Caching public objects with private connections

US 20080209524A1
Filed: 02/23/2007
Published: 08/28/2008
Est. Priority Date: 02/23/2007
Status: Active Grant

First Claim

Patent Images

1. In a computing environment, a method comprising:

receiving at a web proxy server a request from a client for web content, in which the client has an authenticated connection to a web server that serves the content;

forwarding the request to the web server over an unauthenticated connection, and1) if the web content is received in response to the request, caching the content and returning the content to the client, or2) if the requested content is not received because of a need for authentication, re-requesting the web content over the authenticated connection.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described is a technology by which a web proxy server forwards a client request for content to a web server over an unauthenticated connection, including when the client already has an authenticated connection to that web server. If the web content is not received because of a need for authentication, the content is re-requested over the client'"'"'s authenticated connection, or if one does not yet exist, returns the response to the client to complete the authentication process to establish an authenticated connection. A learning mechanism (e.g., that persists known private URLs) may be coupled to the selection mechanism to maintain references to objects that are private, and thereby avoid redundant retrieval attempts for known private objects over unauthenticated connections.

23 Citations

View as Search Results

20 Claims

1. In a computing environment, a method comprising:
- receiving at a web proxy server a request from a client for web content, in which the client has an authenticated connection to a web server that serves the content;
  
  forwarding the request to the web server over an unauthenticated connection, and1) if the web content is received in response to the request, caching the content and returning the content to the client, or2) if the requested content is not received because of a need for authentication, re-requesting the web content over the authenticated connection.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1 further comprising, receiving the web content via the authenticated connection and returning the content to the client without caching.
  - 3. The method of claim 1 wherein an authentication request is received in response to the request for web content to indicate the need for authentication.
  - 4. The method of claim 1 further comprising, passing an authentication request form the web server to the client to complete an authentication process to establish the authenticated connection.
  - 5. The method of claim 4 further comprising, at the web proxy server, marking the established connection between the client and the web server as authenticated including updating a data structure.

6. In a computing environment, a system comprising, a web proxy server configured to cache at least some public objects received from web servers, and to return a cached object in response to a client request when the object is cached and valid, and to otherwise forward the client request for the object to a web server, and a selection mechanism coupled to the web proxy server that forwards the client request for an object that may or may not be private via an unauthenticated connection to determine based on the web server response whether the object is private or public in the absence of a specific cache directive.
- View Dependent Claims (7, 8, 9, 10, 11, 12)
- - 7. The system of claim 6 wherein the web server returns the requested object in response to the request via the unauthenticated connection, and wherein the web proxy server caches the object and returns the object to the client.
  - 8. The system of claim 6 further comprising a data structure that indicates whether the client has an authenticated connection to the web server, wherein the web server returns a response indicating authentication is needed to obtain the object such that the web proxy server knows the objects is private, and wherein the web proxy server accesses the data structure to determine whether the client has an already-existing authenticated connection to the web server.
  - 9. The system of claim 6 wherein the web proxy server determines that the client has an already-existing authenticated connection to the web server, and wherein the selection mechanism requests the object over the existing authenticated connection.
  - 10. The system of claim 6 wherein the web proxy server determines that the client does not have an already-existing authenticated connection to the web server, and wherein the selection mechanism returns the response indicating authentication is needed to the client to allow the client to complete the authentication process.
  - 11. The system of claim 6 further comprising a learning mechanism coupled to the selection mechanism to establish that the requested object is known to be private.
  - 12. The system of claim 11 wherein the learning mechanism maintains data corresponding to URLs.

13. A computer-readable medium having computer-executable instructions, comprising:
- receiving at a web proxy server a request from a client for web content;
  
  determining whether the request is to be forwarded to a web server, and if so, selecting as a selected connection an unauthenticated connection or an authenticated connection for forwarding the request to the web servers, and forwarding the request via the selected connection;
  
  receiving a response from the web server in response to the request, and1) if the selected connection was an unauthenticated connection and web content is received in response to the request and is cacheable, caching the content and returning the content to the client;
  
  or2) if the selected connection was an unauthenticated connection and requested content is not received because of a need for authentication, determining whether the client has an authenticated connection to the web server, and if so, selecting the authenticated connection and re-requesting the web content over the authenticated connection, or if not, allowing the client to complete the authentication process to establish an authenticated connection.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The computer-readable medium of claim 13 wherein selecting as the selected connection comprises, determining whether the requested content is known to be private, and if so, determining whether an authenticated connection exists for this client, and if so, selecting the authenticated connected as the selected connection.
  - 15. The computer-readable medium of claim 13 wherein selecting comprises, determining whether the requested content is known to be private, and if not known, selecting the unauthenticated connection as the selected connection.
  - 16. The computer-readable medium of claim 13 wherein selecting comprises, selecting the unauthenticated connection as the selected connection when no prior attempt to request the content was made for this client and web page via an unauthenticated connection.
  - 17. The computer-readable medium of claim 13 wherein determining whether the request is to be forwarded to a web server comprises accessing cache data to determine whether the content is valid in a cache.
  - 18. The computer-readable medium of claim 13 having further computer-executable instructions, comprising, receiving the web content via the authenticated connection and returning the content to the client without caching.
  - 19. The computer-readable medium of claim 13 wherein an authentication request is received in response to the request for web content to indicates the need for authentication, and wherein allowing the client to complete the authentication process comprises returning the authentication request to the client.
  - 20. The computer-readable medium of claim 19 wherein the client completes the authentication process, and further comprising, marking an established connection between the client and the web server as authenticated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Almog, Itai, Shiran, Tomer

Granted Patent

US 8,091,124 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

H04L 63/0281 Proxies

H04L 63/08 for authentication of entit...

Caching public objects with private connections

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

23 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Caching public objects with private connections

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links