Method for performing transactions on the world-wide web computer network
First Claim
Patent Images
1. A method for ordering goods or services from a store on the world wide web where said store is implemented using a server computer having:
- (a) the capability of being accessed by a plurality of users each said user having a browser;
(b) a plurality of user profile records, one or more unprotected pages, and one or more protected pages;
(c) a unique first username associated with each said profile record;
(d) a first password associated with each said profile record; and
(e) the capability of at least one of said users accessing at least one of said unprotected pages without supplying a username or password;
said method of associating one of said users with one of said profile records comprising;
(i) allowing said user to attempt to access one of said protected pages using the http GET method;
(ii) returning an ACCESS DENIED code in response to said attempt;
(iii) said ACCESS DENIED code causing said user'"'"'s browser to ask said user for a second username and a second password and to transmit said second username and said second password to said server computer in the http authorization header; and
(iv) locating one of said user profile records such that said second username and said second password match the first username and first password associated with said stored user profile.
0 Assignments
0 Petitions
Accused Products
Abstract
A method is disclosed for determining a user'"'"'s identity and creating a virtual session using the HTTP protocol without modifying the protocol or changing its stateless nature.
-
Citations
12 Claims
-
1. A method for ordering goods or services from a store on the world wide web where said store is implemented using a server computer having:
-
(a) the capability of being accessed by a plurality of users each said user having a browser;
(b) a plurality of user profile records, one or more unprotected pages, and one or more protected pages;
(c) a unique first username associated with each said profile record;
(d) a first password associated with each said profile record; and
(e) the capability of at least one of said users accessing at least one of said unprotected pages without supplying a username or password;
said method of associating one of said users with one of said profile records comprising;
(i) allowing said user to attempt to access one of said protected pages using the http GET method;
(ii) returning an ACCESS DENIED code in response to said attempt;
(iii) said ACCESS DENIED code causing said user'"'"'s browser to ask said user for a second username and a second password and to transmit said second username and said second password to said server computer in the http authorization header; and
(iv) locating one of said user profile records such that said second username and said second password match the first username and first password associated with said stored user profile. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. In a computer having:
-
(a) the capability of being accessed using the http protocol by a first user and a second user each said user having a browser;
(b) a plurality of user profile records with a unique first username associated with each said profile record;
(c) a first password associated with each said profile record;
(d) one or more unprotected pages; and
(e) one or more protected pages;
a method for associating said first user with one of said plurality of profile records comprising;
(i) allowing said first user to attempt to access one of said protected pages using the http GET method;
(ii) returning an ACCESS DENIED code in response to said attempt;
(iii) said ACCESS DENIED code causing said user'"'"'s browser to ask said user for a second username and a second password and to transmit said second username and said second password to said computer in the http authorization header; and
(iv) locating one of said user profile records such that said second username and said second password match said first username and first password associated with said user profile record. - View Dependent Claims (9, 10, 11, 12)
(i) allowing said second user to view said unprotected pages;
(ii) presenting said user with a form for entering said user'"'"'s name and address.
-
-
10. The computer according to claim 9 where there is no user profile record corresponding to said one of said second plurality of users.
-
11. The computer according to claim 9, where said form also includes a method of payment.
-
12. The computer according to claim 8, where said profile record contains the user'"'"'s name and address.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeDonald A. Lewine
-
Original AssigneeDonald A. Lewine
-
InventorsLewine, Donald A
-
Primary Examiner(s)Follansbee, John A.
-
Application NumberUS08/432,610Time in Patent Office2,199 DaysField of Search395/200.9, 395/401, 395/408, 709/229, 709/203, 709/219, 705/26-27, 705/43, 713/200, 380/217, 380/218US Class Current709/229CPC Class CodesG06Q 20/12 specially adapted for elect...G06Q 20/4014 Identity check for transact...G07F 7/00 Mechanisms actuated by obje...H04L 63/083 using passwords cryptograph...H04L 63/102 Entity profilesH04L 67/01 ProtocolsH04L 9/40 Network security protocols
