Method and system for globally restricting client access to a secured web site
First Claim
1. A system for globally restricting client access to a secured web site comprising:
- a first web server configured to;
receive a client login; and
return a cookie to the client containing an access credential wherein the access credential contains at least one role-based attribute specific to the client; and
a second web server hosting a secured web site having an associated security expression wherein the security expression contains at least one role-based access privilege for the web site, the second web server configured to;
receive the cookie containing the access credential in response to an HTTP request from the client; and
if the access credential contains a role-based attribute in common with the security expression, grant the client access to the secured web site.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and system are provided for restricting client access to a web site. A first web server receives a client login and, in response, allocates a cookie to the client containing an access credential having at least one client role-based attribute. A second web server hosts the secured web site, the web site having an associated security file containing at least one client role-based access privilege. In response to the client'"'"'s HTTP request at the second server, the cookie is retrieved, decoded and the access credential is compared to the at least one client role-based access privilege. If the access credential has at least one role-based attribute in common with the at least one client role-based access privilege, the client is granted access to the site. Alternately, a site owner defines a token access credential attribute and security file privilege for hierarchal group access to the secured web site.
82 Citations
18 Claims
-
1. A system for globally restricting client access to a secured web site comprising:
-
a first web server configured to;
receive a client login; and
return a cookie to the client containing an access credential wherein the access credential contains at least one role-based attribute specific to the client; and
a second web server hosting a secured web site having an associated security expression wherein the security expression contains at least one role-based access privilege for the web site, the second web server configured to;
receive the cookie containing the access credential in response to an HTTP request from the client; and
if the access credential contains a role-based attribute in common with the security expression, grant the client access to the secured web site. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for globally restricting client access to a secured web site comprising:
-
receiving a client login at a first web server;
returning a cookie to the client containing an access credential wherein the access credential contains at least one role-based attribute specific to the client;
receiving the cookie containing the access credential from the client in response to an HTTP request at a second web server wherein the second web server hosts a secured web site having an associated security expression containing at least one role-based access privilege; and
if the access credential contains a role-based attribute in common with the security expression, granting the client access to the secured web site. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification
-
- Resources
-
Current AssigneeMatthew Todd Kromer, Michael Joseph Konopka, Paul L. Rathbun
-
Original AssigneeMatthew Todd Kromer, Michael Joseph Konopka, Paul L. Rathbun
-
InventorsRathbun, Paul L., Konopka, Michael Joseph, Kromer, Matthew Todd
-
Application NumberUS09/681,737Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current713/185CPC Class CodesH04L 63/0807 using tickets, e.g. Kerbero...H04L 63/105 Multiple levels of securityH04L 63/168 above the transport layer
