Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4885165

Client authentication using Java Card no longer works in 1.4

    Details

    • Subcomponent:
    • CPU:
      generic
    • OS:
      generic

      Description

      1.4 introduced a change in the security model through JAAS.
      1.3 relies on the browser to carry out HTTPS connections, thus enabling the use of Java Card provided the browser has a PKCS 11 module configured. This allows secure authentication using certificates stored on the card as the browser keystore is accessed and can fwd to the card through the PKCS module.

      1.4 introduced new security classes to handle the connection and the browser keystore is no longer used. As there are no other way to configure client authentication for Java Card, this is simply no longer possible on JRE 1.4+

      One of our partner, ACTIVCARD has released a new version of their middleware across platforms: Windows, Sun, Linux and Mac OSX and need to support a wide variety of clients (not just 1.3) and at a minimum Netscape and IE.
      This is impacting many of our Java Card customers as well and our own Java Badge program.

      This lag of functionality in 1.4 makes:
      - Usage of certificates hard to deploy as one as to rely on JRE plug in keystore that is hard to manage , especially for large deployments
      - Usage of Java Card for client authentication impossible.

      This RFE should be executed in 1.5 but we need an intermediate strategy for our customers.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                dgu Dennis Gu (Inactive)
                Reporter:
                amroos Alexis Roos (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Imported:
                  Indexed: