Sun Ray DTU is not)
  * Click 'Edit'
  * Check 'Token Reader'
  * Click 'OK'
  * /opt/SUNWut/sbin/utrestart (I'm not sure if a warm restart is OK or a hard restart is necessary)
  Now insert a shiny new Java card into your token reader's slot
  * In the Sun Ray admin GUI choose the 'Tokens' tab
  * Search for currently used tokens
  * You should see a token identifier such as 'Payflex.blah' under your desktop unit (i.e. the token reader)
  * Click the token identifier and click 'Edit'
  * Assign a username (i.e. Unix username) to the token under 'Owner'
  * Click 'OK' and remove the smart card from the token reader
  2. Assign the Token
  * Insert your smart card from step 1 into the token reader
  * In the Sun Ray GUI click 'Tokens' and 'New'
  * Under 'Identifier' you should see 'Read Identifier from Token Reader' checked
  * Click 'Read Token'
  * Assign an owner (i.e. Unix user account) and a session type (Kiosk or Regular)
  * Click 'OK'
  Item 2 from the notes I used for this looks alot like item 1 so I can't say that it is strictly necessary.
  I don't have a Sun Ray Server accessible to me at the moment to confirm but this procedure should help I hope.

• Controlling Access to OS with Smart Card

  Does any one know if there is a program built within OS X (Tiger) or either a third party program that will allow a machine running Tiger to be set up to only be accessed when using a "Smart Card" (similar to the system used on a lot of government machines)?
  Also, where would a person obtain the Smart Card to use with the program. Thanks!!!

  You might look into a hardware product called "SecuriKey":
  http://www.securikey.com/mac_security.html
  =
  There was a MacWorld review a few years ago of what might have been an earlier version:
  http://www.macworld.com/article/42927/2005/02/securikey.html

• Accessing to Smart Card Readers PC/SC with Labview

  Accessing to Smart Card Readers using Labview 
  This program is an example that how access to Smart Card Readers (PC/SC) to get some information about a SIM Card, this program is not debuged yet and have some issues.
  The point is wear the  winscard.dll where  all the function to access to this PC/SC readers are defined, I don´t have enought skills as programmer, but I think that it could be help somebody to develope
  applications with Labview and SIM cards (GSM, USIM, etc..)
  Regards
  Attachments:
  GETTING_ATR_FROM_SIM_CARD_GSM.vi ‏118 KB

  Hello!
  Let me first understand your question,  Do you want to know wich of 22 DLL´s, that you have, can you use to sent an AT command to retrive the MSISDN on SIM Card?
  If you answer is yes, you should be identify all the functions in your dll and found wich of them ara used to sent AT commands like SMS send, SMS retrive, etc.., the same structure of this commands you can use to send another AT Command.
  The number should be record on the SIM Card.
  AT+CNUM Subscriber Number
  Description:
  This command returns the MSISDNs related to the subscriber (this information can be
  stored in the SIM or in the ME). If subscriber has different MSISDN for different services,
  each MSISDN is returned in a separate line.
  Test if the command
  is supported
  AT+CNUM=?
  Best Regards.
  Enrique Ramos
  Telcel Mexico

• Can  i use SLE4428 smart card with java card developmentkit 2.1.2

  Can i use SLE4428 smart card with java card developmentkit 2.1.2
  plz reply

  No. SLE4428 is memory card and not Java Card.

• Problem with CertificateRequest when using a smart card

  Hello,
  I have used the ssl debug statement to determine that ssl server is sending a CertificateRequest and a list of CAs. The smart card is opened via a password and I think X509KeyManagerImpl compares the Issuer of the smart card certificates with the server sent CAs. However since the issuer is an intermediate CA and only the root CA is in this list, the smartcard certificates are rejected. I CAN'T have the intermediate CA place in the ssl server list.
  Using SSLConnect (KeyManager, X509TrustManager, null). The KeyManager is using NSS and the TrustManager is using opensc-pkcs11 via SunPKCS11. The OS is Linux, kernel 2.6.35.10-74.fc14.i686.
  The intermediate CA is in the local cert store.
  The application being used is DavMail.
  Am I correct in stating that the the smart card certificates are checked against the server sent CAs?
  Does anyone know how to get Java to use he local cert store to find the intermediate CA and then verify it against the Root CA in the server sent list?

