ArchitectureΒΆ

The solution is based on the only universal mean to access the outside world from JavaScript: doing Ajax HTTP requests. A local service (the Smart Card Web Service, or SCWS) is set up on the client computer when the Smart Card Middleware is installed, and scripts running from browser pages can then contact it. To make things easier from the developer point of view, a small JavaScript library (the SCWS API) is provided that takes care of the Ajax requests.

The general architecture is depicted below:

digraph { graph [ compound=true, newrank=true ]; subgraph cluster_client_machine { label="Client Computer"; subgraph cluster_browser { label="Web Browser"; subgraph cluster_client_page { style=dashed; label="Web Page"; node [ label="Application\nHTML+JS", style=dashed, shape=rectangle, width=1 ] html; node [ label="SCWS API", style=dashed, shape=rectangle, width=1 ] scwsapi; } } node [ label="Smart Card\nWeb Service", shape=rectangle, width=2.7 ] scws; } subgraph cluster_server_machine { label="Application Server"; subgraph cluster_server { label="HTTP/HTTPS Service"; node [ label="Application\nWeb Pages", style=dashed, shape=rectangle, width=1.8 ] server_pages; } } node [ label="Smart Card\nReader", shape=rectangle ] reader; html:ne -> server_pages:nw [ ltail=cluster_browser, lhead=cluster_server ]; server_pages -> html [ style=dashed, lhead=cluster_client_page ]; scwsapi -> scws [ label="Ajax" ]; scws -> reader; { rank=same; server_pages; html; } }

When the user opens the web application, the browser loads the HTML pages (and other resources including JavaScript scripts) from the remote server.

The browser then executes the web application JavaScript code. When access to the smart card system is needed, the application can use the SCWS API provided by Idopte (with which the application is bundled). This API is a simple wrapper that takes care of the communication with the underlying Smart Card Web Service, using Ajax asynchronous calls through either HTTP or HTTPS (depending on the environment constraints). The Smart Card Web Service, which is resident in the background (launched at the user logon), acts as a HTTP/HTTPS server and performs the operations, as it can perform native calls and therefore has access to most of the machine hardware, including smart card readers.