SYSTEMS AND METHODS FOR USING A CLIENT AGENT TO MANAGE HTTP AUTHENTICATION COOKIES
First Claim
1. A method for using a client agent to enable http cookie authentication in non-HTTP communications from a client, the method comprising:
- (a) intercepting, by a client agent executing on a client, a connection request from the client;
(b) establishing, by the client agent, a transport layer virtual private network connection with a network appliance;
(c) transmitting, by the client agent via the established connection, an HTTP request comprising an authentication cookie; and
(d) transmitting, by the client agent via the connection, the connection request.
8 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described for using a client agent to manage HTTP authentication cookies. One method includes intercepting, by a client agent executing on a client, a connection request from the client; establishing, by the client agent, a transport layer virtual private network connection with a network appliance; transmitting, by the client agent via the established connection, an HTTP request comprising an authentication cookie; and transmitting, by the client agent via the connection, the connection request. A second method includes intercepting, by a client agent executing on a client, an HTTP communication comprising a cookie from an appliance on a virtual private network to the client; removing, by the client agent, the cookie from the HTTP communication; storing, by the client agent, the received cookie; transmitting, by the client agent, the modified HTTP communication to an application executing on the client; intercepting, by the client agent, an HTTP request from the client; inserting, by the client agent in the HTTP request, the received cookie; and transmitting the modified HTTP request to the appliance. Corresponding systems are also described.
-
Citations
16 Claims
-
1. A method for using a client agent to enable http cookie authentication in non-HTTP communications from a client, the method comprising:
-
(a) intercepting, by a client agent executing on a client, a connection request from the client; (b) establishing, by the client agent, a transport layer virtual private network connection with a network appliance; (c) transmitting, by the client agent via the established connection, an HTTP request comprising an authentication cookie; and (d) transmitting, by the client agent via the connection, the connection request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer implemented system for using a client agent to enable HTTP cookie authentication in non-HTTP communications from a client, the system comprising:
-
a client computing device; and a client agent executing on the client, which intercepts a connection request from the client;
establishes a transport layer virtual private network connection with a network appliance;
transmits, by the client agent via the established connection, an HTTP request comprising an authentication cookie; and
transmits, by the client agent via the connection, the connection request.
-
-
10. The system of claim 0, wherein the client agent executes transparently with respect to one of the following network layers:
- the application layer, the presentation layer, the session layer, or the transport layer.
-
11. The system of claim 0, wherein the client agent intercepts a transport-layer connection request from the client, wherein the interception occurs at one of the following network layers:
- the transport layer, the network layer, or the data layer.
-
12. The system of claim 0, wherein the client agent intercepts a TCP SYN packet.
-
13. The system of claim 0, wherein the client agent transmits, via the established connection, an HTTP request comprising an authentication cookie prior to any data being transmitted via the connection.
-
14. The system of claim 0, wherein the client agent transmits, via the established connection, an HTTP request comprising an authentication cookie, the cookie comprising user authentication credentials.
-
15. The system of claim 0, wherein the client agent transmits, via the established connection, an HTTP request comprising an authentication cookie, the cookie comprising application-specific authentication credentials.
-
16. The system of claim 0, wherein the client agent receives an HTTP response, the HTTP response comprising an acceptance of the authentication cookie.
Specification
-
- Resources
-
Current AssigneeCitrix Systems, Inc. (Cloud Software Group)
-
Original AssigneeCitrix Systems, Inc. (Cloud Software Group)
-
InventorsSoni, Ajay, Venkatraman, Charu, He, Junxiao
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current713/151
-
CPC Class CodesH04L 63/08 for authentication of entit...H04L 63/145 the attack involving the pr...H04L 67/02 based on web technology, e....H04L 67/568 Storing data temporarily at...
