HTTP PASSWORD MEDIATOR
First Claim
1. A method comprising;
- identifying a hypertext transfer protocol (HTTP) request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system;
obtaining user credentials using the HTTP request;
requesting security information for the user with respect to the destination system, wherein the security information comprises a password;
determining, by a processor, whether the user is allowed to perform the operation in view of the security information; and
upon determining that the user is allowed to perform the operation, modifying the HTTP request in view of the security information and sending the modified HTTP request to the destination system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for password mediation including identifying an HTTP request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system, obtaining user credentials using the HTTP request, requesting security information for the user with respect to the destination system, determining whether the user is allowed to perform the operation based on the security information, and upon determining that the user is allowed to perform the operation, modifying the HTTP request based on the security information and sending the modified HTTP request to the destination system.
23 Citations
20 Claims
-
1. A method comprising;
-
identifying a hypertext transfer protocol (HTTP) request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system; obtaining user credentials using the HTTP request; requesting security information for the user with respect to the destination system, wherein the security information comprises a password; determining, by a processor, whether the user is allowed to perform the operation in view of the security information; and upon determining that the user is allowed to perform the operation, modifying the HTTP request in view of the security information and sending the modified HTTP request to the destination system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a memory; and a processing device coupled to the memory to; identify a hypertext transfer protocol (HTTP) request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed by a user of the client application at a destination system; obtain user credentials using the HTTP request; request security information for the user with respect to the destination system, wherein the security information comprises a password; determine, by a processor, whether the user is allowed to perform the operation in view of the security information; and upon determining that the user is allowed to perform the operation, modify the HTTP request in view of the security information and send the modified HTTP request to the destination system. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium including instructions that, when executed by a computer system, cause the computer system to perform a set of operations comprising:
-
identifying a hypertext transfer protocol (HTTP) request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system; obtaining user credentials using the HTTP request; requesting security information for the user with respect to the destination system, wherein the security information comprises a password; determining whether the user is allowed to perform the operation in view of the security information; and upon determining that the user is allowed to perform the operation, modifying the HTTP request in view of the security information and sending the modified HTTP request to the destination system. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification