-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Sushil,
On 8/30/13 4:50 AM, Sushil Prusty wrote: > Thanks to show me a light in black dark room. Please just look > below work flow and requirement. > > > Before login to my web application, i need to swap data card to > access my web application. So data card should be certified by > OCSP instead CRL. My java based web application is deployed on > apache tomcat 7.0.40 ,so i think i need to integrate OCSP some > where in apache tomcat to certify my application? Or do you i need > to write any external java program to interact with ocsp responder > ? > > Is there any java api for provided by apache? AFAIK, there is no way for Tomcat (on a server) to interact securely with your data card (on the client) in a secure way. The best way you can do this kind of thing is via some browser plug-in or OS-based solution that can verify that the card is actually present, then take some data from the server and encrypt it with the secret stored on the card, then send it back to the server. Tomcat does not have anything like this available. Maybe someone on the list who knows how those kinds of authentication systems work can comment on your options. I'm sorry... I don't know anything about this realm of authentication (pun intended, unfortunately). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSJlnSAAoJEBzwKT+lPKRYKW8P/A45T2+B16jHzTsPcE+AMP9g 22GXsxs/qqZ7qfsKwe++h4zi8dQ738tUIC7UZ1EFNZe6qzn3cKZE/UTlDRRbDBzo gAOu1COY8Eo/cWCTI8zG33/Qi9GIVEJPTD5lukqDOej1ZPqOViTLYDBuyxwPedKZ yU218IX4qFI7tOcsPieeVDGGRfUUqHcWt0oENb05GsFO6FMYUjqFUJ5bFIGNr/lP suyXd0+LGMzatjB3RijeyTOP/p8uRjpHgUcjFhLF3RYtsW63us9fMYH8h5u+7xt/ Fk1FH/2YakynYzEcHNUzMZPKB51M2NEUJZ85TOiC6sj1ejeWnwZ8J5JVjQvN9i+8 Lfk6d9YbYnV+X395wIlRLHvoMr2Tcqh2dbpulmNys/YK5lrHTs5Z2TZfGN+SZcZo e/gaeqUeAQ7eB7/HGxvEfNiNDUGinyIWRwyYw1xxTctwF+SoFiDIPnzV9rPxmpU+ wA8xdDFVxfpuC2IPcyLW3O5+QXxzZ7Hsh7bLmacjFyDuKsmlvNC3JeJl57twcjGQ w2VIvuTuHJUAmaXDo+ZNqxrP47S61waHGgHJwRsUVUcWgWDPy7qIpscPQmnXMK+S 95vDXE+eNsNFH4BKVn4UVmDkWVKW+7dtXscw6hneE8RalZ3KIhg0LxCnVwm0+iZZ /FB7wA+848a8qLjvs1if =Y66v -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org