Adaptive HTTP Authentication Scheme Selection
First Claim
1. A method for selecting a Hypertext Transfer Protocol (HTTP) authentication scheme at a client computer, the method comprising:
- sending a first request message from the client computer to a server computer, the first request message requesting information stored on the server computer;
receiving an HTTP response message from the server computer, the response message including an HTTP header with a first scheme identifier and a second scheme identifier, the first scheme identifier indicating a first HTTP authentication scheme and the second scheme identifier indicating a second HTTP authentication scheme;
determining whether the client computer supports the second HTTP authentication scheme;
in response to determining that the client computer does not support the second HTTP authentication scheme, selecting the first HTTP authentication scheme and sending an HTTP message to the server computer using the first HTTP authentication scheme; and
in response to determining that the client computer does support the second HTTP authentication scheme, selecting the second HTTP authentication scheme and sending an HTTP message to the server computer using the second HTTP authentication scheme.
2 Assignments
0 Petitions
Accused Products
Abstract
A method is presented for selecting an HTTP authentication scheme at a client computer. A request message is sent from the client computer to a server computer to access information on the server computer. In response, the client computer receives a response message from the server computer. The response message includes an HTTP header that includes a first scheme identifier, indicating a first HTTP authentication scheme and a second scheme identifier, indicating a second HTTP authentication scheme. If the client computer does not support the second HTTP authentication scheme, the client computer uses the first HTTP authentication scheme when sending another HTTP message to the server computer. If the client computer supports the second HTTP authentication scheme, the client computer uses the second HTTP authentication scheme when sending another HTTP message to the server computer.
-
Citations
20 Claims
-
1. A method for selecting a Hypertext Transfer Protocol (HTTP) authentication scheme at a client computer, the method comprising:
-
sending a first request message from the client computer to a server computer, the first request message requesting information stored on the server computer; receiving an HTTP response message from the server computer, the response message including an HTTP header with a first scheme identifier and a second scheme identifier, the first scheme identifier indicating a first HTTP authentication scheme and the second scheme identifier indicating a second HTTP authentication scheme; determining whether the client computer supports the second HTTP authentication scheme; in response to determining that the client computer does not support the second HTTP authentication scheme, selecting the first HTTP authentication scheme and sending an HTTP message to the server computer using the first HTTP authentication scheme; and in response to determining that the client computer does support the second HTTP authentication scheme, selecting the second HTTP authentication scheme and sending an HTTP message to the server computer using the second HTTP authentication scheme. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A server computer comprising:
-
a processing unit; and system memory, the system memory including instructions that when executed by the processing unit cause the server computer to; receive a first request message from a client computer, the first request message requesting information stored on the server computer; in response to receiving the first request message from the client computer, send a first response message to the client computer, the first response message including an HTTP header, the HTTP header including a first scheme identifier and a second scheme identifier, the first scheme identifier indicating a first HTTP authentication scheme and the second scheme identifier indicating a second HTTP authentication scheme; receive a second request message from the client computer; in response to receiving the second request message from the client computer, determine whether the second request message includes the second scheme identifier; in response to determining the second request message includes the second scheme identifier, send a second response message to the client computer, the second response message including the second scheme identifier; and in response to determining that the second request message does not include the second scheme identifier, send a second response message to the client computer, the second response message including the first scheme identifier. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer-readable data storage medium comprising instructions that, when executed by a processing unit of a server computer, cause the server computer to:
-
receive a first request message from a client computer, the first request message requesting information stored on the server computer; in response to the first request message, send a reply message to the client computer, the reply message including an HTTP header, the HTTP header including a first scheme identifier and a second scheme identifier, the first scheme identifier being “
Negotiate” and
the second scheme identifier being “
Nego2”
, the reply message also including a first data block following the second scheme identifier, the first data block including one or more identifiers of authentication protocols that the server computer accepts;receive a second request message from the client computer, the second request message including a second HTTP header, the second HTTP header including a third scheme identifier; determine whether the third scheme identifier matches the first scheme identifier; in response to determining that the third scheme identifier matches the first scheme identifier, select an HTTP authentication scheme indicated by the first scheme identifier; determine whether the third scheme identifier matches the second scheme identifier; in response to determining that the third scheme identifier matches the second scheme identifier, select an HTTP authentication scheme indicated by the second scheme identifier; in response to determining that the third scheme identifier matches the second scheme identifier, identify a client-accepted authentication protocol by processing a second data block included in the second request message, the client-accepted authentication protocol being an authentication protocol accepted by the client computer; and use the client-accepted authentication protocol to authenticate the client computer at the server computer.
-
Specification