[Thinlinc-technical] using USB cardreader browser plugins ?

Peter Astrand astrand at cendio.se
Wed Jan 21 10:07:42 CET 2015


In many cases, this should work fine. ThinLinc provides a PC/SC based 
smart card redirection. As long as the browser plugins are based on PC/SC, 
and does not do anything too strange, it should work.

In practice: For web sites requiring only standard PKCS#11, it's easy. For 
example, with Firefox, just install OpenSC and add 
/usr/lib64/opensc-pkcs11.so as a Firefox security module. We also have 
some experience with proprietary solutions such as Telia, "Net iD", 
SuisseID etc.

Also note that if you are using a Windows Remote Desktop Server, the same 
principle applies: our RDP client (rdesktop) forwards the smart card 
interface to the Windows server, which allows you to use smart card 
browser plugins etc in the Windows session.

Br,
Peter

On Tue, 20 Jan 2015, Rob De Langhe wrote:

> 
> hi TL-adicts,
> 
> has someone of you already found a strategy/method to allow users to work with locally-connected (USB) card readers that are required to
> authenticate on certain websites (like government, banks, etc) ?
> 
> To be exact : I do not mean authenticating to ThinLinc using smartcards.
> 
> We have certain banks (and government sites) that use card-readers to authenticate, connected via USB to the local computer, and driven by a
> locally installed device-driver, together with a USB-cardreader browser-plugin.
> 
> Any possibility to get this at work via a TL-session, where the browser will be running on an agent-server ? Installing such a browser-plugin
> on this agent-server will be no issue, but getting it able to read the USB of the local workstation sounds unrealistic, no ?
> 
> brgds
> Rob
> 
> 
>


---
Peter Astrand		ThinLinc Chief Developer
Cendio AB		https://cendio.com
Teknikringen 8		https://twitter.com/ThinLinc
583 30 Linkoping	https://facebook.com/ThinLinc
Phone: +46-13-214600	https://google.com/+CendioThinLinc


More information about the Thinlinc-technical mailing list