User's Manual
35
1.
Initialization of the WebIdentity client object with the Random Session String generated and sent by the
server; the entry RndSessionString is a variable of the client ActiveX inside the HTML document; the
Session("SessionString") entry is interpreted by the sever side and then replaced with a Random
Session String.
2.
Initialization of the WebIdentity client object with the Label for token identification; the Label entry is a client
ActiveX variable inside the HTML document; the entry Aplication("wi_Label") is interpreted by the
server side and then replaced with the label chosen for the service.
3.
Call of ActiveX client CmdExecute method for executing the command; the transmitted parameter
represents the string generated by the ActiveX WebIdentity server CommitWrite method. The result of the
operation is stored in the CmdResultString
Javascript variable for being sent to the server as an operation
confirmation.
CmdExecute executes the specified command inside the encrypted string.
4.
With the GetLastError call it is possible to control the result of the write command for notifying the client
in case the problem requires an intervention by the user, for instance token insertion, and therefore repeat the
operation.
The last step necessary for completing the remote write operation is the control by the server of the result of the
operation carried out by the client (server side ASP-VBScript code). The control is carried out by calling the ActiveX
server CmdResult method which returns an object describing the operation status and sums up the operations
executed on the remote token.
1.
Initialization of WebIdentity server object with the User-Id transmitted during authentication by the client and
stored in the session variable Session("user_PIN"); the entry Pin is an ActiveX server variable.
2.
Initialization of the server object with the Random Session String; the entry RndSessionString is a variable of
the server ActiveX; the Session("SessionString") entry stores the previously generated Random Session
String.
3.
Initialization of the server object with the Server Secret; the Password entry is a server ActiveX variable inside
the ASP page; the Application("wi_Password") entry is an application variable maintained by ASP, where the
Server Secret value has been previously stored.
4.
The call to the ActiveX server CmdResult method for the actual control of the operation executed by the
client ActiveX on the remote token. The trasnmitted parameter represents the string generated by CmdExecure
of the client ActiveX which encapsulates the operation result. The return value represents a
RemoteCmdResponse type object, describing the operation carried out and the result status.
5.
For controlling the operation result it is just necessary to control the Status variable of the
ObjRemoteCmdResponse object that is returned by the CmdResult.
Dim ObjRemoteCmdResponse
WIDSrv.pin = Session("user_PIN")
WIDSrv.RndSessionString = Session("SessionString")
WIDSrv.password = Application("wi_Password")
‘ Check of the result (CmdResultString) sent from the client
Set ObjRemoteCmdResponse = WIDSrv.CmdResult( CmdResultString )
If ObjRemoteCmdResponse.status <> 0 then
Response.Redirect "error.htm"
Response.End
End If
1
2
3
4
5