Smart card token authentication - Cancel button returns the blank page

StackOverflow https://stackoverflow.com/questions/16180609

Question

The apache SSL is configured to challenge the web page user (based on the particular URL) for Smartcard token (Provider : Safenet) authentication. Here is the portion of the configuration

<Location /abc/xyz>
    SSLVerifyClient optional
    SSLVerifyDepth 3
    SSLOptions +OptRenegotiate +StdEnvVars +ExportCertData
    SSLCACertificateFile /opt/APACHE1/httpd/conf.d/CA.crt
    RewriteEngine On
    RewriteRule ^/$ /abc/sslnocertautherror
    ErrorDocument 403 /abc/sslnotokenerror
    ErrorDocument 500 /abc/sslnotokenerror
    ErrorDocument 404 /abc/sslnotokenerror
    ErrorDocument 401 /abc/sslnotokenerror
</Location>

On invoking the URL the Windows Security popup shows up followed by the token challenge pop up for password.

The functionality is working as expected if the user provides right password. If the password is wrong, the error message is displayed and the retry counter is decremented as expected.

If the user cancels the operation instead of entering the password the browser displays a blank page.

I tried to debug the error, it looks like the request is not going to the apache. The browser is stopping the request.

The browser cache and history are not cleared by this operation(Cancel operation in smart card token password popup window).

The browser does not return any HTTP error code except the ERROR_INTERNET_SECURITY_CHANNEL_ERROR when I debugged with HttpWatch.

Environment : JBOSS+APACHE+IE8

I tried a lot for finding the solution for this (getting rid of blank page on Cancel) in the forums, but no luck.

I appreciated you time and help. Please let me know if you need any other details.

Regards,

Srinivas

Was it helpful?

Solution

SSL authentication and secure channel establishment is performed before HTTP when you are using HTTPS. That means that it is performed before any pages can be retrieved using HTTP. The error message (if any) should therefore be returned by the browser. If the browser stays mute then there is very little you can do about that, except try for a better or more up to date browser.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top