im trying to add smart card/etoken login from my web application . I am able to do login when only one certificate is present in my smart card or etoken.
my problem is :
When it contains more than one certificate i need to list it to the user , and login using the certificate he opts and only at that time the pin of the device should be taken.
As of now i am loading the keystore with pin and reading the alias.
Can any one tell me is there any way to access public certificate from the token without making the user to enter pin.
this is the code i am using ..
We are in the intial stages of implementing smart card logins to our web application. Could you please provide me some high level information on how you designed it in your system.
I spent some time on this issue and I suppose I found a solution.
Here is user guide for PKCS#11: Java PKCS#11 Reference Guide I added this line to SunPKCS11 config:
attributes(*,CKO_PUBLIC_KEY,*)={ CKA_TOKEN=true }
and it seems to retrieve public certificates without entering pin.
Hi to all,
I tried to add the line mentioned by Marta to SunPKCS11 config file...but I can't understand how I can load the keystore without passing a pin code. Even trying to load the keystore with
load(LoadStoreParameter param) with param = null I can't access to the smartcard without pin.
Someone maybe solved this problem?
Thanks in advance