Java Security

I am trying to get the SunPKCS11 provider to work with our PKCS11 library.

The problem I have is that to access the keys within the PKCS11 token as a key store it is necessary to log into the token using C_LOGIN. I have tried to get the SunPKCS11 library to do this but I have totally failed.

According to the documentation the correct way is to use the Authprovider routines to achieve this and I have tried to do so with no success

What I see is that calling the AuthProvider.login routine does absolutely nothing - no PKCS11 routines are called. I can tell this by enabling the debug mode of our PKCS11 library and stepping through the code.

What am I doing wrong?

The following is a snippet of my code

char[] pin = "1234".toCharArray();
String configName = "p:/pkcs11/jce/ncipherkant.cfg";
AuthProvider aprov = new sun.security.pkcs11.SunPKCS11(configName);
Security.addProvider(aprov);

aprov.login(new Subject(), new callbackHandler());

KeyStore ks = KeyStore.getInstance("PKCS11", aprov);
ks.load(null, pin);


The configuration file is the following:

name = nCipherka
library = /home/jmersh/projects/pkcs11/kabuild/ntdll/cknfastka.dll
attributes = compatibility