Access control for distributed content servers
First Claim
1. A method for controlling access to file on a server over a network, the method comprising the steps of:
- (a) allowing a content originator to publish a file on a first server and to specify what users are authorized to access to file;
(b) replicating the file from the first server on a second server;
(c) in response to receiving a URL request from a client for a file from the first server, determining if a user of the client has been granted authorization to access the file;
(d) generating a ticket that includes an identifier identifying the particular file on the second server if the user has been granted authorization access;
(e) creating a redirect URL ticket to the file on the second server by (i) modifying the client'"'"'s URL request to identify the second server, and (ii) augmenting the URL request with the ticket authorizing access to the particular file; and
(f) returning the redirect URL ticket to the client, such that the client uses the redirect URL to request the file from the second server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for controlling access to file on a server over a network is disclosed. The method and system include allowing a content originator to publish a file on a first server and to specify what users are authorized to access to file, where the files on a first server are replicated to a second server. In response to receiving a URL request from a client for a file from the first server, it is determined if a user of the client has been granted authorization to access the file. If the user has been granted authorization access, a ticket is generated that includes an identifier identifying the particular file on the second server. The method and system further include creating a redirect URL ticket to the file on the second server by modifying the client'"'"'s URL request to identify the second server, and augmenting the URL request with the ticket authorizing access to the particular file. The redirect URL ticket is returned to the client, such that the client uses the redirect URL to request the file from the second server.
155 Citations
38 Claims
-
1. A method for controlling access to file on a server over a network, the method comprising the steps of:
-
(a) allowing a content originator to publish a file on a first server and to specify what users are authorized to access to file;
(b) replicating the file from the first server on a second server;
(c) in response to receiving a URL request from a client for a file from the first server, determining if a user of the client has been granted authorization to access the file;
(d) generating a ticket that includes an identifier identifying the particular file on the second server if the user has been granted authorization access;
(e) creating a redirect URL ticket to the file on the second server by (i) modifying the client'"'"'s URL request to identify the second server, and (ii) augmenting the URL request with the ticket authorizing access to the particular file; and
(f) returning the redirect URL ticket to the client, such that the client uses the redirect URL to request the file from the second server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 38)
-
-
13. A system for controlling access to file on a server over a network, the system comprising the steps of:
-
means for allowing a content originator to publish a file on a first server and to specify what users are authorized to access to the file, wherein files on the first server are replicated on a second server;
means responsive to receiving a URL request from a client for a file from the first server for determining if a user of the client has been granted authorization to access the file;
means for generating a ticket that includes an identifier identifying the particular file on the second server if the user has been granted authorization access;
means for creating a redirect URL ticket to the file on the second server by modifying the client'"'"'s URL request to identify the second server, and augmenting the URL request with the ticket authorizing access to the particular file; and
means for returning the redirect URL ticket to the client, such that the client uses the redirect URL to request the file from the second server.
-
-
25. A computer-readable medium containing program instructions for controlling access to file on a server over a network, the program instructions for:
-
(a) allowing a content originator to publish a file on a first server and to specify what users are authorized to access to file;
(b) replicating the file from the first server on a second server;
(c) in response to receiving a URL request from a client for a file from the first server, determining if a user of the client has been granted authorization to access the file;
(d) generating a ticket that includes an identifier identifying the particular file on the second server if the user has been granted authorization access;
(e) creating a redirect URL ticket to the file on the second server by (i) modifying the client'"'"'s URL request to identify the second server, and (ii) augmenting the URL request with the ticket authorizing access to the particular file; and
(f) returning the redirect URL ticket to the client, such that the client uses the redirect URL to request the file from the second server.
-
-
37. A URL ticket for redirecting a URL request for a file on a content server from a client to a replica server comprising:
-
a format in a form of scheme;
//servername/ . . . /basedir;
parameters/subdir/ . . . /file.extension.
where the “
scheme”
represents “
http”
or “
https,” and
the “
server name”
represents a DNS name of the replica server, and wherein each parameter in the URL ticket includes a parameter name and a value;name1=value1;
name2=value2;
. . .
-
Specification