Skip to main content
This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal

Notes/Domino 6 and 7 Forum

Notes/Domino 6 and 7 Forum

  

PreviousPrevious NextNext

modification to Logon process
~Sanjay Eknumarjip 16.Oct.03 07:41 AM a Web browser
Notes Client 6.0.2 CF1 Windows 2000


Hi Dave,

Thanks for all the help, now the PKCS#11 dll is working. :)

Currently we wanted to implement some modification to the Logon process. The scenerio is as follow: When the user starts Lotus Notes, there will not be any prompt for PIN(sometime like single sign-on). Even when the user access Notes after lock display(F5), there will also be no prompt for PIN. This prompt for PIN is only displayed when Notes locks the display due to the smartcard removed. When the smartcard is re-inserted again the prompt for PIN will show. The user have to enter the correct PIN and than allow access to Notes. This is to say that the prompt for PIN is only shown when there is a detect that the smartcard has been removed and re-inserted.

I know that we can allow or skip the PIN prompt by set/unset the "CKF_PROTECTED_AUTHENTICATION_PATH" during the C_GetTokenInfo function call. I have checked with Notes and there indeed is a call to C_GetTokenInfo function before every recover from Lock Display(F5) and/or when Notes starts. So I expect that when I change the status of "CKF_PROTECTED_AUTHENTICATION_PATH" flag, Notes will PIN prompt or allow for access without PIN prompt. But when I try to change the status of "CKF_PROTECTED_AUTHENTICATION_PATH" flag during this calls there seems to have no effect on Notes.

I have done some tests and this "CKF_PROTECTED_AUTHENTICATION_PATH" flag seems to only works during the smartcard-enable User ID process. During this process when this flag is enabled, the login for this user will not prompt for any PIN. Same goes when I did not set this flag during the change to smartcard-enable User ID process, there will be PIN prompt whenever Lotes starts and/or Locks Display(F5).

Thus my conclusion is that Notes have stored this information somewhere, so even when the calls to C_GetTokenInfo function with the "CKF_PROTECTED_AUTHENTICATION_PATH" set or unset will have no affect on Notes. Please correct me if I was wrong in this. If this is correct then how is it possible for me to accomplish this modified Logon features with Notes.

Thanks in advance!




"Smartcard login was not enabled:In... (~Sanjay Eknumar... 1.Sep.03)
. . RE: "Smartcard login was not enable... (~Tanita Desweve... 2.Sep.03)
. . . . RE: "Smartcard login was not enable... (~Sanjay Eknumar... 4.Sep.03)
. . . . . . RE: "Smartcard login was not enable... (~Tanita Desweve... 5.Sep.03)
. . . . . . . . RE: "Smartcard login was not enable... (~Sanjay Eknumar... 13.Sep.03)
. . . . . . . . . . RE: "Smartcard login was not enable... (~Tanita Desweve... 15.Sep.03)
. . . . . . . . . . . . Problems in signing and decryption ... (~Sanjay Eknumar... 17.Sep.03)
. . . . . . . . . . . . . . RE: Problems in signing and decrypt... (~Tanita Desweve... 17.Sep.03)
. . . . . . . . . . . . . . . . RE: Problems in signing and decrypt... (~Sanjay Eknumar... 22.Sep.03)
. . . . . . . . . . . . . . . . . . The CKA_ID is typically derived fro... (~Tanita Desweve... 22.Sep.03)
. . . . . . . . . . . . . . . . . . . . RE: The CKA_ID is typically derived... (~Sanjay Eknumar... 23.Sep.03)
. . . . . . . . . . . . . . . . . . . . . . RE: The CKA_ID is typically derived... (~Tanita Desweve... 23.Sep.03)
. . . . . . . . . . . . . . . . . . . . . . . . Smartcard decrypt error (~Sanjay Eknumar... 8.Oct.03)
. . . . . . . . . . . . . . . . . . . . . . . . . . RE: Smartcard decrypt error (~Tanita Desweve... 8.Oct.03)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . modification to Logon process (~Sanjay Eknumar... 16.Oct.03)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . RE: modification to Logon process (~Tanita Desweve... 20.Oct.03)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . serial number (~Sanjay Eknumar... 28.Oct.03)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . RE: serial number (~Tanita Desweve... 28.Oct.03)

Document Options






  Document options
Print this pagePrint this page

Search this forum

Forum views and search


  Forum views and search
Date (threaded)
Date (flat)
With excerpt
Category
Platform
Release
Advanced search

Member Tools


RSS Feeds

 RSS feedsRSS
All forum posts RSS
All main topics RSS