How the Application Property Works
The application property on the smart card works in tandem with the other authentication properties. For example, suppose you initialized a smart card for user Frank with the following information:
-
A000000062030400 - The SolarisAuthApplet applet.
-
'$$$$java' - The default PIN for this card, which user Frank can change later.
-
dtlogin - The application requiring the smart card login.
-
frank - The name Frank must provide to log in to the desktop.
-
changeme - The password Frank must type to log in to the desktop.
The preceding information would be entered on the command line, as follows:
# smartcard -c init -A A000000062030400 -P `$$$$java' application=dtlogin user=frank password=changeme |
When Frank inserts his card into the reader and tries to log in to the desktop (dtlogin), ocfserv reads the card to check if any authentication properties are associated with dtlogin. The ocfserv server finds that the user and password properties are associated with dtlogin.
The ocfserv server prompts Frank for his PIN, and the typed PIN is compared with the PIN stored on the smart card assigned to the dtlogin application. Also, ocfserv uses the login name and password on Frank's card, along with the passwords in the system`s password database, to verify that Frank is whom he claims to be. If these properties match, Frank is logged in to the desktop.
- © 2010, Oracle Corporation and/or its affiliates