Network access using reverse proxy
First Claim
1. A method for accessing a network comprising:
- receiving at a proxy server a request from a user at a client for accessing a server on a private network;
authenticating the user, to determine whether the user is authorized to make the request;
validating the request, to determine whether the request is permitted; and
if the user is authorized and the request is permitted;
translating the request into a request from the proxy server to the server, and forwarding the translated request to the server.
1 Assignment
0 Petitions
Accused Products
Abstract
A security platform connected to a private network permits access to the private network from a public network (such as the Internet) through a variety of mechanisms. A reverse proxy system operating as part of the security platform provides access to web-enabled applications from a browser connected to the public network. The reverse proxy rewrites requests and responses so that the browser directs requests to the reverse proxy, from which the requests can be directed to the appropriate server on the public network or the private network. Responses come back to the reverse proxy, and are then forwarded to the browser. An SSL tunneling system permits fat clients to access the private network through an SSL connection. The SSL tunneling system employs a server component operating on the security platform and components downloaded to the client computer from the security platform. The client components include a control component operating in a browser window, a server-proxy component that sets up secure communications with the private network, and an adapter component between the server-proxy and the fat client. The adapter component operates in kernel space. Data is directed from the fat client to the adapter, and then forwarded to the server-proxy; data from the server-proxy is directed to the adapter, and then forwarded to the fat client. Security is provided through the use of multiple authentication realms, each of which provides a set of authentication stages for authenticating users and providing client integrity validation.
140 Citations
26 Claims
-
1. A method for accessing a network comprising:
-
receiving at a proxy server a request from a user at a client for accessing a server on a private network;
authenticating the user, to determine whether the user is authorized to make the request;
validating the request, to determine whether the request is permitted; and
if the user is authorized and the request is permitted;
translating the request into a request from the proxy server to the server, and forwarding the translated request to the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer program product, residing on a computer-readable medium, for use in accessing a network, the computer program product comprising instructions for causing a computer to:
-
receive at a proxy server a request from a user at a client for accessing a server on a private network;
authenticate the user, to determine whether the user is authorized to make the request;
validate the request, to determine whether the request is permitted; and
if the user is authorized and the request is permitted;
translate the request into a request from the proxy server to the server, and forward the translated request to the server. - View Dependent Claims (26)
-
Specification