METHOD AND SYSTEM FOR GLOBAL LOGOFF FROM A WEB-BASED POINT OF CONTACT SERVER
First Claim
1. A method, operative at a point of contact that serves as an intermediary between a client browser and one or more back end applications, wherein each back-end application has the capability to set its own server-side session management data with respect to the point of contact that is independent of any client-side session management data set by the point of contact and used by the point of contact to manage a user session, the method comprising:
- as a back end application returns a response to a first request that has been issued from the client browser, associating with the server-side session management data given information that can be used to determine whether the server-side session management data is valid for a subsequent request, and forwarding to the client browser the response together with the server-side session management data and the given information; and
upon receipt of a new request that has associated therewith the server-side management data and the given information, determining whether the given information is valid and, if so, removing the given information from the server-side session management data and forwarding to the back-end application the new request, together with the server-side management data.
1 Assignment
0 Petitions
Accused Products
Abstract
A method carried out at a point of contact (e.g., reverse proxy, a web server plug-in, or the like) that serves as an intermediary between a client browser and one or more back-end applications (or application component), wherein each back-end application has the capability to set its own server-side session management data with respect to the point of contact that is independent of any client-side session management data set by the point of contact and used by the point of contact to manage a user session. The method begins as a given back-end application returns a response to a first request that has been issued from the client browser (the first request having been received at the point of contact and passed to a back end application or component for processing). The point of contact intercepts the out-going response, augments server-side session management data associated therewith with a “stamp,” and forwards to the client browser the response together with the server-side session management data as augmented to include the stamp. The stamp provides a way for the point of contact to later determine whether the server-side session management data, if received with another user request, is valid for that request. Later, upon receipt at the point of contact of a new user request that includes the server-side session management data (and stamp), the point of contact uses the stamp to determine whether the new request is valid. If so, the point of contact removes the stamp from the server-side session management data and forwards the new request (and the management data) to the back-end application for handling.
-
Citations
23 Claims
-
1. A method, operative at a point of contact that serves as an intermediary between a client browser and one or more back end applications, wherein each back-end application has the capability to set its own server-side session management data with respect to the point of contact that is independent of any client-side session management data set by the point of contact and used by the point of contact to manage a user session, the method comprising:
-
as a back end application returns a response to a first request that has been issued from the client browser, associating with the server-side session management data given information that can be used to determine whether the server-side session management data is valid for a subsequent request, and forwarding to the client browser the response together with the server-side session management data and the given information; and upon receipt of a new request that has associated therewith the server-side management data and the given information, determining whether the given information is valid and, if so, removing the given information from the server-side session management data and forwarding to the back-end application the new request, together with the server-side management data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 23)
-
-
10. In a point of contact that serves as an intermediary between a client browser and a one or more back end applications, wherein each back-end application has the capability to set its own server-side session management data with respect to the point of contact that is independent of any client-side session management data set by the point of contact and used by the point of contact to manage a user session initiated from the client browser, wherein server-side session management data has the capability of being reused by a second end user through the client browser after a first end user has logged off, the improvement comprising:
-
as the first end user interacts with the back end application during the user session, associating given information with the server-side session management data returned from the point of contact; and as the second end user attempts to interact with the back end application after the first end user has logged off, using the given information to determine whether the second user obtains access to the first end user'"'"'s resources at the back-end application.
-
-
11. Apparatus, comprising:
-
a manager component that serves as an intermediary between a client browser and one or more back end applications, wherein each back end application has the capability to set its own server-side session management data; and a computer readable medium having program code executable by a processor to perform the following method steps; as a back end application returns a response to a first request that has been issued from the client browser, associating with the server-side session management data given information that can be used to determine whether the server-side session management data is valid for a subsequent request, and forwarding to the client browser the response together with the server-side session management data and the given information; and upon receipt of a new request that has associated therewith the server-side management data and the given information, determining whether the given information is valid and, if so, removing the given information from the server-side session management data and forwarding to the back-end application the new request, together with the server-side session management data. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method, operative at a point of contact that serves as an intermediary between a client browser and one or more back-end applications, comprising:
-
as a back end application returns a response to a first request that has been issued from the client browser, stamping a session cookie set by the back end application and forwarding to the client browser the response together with the stamped session cookie; and upon receipt of a new request that has associated therewith the stamped session cookie, forwarding to the back end application the new request together with the session cookie if the stamped session cookie is determined to be valid. - View Dependent Claims (21, 22)
-
Specification