Authentication of users with dynamically configurable protocol stack
First Claim
1. A multi-node computer system for connecting a client node to a server node over a network, the network operating according to a predefined network protocol defined by a plurality of layers including a session layer, the computer network system comprising:
- (a) first storage apparatus located in the server node;
(b) a service program located in the first storage apparatus of the server node for offering a service to the client node;
(c) second storage apparatus located in the client node;
(d) communications directory service programs located in the client node and in the server node, each of the communications directory service programs having means for storing a service object for each service available on the network, each service object including a stack definition that defines layers of the network protocol needed to communicate with each corresponding service;
(e) first apparatus located in the client node for retrieving a stored service object from the communications directory service program in the client node and for dynamically configuring a protocol stack based on the stack definition included with the service object, the protocol stack having program code means for communicating on the network in accordance with the predefined network protocol, the protocol stack further having client authentication means for collecting information about a user and authenticating the user with the service, the first apparatus further including means for returning an access point to a client application executing on the client node, the access point referencing a portion of the protocol stack corresponding to the session layer; and
(g) second apparatus located in the client node for invoking the client authentication means in response to a protocol stack activation request by a user, wherein a client application first activates the protocol stack and then accesses the protocol stack at the access point to communicate with the service program.
3 Assignments
0 Petitions
Accused Products
Abstract
On a multi-node client server network, a client node obtains access to remote services by means of a communications directory service located in each node of the network. The communications directory service includes a tree structure to which existing directory services and other network services can be added. The tree structure has a plurality of nodes each of which includes specific methods that query and browse the associated directory service if such actions are supported by the underlying service. The communications directory service further includes shared libraries which store a service object associated with each service offered on the network. The service object, in turn, includes the service exchange address and communication link configuration information. A client desiring to access a remote service retrieves the appropriate service object from the communications directory service and uses the service object to set up the communications path.
-
Citations
4 Claims
-
1. A multi-node computer system for connecting a client node to a server node over a network, the network operating according to a predefined network protocol defined by a plurality of layers including a session layer, the computer network system comprising:
-
(a) first storage apparatus located in the server node; (b) a service program located in the first storage apparatus of the server node for offering a service to the client node; (c) second storage apparatus located in the client node; (d) communications directory service programs located in the client node and in the server node, each of the communications directory service programs having means for storing a service object for each service available on the network, each service object including a stack definition that defines layers of the network protocol needed to communicate with each corresponding service; (e) first apparatus located in the client node for retrieving a stored service object from the communications directory service program in the client node and for dynamically configuring a protocol stack based on the stack definition included with the service object, the protocol stack having program code means for communicating on the network in accordance with the predefined network protocol, the protocol stack further having client authentication means for collecting information about a user and authenticating the user with the service, the first apparatus further including means for returning an access point to a client application executing on the client node, the access point referencing a portion of the protocol stack corresponding to the session layer; and (g) second apparatus located in the client node for invoking the client authentication means in response to a protocol stack activation request by a user, wherein a client application first activates the protocol stack and then accesses the protocol stack at the access point to communicate with the service program. - View Dependent Claims (2, 3)
-
-
4. A method for operating a client node in a multi-node computer network for connecting a client node to a server node over a network, the network operating according to a predefined network protocol defined by a plurality of layers including a session layer, the client node having storage apparatus, a processor, an application program controlling the processor for requesting a service from the server node and a configurable protocol stack having program code for communicating on the network in accordance with the predefined protocol and having authentication means for collecting information about a user and authenticating the user with a service, the method comprising the steps of:
-
A. storing a service object for each service available on the network in the storage apparatus, each service object including a stack definition that defines layers of the network protocol needed to communicate with each corresponding service; B. the client node receiving user-entered criteria specifying the service;
the client node using the user-entered criteria for traversing a directory tree structure with a plurality of node objects to locate selected ones of the node objects;D. the client node using the selected node object to retrieve the service object from the storage apparatus; E. the client node configuring the reconfigurable protocol stack in accordance with the stack definition included in the service object to communicate on the network; and F. the client node using the protocol stack to authenticate the user utilizing the service.
-
Specification