Architecture of smart card authentication

The high-level architecture components that comprise the Rational® ClearQuest® Web smart card authentication feature include the smart card middleware, IBM® HTTP Server, and WebSphere® Application Server.

The components that comprise the smart-card-authentication feature are described in the topics that follow.

At the top of the figure, a smart card is inserted in a smart card reader. The smart card reader communicates with the smart card middleware, which, in turn, communicates with the web browser. Communication between the web browser and the IBM HTTP Server (IHS) is established through a firewall. Communication between the web browser and the firewall is by HTTPS, and between the firewall and the IBM HTTP Server is by SSL. The IBM HTTP Server communicates with WebSphere Application Server by using SSL as well. The WebSphere Application Server instance contains Rational ClearQuest Web server. Rational ClearQuest Web server communicates with the truststore (where the signer certificates are located), the LDAP registry, and the Rational ClearQuest database.

Parent topic: Configuring strong authentication with smart cards
Previous topic: Prerequisites for smart card configuration
Next topic: Configuring WebSphere Application Server