Last few months, I was passionately busy working on an interesting project opportunity …to implement a biometric authentication module for a security sensitive J2EE application (Sorry…don’t ask who is the customer :-)). Ofcourse, the target is a die-hard Sun customer who believed on us -not- that armed contractor. They suggested me to use CrossMatch Verifier-E Fingerprint scanner and BioBex middleware for supporting biometric enrollment and authentication.  I also lucky  to work together with a good friend of mine from Finland “Tuomo Lampinen”…I should credit him here – he taught me the ABCs of Biometrics.  I lost hopes initially..as there is no easy way to initiate/receive the JAAS callbacks to/from biometric device and then convert it to web-based text callbacks to perform actual authentication with the biometric middleware. The complexities goes even a bit more  harder, when you want to make a browser plugin to handle the device callbacks.  After trial-and-errors with several callback mechanisms (believe me,…at some point I lost all my hopes) – Finally, It worked without any hacks. Way cool, I even performed multi-factor authentication by combining with another JAAS LoginModule we built for using PKI/digital certificates.

If you are curious to know the secrets – Couple of days ago, Reid Williams and I did deliver a session at JavaONE  entitled ” Biometric Authentication for J2EE Applications” and we also demonstrated it.  You may also interested to read my follow-on article “Building Biometric Authentication for J2EE, Web and Enterprise Applications“.

Enjoy.