使用客户端证书智能卡身份验证

我有一个第三方的Web应用程序，现在我的经理希望智能卡验证添加到某些页面（而不是整个应用程序），并返回证书信息。我在想什么是按钮添加到这些页面，并在的onclick 时，我会做客户端证书身份验证（其中一个证书选择窗口将出现其次是PIN窗口）和返回的证书对象进行进一步的处理。

I have a third party web application and now my manager wants to add smart card authentication to some of the pages (not the whole application) and return certificate information. What I'm thinking is to add buttons to those pages, and in the onclick event, I will do the client certificate authentication (where a certificate selection window will appear followed by the "PIN" window) and return certificate object for further processing.

我最初想到的Web服务做客户端证书认证，并返回证书的信息，这将是伟大的，因为我们可能会考虑使用其他Web应用程序，Web服务（在不同的平台）。但是，我无法找到这样做的任何code例子。然后我发现了 IIS解决方案。

I initially thought about a web service to do the client certificate authentication and return certificate information, which would be great because we might consider using that web service in other web applications (on different platforms). However, I couldn't find any code example that did this. Then I found the IIS solution.

我现在已经创建了与需要客户端证书的页面创建一个单独的文件夹。点击按钮时，我重定向到该页面。然后在该网页上，我检索使用 X509证书类证书信息。我不认为这可以帮助我什么，我试图做的，或者至少我不知道它是如何帮助。

I have now created a separate folder with a page that requires a client certificate. On the button click event, I redirect to that page. Then on that page, I retrieve the certificate information using the X509Certificate class. I don't think this helps me in what I'm trying to do, or at least I don't know how it helps.

所以我的问题是（对不起长期背景描述）

So my question is (sorry for the long background description)

1. 如何从认证结果？
该网页重定向回

2. 如果可能的话，如何建立起来，做同样的方式在客户端证书验证的Web服务的任何引用，IIS呢？

1. How can I redirect back from that page with the certification result?
2. If possible, any reference on how to build up a web service that does the client certificate authentication in the same way that IIS does?

感谢

更新
我环顾四周，仍然没有就如何实现这一线索。我不知道如何code。在SSL / TLS握手阶段，为Web服务。我不知道如何返回认证回到我要么调用此函数的页面。那么，我想现在要做的是从受保护的页面要求客户验证重定向。似乎在Web服务器缓存的认证结果。这里是我的第三个问题，我希望有人能回答。

Update I looked around and still don't have a clue on how to achieve this. I'm not sure how to code at SSL/TLS handshake stage for the web service. I don't know how to return the certification back to the page I invoke this function either. So what I'm trying to do now is to redirect from a protected page that requires client authentication. It seems the web server caches the authentication result. Here is my third question, I hope someone can answer.

我怎样才能清除页面会议结束的认证结果所以每次在页面被访问时，请求客户端验证（其中一个证书选择窗口将出现其次是PIN窗口）？

How can I clean out the authentication result at the end of the page session so that each time the page is visited, it request client authentication (where a certificate selection window will appear followed by the "PIN" window)?