Cookie-based acceleration of an authentication protocol
First Claim
Patent Images
1. A method for authentication comprising:
- receiving a request from a client for a network service at a cache server;
authenticating the client according to a non-cacheable authentication protocol, including passing client credentials to a client database manager;
setting a cookie for the authenticated client;
receiving an additional request from the client for a network service at the cache server, the request including the cookie; and
authenticating the client for the additional request with the cookie without passing client credentials to the client database manager.
2 Assignments
0 Petitions
Accused Products
Abstract
A system uses a proxy server to authenticate a client with an authentication protocol that does not support caching. Rather than cache the client'"'"'s authentication credentials, or access a client account manager for each network request generated by the client, the proxy server issues a cookie to an authenticated client and authenticate the client for subsequent request on the basis of the cookie.
268 Citations
27 Claims
-
1. A method for authentication comprising:
-
receiving a request from a client for a network service at a cache server;
authenticating the client according to a non-cacheable authentication protocol, including passing client credentials to a client database manager;
setting a cookie for the authenticated client;
receiving an additional request from the client for a network service at the cache server, the request including the cookie; and
authenticating the client for the additional request with the cookie without passing client credentials to the client database manager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A network device comprising:
-
a network interface to connect to a network to couple to a client device and a domain controller;
a memory having instructions to define operations including authenticating the client device according to an authentication procedure of an authentication protocol to allow network access to the client, issuing a cookie to an authenticated client, and bypassing the authentication procedure of the protocol by authenticating the client with the cookie for subsequent network access; and
a processor to execute the instructions. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method comprising:
-
receiving a client request for an access to a network domain;
authenticating the client with a non-cacheable, challenge-based authentication protocol at a proxy server, including the proxy server accessing a domain controller;
issuing a cookie for the domain from the proxy server to the authenticated client; and
authenticating the client at the proxy server with the cookie for an additional access to the domain. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. An article of manufacture comprising a machine-accessible medium having content to provide instructions to result in a machine performing operations including:
-
receiving a client request for an access to a network domain;
authenticating the client with a non-cacheable, challenge-based authentication protocol at a proxy server, including the proxy server accessing a domain controller;
issuing a cookie for the domain from the proxy server to the authenticated client; and
authenticating the client at the proxy server with the cookie for an additional access to the domain. - View Dependent Claims (23, 24)
-
-
25. A system comprising:
-
a domain controller to manage a client account database, the client account database to store values associated with client credentials, the domain controller to verify client credentials with the values stored in the client account database to verify an identity of the client; and
a caching server coupled to the domain controller, to receive from a client device having a network address network service request, pass credentials obtained from the client to the domain controller to authenticate the client, issue a cookie to the client to indicate the client has been authenticated, and authenticate the client for a network service request on the basis of the cookie. - View Dependent Claims (26, 27)
-
Specification