I am trying to read certificate form smart card which is currently inserted in the reader to connect for secure session.
In my application as of now when user1 insert his smart card to connect in secure session, application prompt to put pin, and session gets connected.
smart card details (name, provider) will be stored in config file (not pin).
user1 will not logoff machine but removes smart card.
Now when user2 insert his smart card, application try to connect with the certificate from user1 smart card and prompt for pin.
I would like to distinguish certificate based on smart card inserted or read certificate form inserted smart card. Is their any properties or api which can be use.
Thanks,
DJ
Related
When using the Apple provider with NextAuth.js on the web server and signing in on a native device app (written in Swift using ASAuthorizationAppleIDButton and ASAuthorizationAppleIDProvider) using Sign In With Apple, how do you add a new user and account to the NextAuth.js database tables?
Besides signing into the iOS app, the user also needs to be able to sign into a website with Sign In With Apple and link his user account to other OAuth providers like Google (e.g. if signing in on Android). This question focuses on just Sign In With Apple on an iOS device and how to record that account info so that it plays nicely with sign-ins on other platforms.
Does NextAuth.js have a REST API that the iOS device can call to do this? Otherwise, if custom code on the Next.js server is needed to add the rows manually, is there documentation on what goes into each of the columns in NextAuth.js user and account tables?
if you just setup the AppleProvider, NextAuth.js won't keep a database of your users.
It lets Apple handle that and then just gets a signed message back saying, im paraphrasing, "Yup, thats Edward, and here are some more details about him.." and includes some basic info like your email address, profile picture URL, etc.
This is the basics of their OAuth-only strategy.
If you'd like to persist user data yourself and maybe add additional fields to the ones Apple returns to you, you'll have to setup an adapter. An adapter in NextAuth.js world is just a database where it will automatically save any new users and check against for existing users.
You can see the details of the various available adapters, including the default model/schema here: https://next-auth.js.org/adapters/models
I need help with sign in with a smart card on google chrome.
First: When I go to the page that requires the certificate, this window appears where you can choose the
certificate:
select certificate image.
Is there any way this window can be edited so that I can see whose certificate is, and not just from whom it was issued, under the subject and the issuer is the same (from whom it was issued). I need to see here name of user.
Second: I have problem with loading certificates from smart cards on some computers. I installed software for smart card reader, insert smart card to reader, and windows doesn't load it. This is happening on some computers, all installed as it is on others, but does not want to load certificate. Certificates are all valid because this card work on other computer without problems
If there is someone who can help, it would be great. tnx
I need help with sign in with a smart card on google chrome
Your question is about login with smart card on web site" You can use a smartcard to prompt a certificate for authentication purposes during the handshake phase of the SSL/TLS protocol using client authentication, but you can not make digital signatures
Note: There is a workaround to do it, but this is a separate discussion: http://www.sslsignature.com/
Is there any way this window can be edited so that I can see whose certificate is, and not just from whom it was issued, under the subject and the issuer is the same (from whom it was issued).
No, this window it is not customizable. You only can filter by issuer (stablishing in server side the accepted Certificate Authorities)
I have problem with loading certificates from smart cards on some computers. I installed software for smart card reader, insert smart card to reader, and windows doesn't load it.
Check the installed drivers to fix it. I do not think it's a code problem
On Windows, you can use the certificate manager screen to aid in diagnosing your certificate propagation issue.
First: install the drivers for the smart card reader.
Second: Run 'services.msc'. Make sure the following services are started: Smart Card, Certificate Propagation.
Third: Run 'certmgr.msc'. Drill down to Personal->Certificate store, and insert the smart card. Hit F5 to refresh the certificate store. See if the certs from the card have been propagated to the personal cert store.
If this is working, then IE (and other browsers) should begin allowing smart card authentication for most smart cards.
For some special smart cards or features, you may need additional software installed in addition to the smart card reader driver.
I needed to register as a facebook developer to use facebook sdk.
facebook asked me for phone number to do it.
I'm from Myanmar(Burma) so I used myanmar mobile number in order to receive the confrimation code. I got this error from facebook:
"Contact point error: Sorry, we have already tried texting multiple codes and they all seem to have failed. Please click here to get help."
Is there's a way to register for facebook developer without using phone number?
As of this writing you have two options for verifying your account:
Text/call to a phone number to receive a verification code
Go to your profile, edit it and add a phone number; Once you save a Verify link will appear next to it, use that to verify your account.
Add a credit card to your account
Settings → Payments → Payment Methods → Manage. Once you add a valid CC your account will be considered verified.
Note that you do not have to keep your CC on your account once your account is verified; Not sure about phone number as that never worked for me either (either method).
Source (and links): https://www.facebook.com/help/167551763306531
I have an existing website in MVC4.
Now I am looking forward to upgrade it to MVC5.
I wanna use External Authentication, however, what I want is that when use select any of the External Login option (Except Twitter, I am not going to use it), all I want is to get his/her Name and email address.
I don't wanna store anything in the database with the username or other details associated.
I just need to grab the Name and email address and if it matches with existing email, user will be logged in, otherwise, new account will be created.
It will be great if anyone can help me with this with small tutorial, to read Name, email and other extra details from the user, instead of adding it to the database.
What is the most secure way to post credit card information from my iPhone application to a Windows server?
My iOS app sells some goods, like dresses.
(IANA Credit card merchant, I only play one here after reading other SO questions)
If you are dealing with explicit credit card data then you should be PCI compliant across your whole system. See things like:
pci security standards
and
pci compliance guide
If you are automating this (IE buy a dress from your iPhone) the CC Merchant that you are dealing with should have well defined protocols for handling credit cards. You should be asking them how they want the data sent. My general understanding is that you do not retain anything and just pass it through to the company who does all the financial stuff for you and the just passes back a validation for the transaction.
Look Michael. There are following ways through which you can post your credit card information from your iPhone application to a windows server. First you can use a "https//" when you are posting your credit card information because all of your information go through a secured channel.
The second option to post your credit card information from you iPhone app to windows server is to connect yourself with a VPN connection. I usually use VPN connection when I want to secure my sensitive data. Currently I am using PureVPN connection, that encrypt all of my sensitive information and all the information passes through secured encrypted tunnel and no unauthorized person can access to my sensitive information.
I completely agreed with Shivam and Simons. Mostly we have all e-commerce sites hosted on "https" which allow users to freely put their CC details and shop wherever they want to. a part from this if you are willing to surf around and shop through an application on your IOS phone then i think you should considerably google for VPN. It is one of the best and most reliable tool these days which enable users not only to make e-commerce transaction through secure channel but also protects users data through all aspects. I think going for Certificates won't be a good option as it involves certain procedures and guidelines.
If it is a webservice that you connect to on your Windows server, you can make the server ssl enabled have the client (iphone app) POST your data using the https link.
If this is some proprietary service using some proprietary protocol, you can consider using public key cryptography. Encrypt data with a one time AES key. Send the encrypted data. Encrypt the AES key with your public key and send it along. The server decrypts the symmetric AES key with your private key and thereafter decrypts the data !
I'd personally prefer the first option (SSL) over the second anytime !