De-authenticating in security environments only providing authentication
First Claim
1. A method for de-authenticating from a first web server security realm protected by an authentication scheme lacking a de-authentication operation, the method comprising:
- attempting to access a first resource in a first security realm protected by the authentication scheme;
receiving a request for authentication credentials in response to said attempting to access the first resource;
supplying said authentication credentials in response to the request so as to become authenticated in the first security realm; and
accessing a logout resource in the first security realm, said logout resource configured to automatically authenticate with a second security realm on accessing thereof.
1 Assignment
0 Petitions
Accused Products
Abstract
In a protocol providing for authentication to a first security realm, but failing to provide for a logout operation to de-authenticate from the first security realm, a logout operation is effected by providing a logout button, hyperlink, or other linking construct that causes a user to be transparently authenticated to a second security realm. For example, with respect to HTTP basic authentication, authentication with the second security realm removes, or logs out, the user from the first security realm.
-
Citations
22 Claims
-
1. A method for de-authenticating from a first web server security realm protected by an authentication scheme lacking a de-authentication operation, the method comprising:
-
attempting to access a first resource in a first security realm protected by the authentication scheme;
receiving a request for authentication credentials in response to said attempting to access the first resource;
supplying said authentication credentials in response to the request so as to become authenticated in the first security realm; and
accessing a logout resource in the first security realm, said logout resource configured to automatically authenticate with a second security realm on accessing thereof. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for de-authenticating from an HTTP basic authentication, comprising:
-
attempting to access a first resource in a first security realm protected by HTTP basic authentication;
responsive to said attempting to access, receiving an authentication request for controlling access to the first resource;
supplying authentication credentials responsive to said authentication request so as to authenticate with the first security realm;
accessing a second resource in the first security realm; and
responsive to said accessing the second resource, automatically authenticating with a second security realm. - View Dependent Claims (7, 8, 9)
-
-
10. An article of manufacture for de-authenticating from a first web server security realm protected by an authentication scheme lacking a de-authentication operation, comprising a readable medium having instructions encoded thereon for execution by a processor, said instructions capable of directing the processor to perform:
-
attempting to access a first resource in a first security realm protected by the authentication scheme;
receiving a request for authentication credentials in response to said attempting to access the first resource;
supplying said authentication credentials in response to the request so as to become authenticated in the first security realm; and
accessing a logout resource in the first security realm, said logout resource configured to automatically authenticate with a second security realm on accessing thereof. - View Dependent Claims (11, 12, 13, 14, 16, 17, 18, 20)
-
-
15. An article of manufacture for de-authenticating from an HTTP basic authentication comprising a readable medium having instructions encoded thereon for execution by a processor, said instructions capable of directing the processor to perform:
-
attempting to access a first resource in a first security realm protected by HTTP basic authentication;
responsive to said attempting to access, receiving an authentication request for controlling access to the first resource;
supplying authentication credentials responsive to said authentication request so as to authenticate with the first security realm;
accessing a second resource in the first security realm; and
responsive to said accessing the second resource, automatically authenticating with a second security realm.
-
-
19. An apparatus for de-authenticating from a first web server security realm protected by an authentication scheme lacking a de-authentication operation, comprising:
-
means for attempting to access a first resource in a first security realm protected by the authentication scheme;
means for receiving a request for authentication credentials in response to said attempting to access the first resource;
means for supplying said authentication credentials in response to the request so as to become authenticated in the first security realm; and
means for accessing a logout resource in the first security realm, said logout resource configured to automatically authenticate with a second security realm on accessing thereof.
-
-
21. An apparatus for de-authenticating from an HTTP basic authentication comprising:
-
means for attempting to access a first resource in a first security realm protected by HTTP basic authentication;
responsive to said attempting to access, means for receiving an authentication request for controlling access to the first resource;
means for supplying authentication credentials responsive to said authentication request so as to authenticate with the first security realm;
means for accessing a second resource in the first security realm; and
responsive to said accessing the second resource, means for automatically authenticating with a second security realm. - View Dependent Claims (22)
-
Specification