  Placed in wrong forum. Moved it to Security Java Secure Socket Extension (JSSE)

• Error while Accessing Smart Card using Open Card Frame Work

  HI
  Using Open Card Frame work I am trying to access GemAlto provided Smart Card (java card). I downloaded the Open Card Frame work from “http://www.openscdp.org/ocf/download.html”.
  I am executing a basic program to access the data stored in smart card.
  public static void main(String[] args)
                      System.out.println("reading smartcard file...");
                      try {
                      SmartCard.start();
                      CardRequest cr = (FileAccessCardService.class);
                      System.out.println("calling waitforCard");
                      SmartCard sc = SmartCard.waitForCard(cr); //Error comes after this line
                      System.out.println("After waitForCard called");
                      FileAccessCardService facs = (FileAccessCardService)
                      sc.getCardService(FileAccessCardService.class, true);
                      CardFile root = new CardFile(facs);
                      CardFile file = new CardFile(root, ":c009");
                      byte[] data = facs.read(file.getPath(), 0,
                      file.getLength() );
                      sc.close();
                      String entry = new String(data);
                      entry = entry.trim();
                      System.out.println(entry);
                      } catch (Exception e) {
                           e.printStackTrace(System.err);
                      System.exit(0);
  The content of the opencard.properties are :
            OpenCard.services = opencard.opt.util.PassThruCardServiceFactory
  OpenCard.terminals = com.ibm.opencard.terminal.pcsc10.Pcsc10CardTerminalFactory
  OpenCard.trace = opencard:5 com.ibm:4 opencard.opt.database:6
  After the line “ SmartCard sc = SmartCard.waitForCard(cr);”
  the program is expecting a card to be inserted but while inserting Smartcard the following error message come :
            calling waitforCard
            [ERROR    ] com.ibm.opencard.terminal.pcsc10.OCFPCSC1.OCFPCSC1.SCardConnect
  --- message
  --- thread Thread[Thread-0,5,main]
  --- source com.ibm.opencard.terminal.pcsc10.OCFPCSC1@2e7263
  [ERROR    ] com.ibm.opencard.terminal.pcsc10.OCFPCSC1.OCFPCSC1.SCardConnect
  --- message Protocol = 0
  --- thread Thread[Thread-0,5,main
  --- source com.ibm.opencard.terminal.pcsc10.OCFPCSC1@2e7263
  Basically the error is coming from the SCardConnect function of OCFPCSC1.cpp file.
  Please reply to my mail id if any body has any idea how to resolve this issue.
  MAIL-ID : [email protected]
  With Regards
  Swarup
  Finacle Archie
  Infosys Technologies Limited,Bhubaneswar,India

  Sounds like an issue that has to do with JavaScript Origin policy. You'll have to use Domain Relaxing for this. Read all about it here:
  http://help.sap.com/saphelp_nw04/helpdata/en/59/87b54064c2742ae10000000a155106/frameset.htm
  here:
  http://help.sap.com/saphelp_nw04/helpdata/en/5e/473d4124b08739e10000000a1550b0/frameset.htm
  and here:
  http://help.sap.com/saphelp_nw04/helpdata/en/cb/f8751d8c6b254dac189f4029c76112/frameset.htm

• Need a recommendation about java smart card and a reader

  I've been posting some message in this forum and others and haven't gotten a clear response.
  I want to experiment with java smart card technology.
  From what I gathered, Gemplus is a leading company in this field so I thought about buying a smart card reader from it and a java smart card.
  I thought about buying the "USB Smart Card Reader/Writer Plug n Play (GemPC430)" reader which costs 69$.
  Is this a reasonable price?
  I need an answer from someone with experience using it.
  Now then, which one should I buy?
  I only want to do smart card to desktop application interaction without anything on the web (e-commerce or anything to do with encryption).
  I can buy 5 "GS2.2 Standard Crypto GPK8000su512 RED"
  cards which cost 87.50$
  THATS A LOT OF MONEY!!!!
  Are all java smart cards that expensive?
  There is a list of other cards on their site but I haven't been able to locate their price and don't know which to buy.
  Finally, there is the "Kit, GemSAFE Enterprise Workstation 2.21 Standard Cryptography Serial Port Reader" which as I read consists a GPK8000 card.
  Is this card a java card?
  Or do I need to buy the reader and java card seperately.
  Any help and insight would be greatly appreciated.
  Thanks.

  I've looked closely at the Cyberflex 32K cards + SDK from Schlumberger.
  My criteria was:
  * Javacard 2.1 support
  * visa open support (or whatever it is called now)
  * complete sdk (develop, test, deploy)
  * exportable
  * upgradable
  * customer support
  I tried to get someone from Gemplus to contact me, but was unable to ever get even an
  email response.
  Schlumberger, on the other hand, won me over with the quick responses over email.
  They offer fairly inexpensive upgrades after you buy the product, and technical support
  is free.
  For simple experimentation, you can get the JavaCard SDK for free. At JavaOne, several
  years ago, they were giving away JavaRings with Card Readers (which presumably
  means these are cheap to buy) from SCM or some company in Texas. You might
  try to get one of these. They don't have much memory, but are an interesting twist
  on the Java Card thing.
  If you want to dive in, the Smart Card SDK from Schlumberger will run you about $499.
  This includes the reader, 5 cards, and the SDK. Likewise, Metrowerks puts out an
  IDE for Java Card which runs about $1200, and may be available as a bundle from
  vendors like Schlumberger.
  dk