DYNAMIC LOAD REDISTRIBUTION AMONG DISTRIBUTED SERVERS
First Claim
1. At a computer system including a processor and a memory, in a computer networking environment including a plurality of computing systems, a computer-implemented method for redistributing authentication requests among a plurality of authentication servers, the method comprising:
- an act of instantiating a secure channel management service configured to manage one or more secure channel connections, wherein the secure channel management service is configured to receive state inputs from one or more currently deployed authentication proxy servers;
an act of receiving at least one state input from at least one of the currently deployed authentication proxy servers, the authentication proxy servers being configured to queue authentication requests for transmission to one or more authentication servers;
an act of determining that, based on the received state input, one or more of the secure channels are to be remapped to a different authentication proxy server; and
an act of remapping the determined one or more secure channels to distribute future authentication requests among the plurality of authentication proxy servers.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments are directed to redistributing authentication requests among a plurality of authentication servers and to centrally managing authentication affinities among distributed servers using a secure channels affinity service. A computer system instantiates a secure channel management service configured to manage secure channel connections. The secure channel management service receives state inputs from currently deployed authentication servers. The authentication servers may be configured to queue authentication requests for transmission to authentication servers. The computer system determines that, based on the received state input, at least one of the secure channels is to be remapped to a different authentication server. The computer system also remaps the determined secure channels to distribute future authentication requests among the authentication servers. In some cases, the current state of an authentication proxy server is embedded in communications transmitted by the authentication server, such that the secure channel connections are managed using the embedded state information.
-
Citations
20 Claims
-
1. At a computer system including a processor and a memory, in a computer networking environment including a plurality of computing systems, a computer-implemented method for redistributing authentication requests among a plurality of authentication servers, the method comprising:
-
an act of instantiating a secure channel management service configured to manage one or more secure channel connections, wherein the secure channel management service is configured to receive state inputs from one or more currently deployed authentication proxy servers; an act of receiving at least one state input from at least one of the currently deployed authentication proxy servers, the authentication proxy servers being configured to queue authentication requests for transmission to one or more authentication servers; an act of determining that, based on the received state input, one or more of the secure channels are to be remapped to a different authentication proxy server; and an act of remapping the determined one or more secure channels to distribute future authentication requests among the plurality of authentication proxy servers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer program product for implementing a method for centrally managing authentication affinities among distributed servers using a secure channels affinity service, the computer program product comprising one or more computer-readable storage media having stored thereon computer-executable instructions that, when executed by one or more processors of the computing system, cause the computing system to perform the method, the method comprising:
-
an act of receiving at a secure channels affinity service an indication of authentication demand at a plurality of different authentication servers; an act of the secure channel affinity service determining that one or more authentication affinities of the authentication servers are to be altered according to the received indication of authentication demand; and an act of the secure channels affinity service dynamically changing the authentication affinities of at least one of the authentication servers based on the received indication of authentication demand. - View Dependent Claims (17, 18, 19)
-
-
20. A computer system comprising the following:
-
one or more processors; system memory; one or more computer-readable storage media having stored thereon computer-executable instructions that, when executed by the one or more processors, causes the computing system to perform a method for redistributing authentication requests among a plurality of authentication servers, the method comprising the following; an act of receiving at least one state input embedded in a communication from at least one of the currently deployed authentication proxy servers, the authentication proxy servers being configured to queue authentication requests for transmission to one or more authentication servers, the state input including at least one of the following;
a total number of consumers, a number of consumers currently authenticating through the authentication proxy servers in the domain, a total number of proxy servers, the proxy servers'"'"' current processing capacity and an affinity mapping between the consumer servers and the authentication proxy servers;an act of determining that, based on the received embedded state input, one or more of the secure channels are to be remapped to a different authentication server; and an act of remapping the determined one or more secure channels according to one of a plurality of different remapping algorithm to distribute future authentication requests among the plurality of authentication proxy servers.
-
Specification