Abstract: A method, system, apparatus, and computer program product are presented for transparently adding digital signature functionality to web servers in order to extend the web servers to generate and enforce signatures on transaction data on behalf of web applications that are processing transactions. A server plug-in intercepts transaction data that is submitted by a client to a web application. The plug-in returns a document containing the intercepted transaction data along with an applet that is executable at the client. When the applet is executed at the client, it generates a digital signature on the transaction data using a key that is stored at the client and returns a different document with the intercepted transaction data and with the newly generated signature. The plug-in validates the signature, records the signature in server-side log file, returns a signature receipt to the client, and forwards the transaction data to the destination web application.

Abstract: The present invention provides methods, systems, computer program products, and methods of doing business whereby legacy host application/system access is integrated with single sign-on in a modem distributed computing environment. A security token used for signing on to the modem computing environment is leveraged, and is mapped to user credentials for the legacy host environment. These user credentials are programmatically inserted into a legacy host data stream, thereby giving the end user the look and feel of seamless access to all applications/systems, including not only modem computing applications/systems but also those residing on (or accessible through) legacy hosts. In addition to providing users with the advantages of single sign-on, the disclosed techniques enable limiting the number of user identifiers and passwords an enterprise has to manage.