Method and apparatus for authenticating users
First Claim
1. A method of authenticating requests:
- a requester transmitting a request to a first server;
said first server redirecting said request to a second server;
said second server authenticating said requester; and
said second server redirecting said request to said first server.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for authenticating users. Prior art mechanisms require each individual application (running on an “application server”) that the user is accessing to provide for the ability to use the various authentication mechanisms. One or more embodiments of the invention externalize the authentication mechanism from the application in the form of a login server. Only the login server needs to be configured to handle authentication mechanisms. The application server checks if a request has an active and valid session (e.g., a valid session may exist when there is active communication between a client and server that has not expired). If there is not a valid session, the application server redirects the user to the login server. The login server attempts to authenticate the user using any desired authentication mechanism. Once authenticated, the login server redirects the user back to the application server. The application server verifies the authentication directly with the login server. Once verified, the application server processes the user'"'"'s request and responds accordingly. One or more embodiments of the invention may utilize cookies to aid in the authentication process. Thus, applications on the application server need not be concerned about authenticating a given user. The application server merely knows how to work with the login server to authenticate the user. Further, communications between the application server and login server are transparent (or without any interaction from) the user (although the user may see the browser communicating with each server).
-
Citations
33 Claims
-
1. A method of authenticating requests:
-
a requester transmitting a request to a first server;
said first server redirecting said request to a second server;
said second server authenticating said requester; and
said second server redirecting said request to said first server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system comprising
a requester; -
a first server configured to process a request from said requester and redirect said requestor to a second server; and
said second server configured to authenticate said requester and redirect said requestor to said first server. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer program product comprising:
-
a computer usable medium having computer readable program code embodied therein configured to authenticate requests, said computer program product comprising;
computer readable program code configured to cause a computer to request information from a first server;
computer readable program code configured to cause said first server to redirect said request to a second server;
computer readable program code configured to cause said second server to authenticate a requester of said information; and
computer readable program code configured to cause said second server to redirect said request to said first server. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A system for authenticating requests comprising:
-
a first means for processing a request from a requester;
said first means redirecting said request to a second means;
said second means authenticating said requestor; and
said second means redirecting said request to said first means.
-
Specification