System and method for securely communicating between application servers and webservers

US 20020073211A1
Filed: 12/12/2000
Published: 06/13/2002
Est. Priority Date: 12/12/2000
Status: Abandoned Application

First Claim

Patent Images

1. A system for facilitating communication between a web browser and an application server via an intermediate webserver, comprising:

a webserver configured to communicate with a network, the webserver having an application server interface for communicating with an application server and a network interface for communicating with entities via a network; and

a state server configured to store data related to communication sessions occurring among a web browser, a webserver and an application server, the state server including a communication interface configured to communicate with the webserver;

an application server interface configured to communicate with an application server, the application interface including a mechanism for receiving a signal from an application server indicating an authorization to communicate with the application server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are provided for facilitating secure communication between a web browser and an application server. An application server is able to actively send out requests to webservers to connect approved browsers for service sessions between the browsers and application servers. This is in contrast to passive operations of conventional application servers that allow browsers to actively access application servers for screening, leaving the application servers and other associated entities vulnerable to possible computer hackers. This is accomplished via a plurality of intermediate webservers that screen and route browser requests destined for particular application servers. The webservers are configured to communicate amongst each other to share status information related to communication sessions between browsers and application servers. The invention further includes a state server configured to store data related to communication sessions occurring among a web browser, a webserver and an application server, to allow one webserver to take over a session from another webserver in the event of a termination of a session monitored by a webserver.

Citations

22 Claims

1. A system for facilitating communication between a web browser and an application server via an intermediate webserver, comprising:
- a webserver configured to communicate with a network, the webserver having an application server interface for communicating with an application server and a network interface for communicating with entities via a network; and
  
  a state server configured to store data related to communication sessions occurring among a web browser, a webserver and an application server, the state server including a communication interface configured to communicate with the webserver;
  
  an application server interface configured to communicate with an application server, the application interface including a mechanism for receiving a signal from an application server indicating an authorization to communicate with the application server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A system according to claim 1, wherein the application server interface is configured to communicate with an application server only when a signal is received by the webserver that authorizes such communication.
  - 3. A system according to claim 2, wherein the application server interface includes a monitoring mechanism for monitoring the activity of the application server during a session with a browser.
  - 4. A system according to claim 2, wherein the application server interface includes a monitoring thread from for facilitating the monitoring by the webserver of the activity of the application server during a session with a browser.
  - 5. A system according to claim 2, wherein the application server interface is further configured to receive a monitoring thread from an application server so that the webserver can monitor the activities of a application server during a session between the application server and a browser.
  - 6. A system according to claim 2, wherein the application server interface is further configured with a monitoring mechanism that allows an application server to monitor the activities of a webserver during a session between the application server and a browser.
  - 7. A system according to claim 2, wherein the application server interface is further configured to receive a monitoring thread from an application server so that an application server can monitor the activities of a webserver during a session between the application server and a browser.
  - 8. A system according to claim 2, further comprising a second webserver communicating with the other webserver and with the state server, wherein the second webserver is further configured to take over a session occurring between the application server and a browser being monitored by the other webserver in the event the other webserver stops monitoring the session.
  - 9. A system according to claim 8, wherein the second webserver is configured to take over a session occurring between the application server and a browser being monitored by the other webserver, wherein the application server interface includes a monitoring mechanism that is configured to engage the second webserver to monitor the session between the application server and the browser after the application server sends a signal in the event the other webserver stops monitoring the session.
  - 10. A system according to claim 8, wherein the second webserver is configured to take over a session occurring between the application server and a browser being monitored by the other webserver, wherein the application server interface includes a monitoring mechanism that is configured to engage the second webserver to monitor the session between the application server and the browser only after the application server sends a signal in the event the other webserver stops monitoring the session.

11. A system for communicating among a plurality of network servers communicating with a plurality of computers, comprising:
- a plurality of webservers communicating with and configured to receive a request from a web browser and to screen and route the browser request to an application server upon the receipt of a signal from the application server;
  
  an application server interface configured to control communication between the plurality of webservers and an application server;
  
  a state server configured to store data related to communication sessions occurring among a web browser, a webserver and an application server, wherein a first webserver is configured to retrieve information related to a session between a web browser and an application server and being monitored by a second webserver in the event that the second webserver terminates its monitoring of the session.
- View Dependent Claims (12, 13, 14, 16, 17, 18, 19, 21)
- - 12. A system according to claim 11 further comprising a database communicating with the state server and configured to store session information.
  - 13. A system according to claim 11, wherein the webserver is configured to route a browser request to an application server only upon the receipt of a signal from the application server.
  - 14. A system according to claim 11 further comprising a load balancing device configured to receive browser requests sent from computers communicating with the network system and to direct the requests among the plurality of webservers.
  - 16. A method according to claim 15, further comprising:
    - communicating with a state server to create a monitoring mechanism between the webserver and the state server to monitor communications between a web browser and an application server and to store information related to such communications.
  - 17. A method according to claim 15, further comprising:
    - routing the incoming browser request to one of a plurality of webservers;
      
      receiving the request by a first webserver; and
      
      transferring identification information related to other webservers to the application server.
  - 18. A method according to claim 15, wherein the step of facilitating communication between the application server and the webserver includes facilitating a session of communication between the application server and the webserver.
  - 19. A method according to claim 15, wherein facilitating communication between the browser and the application server with the webserver is done in response to receiving a signal from the application server indicating that it is ready to receive a browser request.
  - 21. A method according to claim 15, wherein the step of facilitating communication between the application server and the webserver includes facilitating a session of communication between the application server and the webserver.

15. A method of facilitating communication between a web browser and an application server, comprising:
- receiving a request for access to an application server;
  
  receiving the request by a first webserver;
  
  screening the request for determining authority to access the application server;
  
  receiving a signal from the application server indicating that it is ready to receive a browser request;
  
  communicating with the application server to create a monitoring thread between the webserver and the application server; and
  
  facilitating communication between the browser and the application server with the webserver.

22. A method according to claim 20, further comprising:
- routing the incoming browser request to one of a plurality of webservers;
  
  receiving the request by a first webserver;
  
  communicating with a state server to create a monitoring thread between the first webserver and the state server so that the state server can monitor communications between the web browser, the first webserver and the application server;
  
  transferring identification information related to other webservers to the application server;
  
  receiving a monitoring signal from the application server;
  
  receiving a signal from the application server indicating that a webserver has terminated the monitoring of the session;
  
  receiving a signal at a second webserver from the application server indicating a desire to reconnect to another webserver, wherein signal includes identification information of the second webserver;
  
  transferring session data from the state server to the second webserver;
  
  communicating with a state server to create a monitoring thread between the second webserver and the state server so that the state server can monitor communications between the web browser, the first webserver and the application server;
  
  facilitating a continuing session between the application server and the web browser.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Agile Software Corporation (Oracle Corporation)
Original Assignee
Agile Software Corporation (Oracle Corporation)
Inventors
Zhu, Wei, Ko, Hsienjywan Gordan, Lin, Raymond

Application Number

US09/735,570
Publication Number

US 20020073211A1
Time in Patent Office

Days
Field of Search
US Class Current

709/229
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 63/126   the source of the received ...

H04L 67/02   based on web technology, e....

H04L 67/101   based on network conditions

H04L 67/142   Managing session states for...

H04L 69/329   in the application layer [O...

System and method for securely communicating between application servers and webservers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for securely communicating between application servers and webservers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links