Methods for dynamically constructing a service principal name and devices thereof
First Claim
1. A method for managing access to services implemented by a network traffic management system comprising one or more network traffic management devices, client devices, backend server devices, or domain controller server devices, the method comprising:
- selecting one of a plurality of backend servers to provide a service to a client, and identifying an Internet protocol (IP) address of the selected server, in response to a received request from the client to access the service;
performing a reverse domain name system (DNS) lookup with a DNS server using the identified IP address to determine a hostname of the selected server;
dynamically generating a service principal name (SPN) of the selected server based on the hostname determined via the reverse DNS lookup;
sending a ticket granting service (TGS) request to a domain controller server, wherein the TGS request is generated using the dynamically generated SPN and a previously obtained ticket granting ticket (TGT);
andproviding access to the selected server to the client using a service ticket obtained in response to the TGS request and comprising the SPN.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, medium and method for dynamically constructing a service principal name is disclosed. A client request from a user to access a service is received at a network traffic management device which identifies an internet protocol (IP) address of a selected backend server to provide the requested service to the client. The network traffic management device identifies a hostname of the selected backend server based at least on the identified IP address and dynamically generates a service principal name (SPN) of the selected backend server based on the determined host name. The network traffic management device obtains a service ticket from a domain controller server using at least the generated SPN of the selected backend server. The network traffic management device uses the obtained service ticket along with the client request to provide the user access to the selected backend server for the client request.
-
Citations
16 Claims
-
1. A method for managing access to services implemented by a network traffic management system comprising one or more network traffic management devices, client devices, backend server devices, or domain controller server devices, the method comprising:
-
selecting one of a plurality of backend servers to provide a service to a client, and identifying an Internet protocol (IP) address of the selected server, in response to a received request from the client to access the service; performing a reverse domain name system (DNS) lookup with a DNS server using the identified IP address to determine a hostname of the selected server; dynamically generating a service principal name (SPN) of the selected server based on the hostname determined via the reverse DNS lookup; sending a ticket granting service (TGS) request to a domain controller server, wherein the TGS request is generated using the dynamically generated SPN and a previously obtained ticket granting ticket (TGT); and providing access to the selected server to the client using a service ticket obtained in response to the TGS request and comprising the SPN. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer readable medium having stored thereon instructions for managing access to services comprising executable code which when executed by at least one processor, causes the processor to:
-
select one of a plurality of servers to provide a service to a client, and identify an Internet protocol (IP) address of the selected server, in response to a received request from the client to access the service; perform a reverse domain name system (DNS) lookup with a DNS server using the identified IP address to determine a hostname of the selected server; dynamically generate a service principal name (SPN) of the selected server based on the hostname determined via the reverse DNS lookup; send a ticket granting service (TGS) request to a domain controller server, wherein the TGS request is generated using the dynamically generated SPN and a previously obtained ticket granting ticket (TGT); and provide access to the selected server to the client using a service ticket obtained in response to the TGS request and comprising the SPN. - View Dependent Claims (6, 7, 8)
-
-
9. A network traffic management device comprising a memory comprising programmed instructions stored thereon and at least one processor configured to be capable of executing the stored programmed instructions to:
-
select one of a plurality of backend servers to provide a service to a client, and identify an Internet protocol (IP) address of the selected server, in response to a received request from the client to access the service; perform a reverse domain name system (DNS) lookup with a DNS server using the identified IP address to determine a hostname of the selected server; dynamically generate a service principal name (SPN) of the selected server based on the hostname determined via the reverse DNS lookup; send a ticket granting service (TGS) request to a domain controller server, wherein the TGS request is generated using the dynamically generated SPN and a previously obtained ticket granting ticket (TGT); and provide access to the selected server to the client using a service ticket obtained in response to the TGS request and comprising the SPN. - View Dependent Claims (10, 11, 12)
-
-
13. A network traffic management system, comprising one or more traffic management devices, client devices, server devices, or domain controller server devices, the network traffic management system comprising memory comprising programmed instructions stored thereon and at least one processor configured to be capable of executing the stored programmed instructions to:
-
select one of a plurality of backend servers to provide a service to a client, and identify an Internet protocol (IP) address of the selected server, in response to a received request from the client to access the service; perform a reverse domain name system (DNS) lookup with a DNS server using the identified IP address to determine a hostname of the selected server; dynamically generate a service principal name (SPN) of the selected server based on the hostname determined via the reverse DNS lookup; send a ticket granting service (TGS) request to a domain controller server, wherein the TGS request is generated using the dynamically generated SPN and a previously obtained ticket granting ticket (TGT); and provide access to the selected server to the client using a service ticket obtained in response to the TGS request and comprising the SPN. - View Dependent Claims (14, 15, 16)
-
Specification