Jopapan
|
Posted: February 15, 2010 12:06 by Jopapan
|
|
Hi, i wanted to ask a question about remote user authentication. I downloaded the Java Card 3 samples and i was playing around. In the RemoteUserApp project, you need to log in as user boss, and you are assigned to role ru (remote user). This is defined in the manifest file: User-Role-List: ru, ch ch-Mapped-To-Auth-URI: sio:///standard/auth/holder/global/admin/pin ru-Mapped-To-Auth-URI: sio:///standard/auth/user/session/boss/pin Where are the pins defined? I searched the project files but couldnt find them. Are they encypted in the a.keystore file? (are there 2 different pins or is it the same for both?) If so which tool could i use to make my own keystore file? Any pointers would be greatly appreciated, thank you. Best Regards John |
Remote User authentication
8 posts
Replies: 7 - Last Post: June 20, 2010 09:44
by: benallemand
by: benallemand
« Older Topic
» Newer Topic
showing 1 - 8 of 8
Anki Nelaturu
|
Posted: February 15, 2010 18:57 by Anki Nelaturu
|
|
Just to give a bit more on this These Authenticators (in fact all the information from config.properties) are assumed to be Card Specific. Means that info might have been masked while manufacturing the card. RI provides a way to customize the needs for testing purposes. /anki |
|
benallemand
|
Posted: February 17, 2010 16:35 by benallemand
|
|
Hi, I am working on Javacard 3 Specification, in charge of developing a web application for loyalty business. Ok for authenticators that are written during card manufacturing. Is it possible to change a PIN or a Password through web application ? Javacard 2 Telecom applications are able to, through APDU command Change PIN, but I don't see any way to do this in specifications or API Javadoc... We have some Interface Authenticator, but I don't know if it can be linked to existing authenticators... Thanks in advance for your reply Benjamin ALLEMAND |
|
Anki Nelaturu
|
Posted: February 26, 2010 05:57 by Anki Nelaturu
|
|
PIN for web application?? or PIN of the card through Web APP? I am not sure I got your question. Just some info about difference between JC specs and these kind of activities. Java Card specs does not specify how an application will be deployed or how the keys/pins changed etc administration activities. I am using the term "Admin Activities" to indicate anything that is required to customize the card. These Admin Activities can be proprietary or there is another Standards body called GlobalPlatform, which defines some standards about how these activities should be done if any card that is compliant to GP specs. Most of the commercial cards follows these standards. GP2 (short for Global Platform 2) specs are for Java Card 2.* which is based on APDU. Recently there are GP3 specs (more precisely I guess it is GP-NF) are for the HTTP based card (i.e JC3). Link is on the left side under "PROJECT LINKS". Follow it and may be there is some info regarding what you need. I'll try to find correct answer from my colleagues. /anki |
|
benallemand
|
Posted: March 02, 2010 13:43 by benallemand
|
|
Hi, thanks for your interest At first, I wanted to modify PIN of the card through web app, but instead I will use Authenticators. I made some research and found a way to replace, I guess : #authenticator.14.uri: sio:///standard/auth/holder/session/client/pin #authenticator.14.factory: com.sun.javacard.security.PINSessionAuthenticatorFactory #authenticator.14.pin: 1234 #authenticator.14.digest: false by some java code, using ServiceRegistry : ServiceRegistry registry = ServiceRegistry.getServiceRegistry(); String authenticatorURI = null; authenticatorURI = JCSystem.getAppProperty(CLIENT_URI_PROPERTY, null); if (authenticatorURI != null) { Authenticator authenticator = (Authenticator) registry.lookup(authenticatorURI); if (authenticator == null && authenticatorURI.startsWith("sio:///standard/auth/holder/session/")) { // No pre-register authenticator... register our own clientAuthURI = authenticatorURI; String pin = JCSystem.getAppProperty(CLIENT_PIN_PROPERTY, null); registry.register(authenticatorURI, new SessionPINAuthFactory(pin.getBytes(), 3)); authenticator = (Authenticator) registry.lookup(authenticatorURI); } } as it is done in Transit reference sample. I've placed : <listener> <description>Performs initialization upon creation</description> <listener-class>com.sun.jcdemo.transit.pos.ContextListener</listener-class> </listener> on my web.xml file, in order to init context of my web app. Now, I think I can modify this authenticator in my web app... Are you ok with that ? Thanks Benjamin ALLEMAND |
VIVEK KUMAR KANAUJIA
|
Posted: March 29, 2010 07:56 by VIVEK KUMAR KANAUJIA
|
| Is this project is dead? |
|
benallemand
|
Posted: June 20, 2010 09:44 by benallemand
|
|
Hi, I think this thread can be marked as resolved, as my last post was successful : I managed to modify service registry in order to register new login/pin code, so that they can be used to login to my web app, or modified at a later time through my web app. Thanks for your concern Cheers Benjamin ALLEMAND |
showing 1 - 8 of 8
Replies: 7 - Last Post: June 20, 2010 09:44
by: benallemand
by: benallemand
« Older Topic
» Newer Topic
