if you want web connections authenticated with a smart card,
the best way is usualy
1.) use an ssl server
2.) use the option to authenticate to that ssl server using a
client certificate (with the private key)
3.) find a way so that the private key is stored on a smart
card and is not read from the card, but rather the card
is signed to sign those bytes used in the ssl client
authentication.
step 1 and 2 are easy to implement.
but for step 3 you usualy use some ssl or https library on
the client side to access the server. that library needs
to be able to use smart cards. if the library doesn't allow
that, pick a different library.
I only know programming in c, there you have the netscape
libraries that allow this (I guess, since firefox can do this),
and the openssl library for ssl connections can do that too
(using an "engine" and that engine can be "engine_pkcs11"
which can use "opensc-pkcs11.so" or any other pkcs#11 module
to talk to a smart card).
I'm sure there are java libraries / packages out there that
have similiar functionality. check out the opensc-java project,
maybe the authors can help you (and I think it works not only
with opensc, but other pkcs#11 modules as well).
good luck!
Andreas
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
