UNIFIED AUTHENTICATION FOR WEB METHOD PLATFORMS
First Claim
1. A system for authenticating one or more clients on a web method platform, comprising:
- a platform component that allows authenticated access to one or more web methods by a plurality of clients; and
a unified session authentication component that bootstraps an authenticated session unique to a type of each client and utilizes a subsequent mechanism to facilitate accessing the web methods, the subsequent mechanism is common to the clients.
2 Assignments
0 Petitions
Accused Products
Abstract
An authentication mechanism is provided for a web method platform that allows homogeneous access for different types of clients according to a bootstrapping procedure utilized to establish the session. Different clients can be assigned different levels of trust based in part on the bootstrapping procedure and/or information provided during the procedure. The bootstrapping procedure can produce a token that is used by the clients in subsequent requests to provide previous authentication or state information to the platform. The token can comprise a shared secret used to ensure integrity of communications in some cases, and the token can be opaque to the client. Tokens can expire and require a client to re-bootstrap to provide higher levels of authentication protection, and tokens can be shared among a plurality of application servers to facilitate effective handling of requests in a farmed environment.
90 Citations
20 Claims
-
1. A system for authenticating one or more clients on a web method platform, comprising:
-
a platform component that allows authenticated access to one or more web methods by a plurality of clients; and a unified session authentication component that bootstraps an authenticated session unique to a type of each client and utilizes a subsequent mechanism to facilitate accessing the web methods, the subsequent mechanism is common to the clients. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for providing one or more application servers authenticated access to platform data, comprising:
-
receiving credentials related to a user of an application server and a message authentication code key related to the application server; generating a token for subsequent requests, the token comprising the message authentication code key; and sending the token to the application server as part of a bootstrapping procedure. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system that authenticates one or more clients with respect to accessing one or more web methods on a platform, comprising:
-
means for bootstrapping an authenticated session request with one or more disparate clients for subsequent access to one or more exposed web methods; and means for assigning a trust-tier level to the one or more disparate clients based at least in part on the bootstrapping, access to the one or more web methods is controlled based at least in part on the trust-tier level. - View Dependent Claims (20)
-
Specification