Currently I have devices (labeled CD in the graphic) where users login via a web interface to get some work assignment from a server (labeled S). It is a robust touch device where it is cumbersome to type in the credentials. Basically, the server creates some HTML and the user hits a big next button. The scenario is shown in 1.
As one potential solution I have in mind that the users login via a desktop PC (labeled K). Some kind of middleware (labeled M) creates the session against the server (labeled S) and returns a simple 4 digit code. The user walks over to the workplace and types in the 4 digits in a web interface provided by the middleware. The middleware forwards every request from the user and every response from the server. The scenario is shown in 2.
It would be easier to move the session from the middleware to the users device, but as all connections are HTTPS I would have to transfer the master secret etc. and I guess that's close to impossible and probably stupid. But I could establish a connection between server and middleware and middleware and user device (back to back). The middleware would be a simple Java application running on a tomcat.
The questions are: Is the approach suitable or are there better ways to achieve more comfort during the login process for the users?