Resumption of user authentication and restoration of interrupted virtual sessions in a stateless network
First Claim
1. A process, embodied in an interactive message communication system via a stateless network, for resuming user authentication and restoration of interrupted virtual sessions without loss of data or disruption of workflow, comprising the steps of:
- receiving a service request from a user who has logged into a service provider Website application via a browser running on a Web client device, wherein said service provider Website application runs on a Web server coupled to a Web content, a database, and an authenticator;
authenticating said user, wherein said Web server returns a login page to said browser if authentication fails for any reason; and
upon a successful authentication, proceeding said service request submitted by said user.
3 Assignments
0 Petitions
Accused Products
Abstract
This invention is embodied in an interactive message communication system in a stateless network such as the Internet, providing for resumption of user authentication and restoration of interrupted virtual sessions without loss of data or disruption of workflow. When a user enters the application from any source, he starts a new session by a successful login. The login page includes hidden contextual information describing the initial user request. The hidden contextual information, once submitted together with the proper user ID and password is used to resume the user request and allow the Web server to respond. While in the circumstances where a session is expired or timed-out, when the user completes his message and submits his request, the Web server sends the hidden contextual information included in the request, along with a login page, back to the browser. The user is required to reenter his login information. When he logs in again, all contextual information included in his original request is resubmitted with the login information. An authenticator in the Web server then verifies the login information against the server'"'"'s database. If the login information is correct, the user is authenticated, and therefore his request is proceeded and the virtual session is restored without loss of data. If the login information is incorrect, the authentication fails, and the login page is returned to the browser. This cycle may be repeated as many times as the user submits incorrect login information. Alternatively, it may be repeated until a predetermined number of attempts is reached, at which point the server refuses to respond further.
-
Citations
22 Claims
-
1. A process, embodied in an interactive message communication system via a stateless network, for resuming user authentication and restoration of interrupted virtual sessions without loss of data or disruption of workflow, comprising the steps of:
-
receiving a service request from a user who has logged into a service provider Website application via a browser running on a Web client device, wherein said service provider Website application runs on a Web server coupled to a Web content, a database, and an authenticator;
authenticating said user, wherein said Web server returns a login page to said browser if authentication fails for any reason; and
upon a successful authentication, proceeding said service request submitted by said user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for restoration of an interrupted virtual session in a stateless network comprising the steps of:
-
authenticating said user when said Web server receives said user'"'"'s service request;
if authentication succeeds, restoring said session by returning a Web content to said browser, wherein said Web content is the Web content to which said user accessed immediately before said session was interrupted; and
if authentication fails for any reason, sending a login page, together with said contextual information associated with said service request, back to said browser, wherein said user is required to reenter his login information and submit said login information to said Web server for authentication. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer network comprising:
-
a service provider Website, wherein said service provider Website comprises a Web server, a Web content, and a database, wherein said Web content is coupled to an authenticator;
a number of service provider Web clients, wherein said service provider Web client comprises a browser installed on a service provider Web client device;
a number of service user clients, wherein said service user Web client comprises a browser installed on a service user Web client device;
an Internet via which said Web server, said service provider clients, and said service user Web clients communicate; and
further comprising means for;
receiving a service request from a user who has logged into a service provider Website application via a browser running on a Web client device, wherein said service provider Website application runs on a Web server coupled to a Web content, a database, and an authenticator;
authenticating said user, wherein said Web server returns a login page to said browser if authentication fails for any reason; and
upon a successful authentication, proceeding said service request submitted by said user. - View Dependent Claims (19, 20, 21, 22)
-
Specification