Running CardHolderAuthorization Sample Web Application

The CardHolderAuthorization sample demonstrates how the authentication of a card holder to a locally accessible servlet grants a non-card holder access to a remotely accessible servlet. Card-holder-user authentication is tracked globally (card-wide). Authorization to access resources is protected by globally authenticated card-holder-user identity. Authorization to access resources can be granted by the card holder to other users.

Running the CardHolderAuthorization sample consists of using the IDE to open the CardHolderApp and RemoteUserApp projects, and running the CardHolderApp and RemoteUserApp servlets on a local desktop that is networked with a remote desktop. After CardHolderApp is deployed and instantiated on the local desktop, a remote user attempts but fails to access RemoteUserApp running on the local desktop. After the login attempt fails, the card holder uses the CardHolderApp on the local desktop to authenticate and enable the remote user to access the RemoteUserApp running on the local desktop.

In this sample, the URL for the RemoteUserApp is http://IP Address:8020/RemoteUserAppand the URL for the CardHolderApp is http://localhost:8020/CardHolderApp.

Before You Begin

Before performing the following procedure, the Java Card 3 Development Kit, Connected Editon must be downloaded and installed on your development system.

The CardHolderApp and RemoteUserApp projects are located under the JC_CONNECTED_HOME\samples\web\CardHolderAuthorization folder.


Note - Refer to the Java Card 3 Platform Development Kit User’s Guide for additional details including screen captures.


  1. Click File > Open Project in the main window.
  2. Go to the JC_CONNECTED_HOME\samples\web\CardHolderAuthorization folder and open the CardHolderApp and RemoteUserApp projects.
  3. Select the CardHolderApp project and click the run button in the main window.

    The IDE compiles, builds, and runs the CardHolderApp application. When the application runs, the IDE launches the default browser and displays the Card Holder App page.

  4. Select the RemoteUserApp project and click the run button in the main window.

    The IDE compiles, builds, and runs the RemoteUserApp application. When the application runs, the IDE launches the default browser and displays the Remote User’s App page.

  5. From a remote workstation or PC networked with the platform running the sample, open a browser and enter the following URL:

    http://IP Address:8019/remoteuserapp

    This action is performed as a remote user who is attempting to access the Remote User’s App page. The attempt fails and the browser displays an HTTP error 403 page in the browser stating that card holder authorization is required.

  6. In the Card Holder App page, click the Authorize Remote User hyper link and enter the login and password.

    Login: admin

    Password: 1234

    This action is performed as the card holder. The sample displays the authorization page in the browser.

  7. From the remote workstation or PC, either refresh the browser page or open a new browser page and reenter the URL http://IP Address:8019/remoteuserapp.
  8. In the Card Holder App page, click the Remote User’s Servlet hyper link and enter the following login and password:

    Login: boss

    Password: 5678

    The sample displays a Welcome Remote User page in the browser.

  9. Close the browser to stop the application.