Menu

• 1) PKCS#11
• 2) MS CAPI
• 3) Net iD - Plugin
• 4) Net iD Access
• About Java
• Net iD Enterprise
  Code snippets
• Net iD SDK
  Information
• ASN.1-decoding
• Disable Net iD SSO
  for a specific application
• UpdateCounter
• Inte OK!

Disable Net iD SSO for a specific application

The SSO feature of Net iD is highly appreciated. But in some scanarios you want a specific applications

Web

In a web scenario with mutual TLS/SSL you can use the Net iD Plugin to logout from the card before the negotiation starts.

Test it here: check_for_smartcard_clearpin.html

Note: Make sure that your Logout-operation does not interfere with other running applications

Traditional clients (exe)

One method is of cause to build you own PIN-dialog and enforce that so the user has to enter PIN no matter if the PIN is cached by Net iD SSO.

You could also call the Net iD Plugin (COM-object) to do Logout just in the web scenario described above.

By maybe the best method is to change the configuration of Net iD to exclude the binary itself from the SSO system

Net iD 5.x

Net iD 6.x

HKEY_LOCAL_MACHINE\SOFTWARE\SecMaker\NetiD\Enterprise\SingleSignOn
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\SecMaker\NetiD\Enterprise\SingleSignOn

Net iD SSO active, no PIN required

Net iD SSO active, PIN required even if the PIN is cached