Hi Everybody.
I got the following Problem:
We have developed a complete ASP.NET application for the management of employees' trainings.
For the next version our customers want the possibility that the employees can confirm their presence in a training
by using smartcard and pin.
So far this would be no problem but the scenario has to be the following:
1. The client is once logged in with any user account and also the training web tool is opened and logged
with any account. No log off spould happen at all!
2. The list with the participants of a training is opened ant the application waits for authentications.
One employee authenticates himself by inserting his card and typing his pin.
The certificate is being read from the smartcard and its validity is checked.
This part of the process is being done by a third-party interface which is not possible to be changed. (I'd love to but I can'tt)
After that our application writes the successful authentication to the database.
Directly after the first user has validated himself we need to be able to check other user cards and their pin.
And now comes the problem:
The Internet Explorer 6 Sp1 caches the just recieved certificate in its SSL cache and does not initialize the
card reader interface again, it just "remembers" the last used certificate and uses this again.
That way, our application will do nothing (correctly!), because that user has just authenticated his presence.
To avoid this problem we can
a) close the browser window and even that may not be enough, MS says "Restarting Windows" is the way to clear that chache OR
b) Go to Extras -> Internet Options -> Content -> Clear SSL State
I now need to know either
a) how to prevent the caching of the certificate at all.
or
b) how I can reset the client (!) ssl cache in internet explorer with help of some activeX control or something like that
I found hints regarding winHTTP or winINET classes and schannel.dlll and information that it could be done using
anything of those, but no exact information.
Any help would be really greatly appreciated,
because I've been trying to get this working for the last two weeks and still no light at the end of the tunnel...
Greetings,
Angel