Native Use Of Web Service Protocols And Claims In Server Authentication
First Claim
1. A computer-implemented authentication system, comprising:
- an authentication component for providing authentication to a web service based on claims; and
an abstraction layer for exposing the authentication to a client application for natively accessing the web service.
2 Assignments
0 Petitions
Accused Products
Abstract
Architecture for natively authenticating a client application to a web server via HTTP authentication. The Web Services Architecture, and more specifically, Web Services Security, is leveraged to enable legacy applications to access web services transparently to the existing legacy applications. A security support provider (SSP) is created that employs WS-* protocol to at least emulate ws-trust and ws-mex thereby enabling policy exchange via an HTTP protocol stack. Policy can be exchanged via a WWW-Authenticate header enabling legacy applications to use the WS-* family of protocols without modifying the client application. The WS-* protocols are abstracted into a generic programming interface for native client application use.
77 Citations
20 Claims
-
1. A computer-implemented authentication system, comprising:
-
an authentication component for providing authentication to a web service based on claims; and an abstraction layer for exposing the authentication to a client application for natively accessing the web service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer-implemented method of authenticating a client, comprising:
-
sending a request for access from a client to a web server; receiving a request for claims information from the web server; processing the request for claims information from the client to a federated service; receiving the claims information from the federated service; and authenticating the client to the web server based on the claims information. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-implemented system, comprising:
-
computer-implemented means for sending a request for access from a client to a web server; computer-implemented means for receiving a request for claims information from the web server; computer-implemented means for processing the request for claims information from the client to a federated service; computer-implemented means for receiving the claims information from the federated service; and computer-implemented means for authenticating the client to the web server based on the claims information.
-
Specification