Multi-domain access proxy for handling security issues in browser-based applications
First Claim
1. A request-based communication method in a networked environment between an end-user associated client having a client URL and implementing a user interface via a Web Browser (1), a first Webserver (4) having a first server URL and communicating with the Web Browser (1) of the client, and at least a second Webserver (5) having a second server URL, different to the first server URL and communicating with said first Webserver (4), which second web server (5) runs a web application (6) that acts as a back-end content resource (13), wherein within the run of an aggregated web application (2) said content resource (13) is restricted to be accessed by said end-user associated client (1) Web Browser due to security restrictions being effective, when an executable code (8), which isdownloaded from said first Webserver, is executed in order to access said back-end content resource (13) on said second Webserver, characterized by using a program means (10) for overcoming said security restrictions by performing the steps of:
- a) changing (650) the requestor address in a request incoming from the client at the first server and directed to access said back-end content resource (13), to be said first server URL;
b) forwarding said changed request as a redirected request to the second web, server (5);
c) receiving (710) a response to the forwarded request from the second web server (5) comprising said second server URL as response address;
d) changing (720) the response address to be the first server URL; and
e) forwarding back (750) the changed response to the changed request to the client, which originally issued the request.
1 Assignment
0 Petitions
Accused Products
Abstract
A request-based communications method, system and program product for overcoming security restrictions, in a networked environment having a client Web Browser (1), a first Webserver (4), and at least a second Webserver (5) which runs a web application (6) that acts as a back-end content resource (13), wherein within the run of an aggregated web application (2) the content resource is restricted to be accessed due to security restrictions being effective when an executable code downloaded from the first Webserver is executed in order to access said back-end content resource. The security restrictions are overcome by a) redirecting an incoming request issued by the client, to the second web server, and b) forwarding back the response to the request from the second web server to the client, which originally issued the request.
-
Citations
8 Claims
-
1. A request-based communication method in a networked environment between
an end-user associated client having a client URL and implementing a user interface via a Web Browser (1), a first Webserver (4) having a first server URL and communicating with the Web Browser (1) of the client, and at least a second Webserver (5) having a second server URL, different to the first server URL and communicating with said first Webserver (4), which second web server (5) runs a web application (6) that acts as a back-end content resource (13), wherein within the run of an aggregated web application (2) said content resource (13) is restricted to be accessed by said end-user associated client (1) Web Browser due to security restrictions being effective, when an executable code (8), which isdownloaded from said first Webserver, is executed in order to access said back-end content resource (13) on said second Webserver, characterized by using a program means (10) for overcoming said security restrictions by performing the steps of: -
a) changing (650) the requestor address in a request incoming from the client at the first server and directed to access said back-end content resource (13), to be said first server URL;
b) forwarding said changed request as a redirected request to the second web, server (5);
c) receiving (710) a response to the forwarded request from the second web server (5) comprising said second server URL as response address;
d) changing (720) the response address to be the first server URL; and
e) forwarding back (750) the changed response to the changed request to the client, which originally issued the request. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A network server computer system (4) for use in a request-based communication method in a networked environment including;
-
an end-user associated client having a client URL and implementing a user interface via a Web Browser (1); and
a first Webserver (4) having a first server URL and communicating with the Web Browser (1) of the client, and at least a second Webserver (5) having a second server URL, different to the first server URL and communicating with said first Webserver (4), which second web server (5) runs a web application (6) that acts as a back-end content resource (13), wherein within the run of an aggregated web application (2) said content resource (13) is restricted to be accessed by said end-user associated client (1) Web Browser due to security restrictions being effective, when an executable code (8), which is downloaded from said first Webserver, is executed in order to access said back-end content resource (13) on said second Webserver, said system (4) being characterized by a program means (10) having a functional component for overcoming said security restrictions by performing the steps of;
a) changing (650) the requestor address in a request incoming from the client at the first server and directed to access said back-end content resource (13), to be said first server URL, b) forwarding said changed request as a redirected request to the second web server (5), c) receiving (710) a response to the forwarded request from the second web server (5) comprising said second server URL as response address, d) changing (720) the response address to be the first server URL, e) forwarding back (750) the changed response to the changed request to the client, which originally issued the request.
-
-
7. (canceled)
-
8. A computer program product stored on a computer usable medium comprising computer readable program means for causing a computer to perform a request-based communication method in a networked environment between
an end-user associated client having a client URL and implementing a user interface via a Web Browser (1), a first Webserver (4) having a first server URL and communicating with the Web Browser (1) of the client, and at least a second Webserver (5) having a second server URL, different to the first server URL and communicating with said first Webserver (4), which second web server (5) runs a web application (6) that acts as a back-end content resource (13), wherein within the run of an aggregated web application (2) said content resource (13) is restricted to be accessed by said end-user associated client (1) Web Browser due to security restrictions being effective, when an executable code (8), which is downloaded from said first Webserver, is executed in order to access said back-end content resource (13) on said second Webserver, characterized by said program product having a functional component for overcoming said security restrictions by performing the steps of: -
a) changing (650) the requestor address in a request incoming from the client at the first server and directed to access said back-end content resource (13), to be said first server URL, b) forwarding said changed request as a redirected request to the second web server (5), c) receiving (710) a response to the forwarded request from the second web server (5) comprising said second server URL as response address, d) changing (720) the response address to be the first server URL, e) forwarding back (750) the changed response to the changed request to the client, which originally issued the request, when said computer program product is executed on a computer.
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsJuhls, Hauke, Seurig, Andreas
-
Application NumberUS11/269,263Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current709/225CPC Class CodesH04L 63/08 for authentication of entit...H04L 67/02 based on web technology, e....H04L 67/56 Provisioning of proxy servi...H04L 67/567 Integrating service provisi...
