SecRouter and SecAuthenticator

graph

Secures website access and identifies the users for the website by signature card or software key. The image shows the construction of the system.
When connecting to the website, the SecAuthenticator applet starts in the users´s browser. The SecAuthenticator applet reads the signature card, respectively the user´s software key and builds up a TLS protected connection to SecRouter. The user authenticates with the entry of the own PIN on the card reader. For this the user only needs a Java-VM as well as installed drivers for the card reader. It is not necessary to install a browser plugin or the like. SecAuthenticator is downloaded as Java applet directly with a mouse click in an HTML page. The used card reader and the signature card are automatically recognized.


Afterwards, SecRouter requests the rights of the authenticated user from the SecPKI server. If the user has the required rights in the SecPKI server, and if the user´s certificate is not locked in the trust center, his browser receives a session cookie from SecRouter, and the user is redirected to the protected website. The login process has now been completed.

As an alternative to redirecting to a website with session cookie, the website, which should be protected, can be arranged behind SecRouther in the internal network. In this case all HTTP requests run after the verification of the authorization through SecRouter.

The protected website can request the user´s identity and – if necessary – the user´s rights from the SecPKI server by the SecPKI API. The SecPKI API can be invoked via SOAP or can be integrated directly in Java. Java and SOAP samples are included.

If you have a  signature card or a software certificate, we recommend a login on our SecRouter live demo. Please select there first the link for initial registration. We will activate your login immediately.

With the eService of Deutsche Rentenversicherung Bund (German pension insurance institute) you can see SecRouter and SecAuthenticator in action. The solution has been used productively for many years now. If you have a statutory pension insurance, you can immediately view your pension account by using the eService.

We will be happy to advise on the implementation of SecRouter and SecAuthenticator in your company.

Smart card based loginRequest SecRouter & SecAuthenticator