Gemplus
SmartJAAS
SmartJAAS, a Smart Card Login Module for Java Authentication and Authorization Service.
 



A Smart Card Login Module for Java Authentication and Authorization Service.

Java Security Logo

The latest JavaTM security package JAAS gives developers a way to control the behaviour of an applet and its access to the local resources on a per-user basis in addition to the classical per-origin and per-signature basis. This authorisation service is supported by an authentication component which decides who is the current user of the JavaTM Virtual Machine.
Smart cards have been widely recognized as an efficient way to greatly improve the security of a user authentication process.

Fortunately, the JAAS designers have carefully disconnected the authentication task from other parts of the package: this task is performed by a login module and custom ones can be added when needed. This is the classical concept of Pluggable Authentication Module (PAM). In this paper [16 kB, PDF format] we describe an implementation of a JAAS login module which provides a strong authentication of users by smart cards.

GDC 2000 Presentation [1.3 MB, PDF format]

Sample program

This sample performs user authentication by smart card. The dialog with the Gemplus card reader and the GPK 8000 smart card is managed using OCF and GPK 8000 card services.
Once the user is authenticated (by a challenge-response), an application at the URL stored on the smart card is launched.
More details

! Register ! You will be asked your login and password to download binary files (.zip, .pdf,...)
version 1.0 smartjaas1.0.tar.gz 14 kB

 

Install

To install this sample, read the note.

Laurent.Gauteron@gemplus.com
Pierre.Girard@gemplus.com

 
Back to the Top page