Selectively forced redirection of network traffic
First Claim
1. A method of redirecting a request from a client that may be served by a first server which lacks a Secure Sockets Layer (SSL) capability to a second server that has the Secure Sockets Layer (SSL) capability, the method comprising the computer-implemented steps of:
- receiving a client request at the second server, wherein the client request requires use of the Secure Sockets Layer (SSL) capability, determining whether the client request requires use of the Secure Sockets Layer (SSL) capability, automatically forwarding the client request to the first server;
receiving a result message from the first server;
identifying, in the result message, references to resources of the first server;
selectively replacing the references to resources of the first server with translated references that reference the second server, only when the client request requires use of the Secure Sockets Layer (SSL) capability, and sending the translated references to the client as a response to the client request.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of redirecting a client request received by a second server to a first server. The client request requires use of a Secure Sockets Layer (SSL) capability. The client request is received at the second serve and automatically forwarded or redirected to the first server, The first server processes the request and generates a result message. The first server sends the result message to the second server. A process at the second server identifies, in the, result message, reference to resources of the first server. The references to resources of the first server are replaced with translated references that reference the second server, and the translated references are sent to the client as a response to the client request. Subsequent client requests that are based on the, response or the result message are always directed to the second server rather than to the first server.
-
Citations
23 Claims
-
1. A method of redirecting a request from a client that may be served by a first server which lacks a Secure Sockets Layer (SSL) capability to a second server that has the Secure Sockets Layer (SSL) capability, the method comprising the computer-implemented steps of:
-
receiving a client request at the second server, wherein the client request requires use of the Secure Sockets Layer (SSL) capability, determining whether the client request requires use of the Secure Sockets Layer (SSL) capability, automatically forwarding the client request to the first server;
receiving a result message from the first server;
identifying, in the result message, references to resources of the first server;
selectively replacing the references to resources of the first server with translated references that reference the second server, only when the client request requires use of the Secure Sockets Layer (SSL) capability, and sending the translated references to the client as a response to the client request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
receiving, at the second server, a second client request based on the response; and
for the second client request, repeating the steps of determining, automatically forwarding, receiving a result message, identifying, selectively replacing, and sending.
-
-
3. The method recited in claim 1, wherein the identifying step comprises the steps of:
-
parsing the result message to identify one or more tags that are associated with references to resources of the first server; and
matching the tags to attributes that identify resources of the first server.
-
-
4. The method recited in claim 3, wherein the selectively replacing step comprises the steps of:
attaching, to each of the references to resources of the first server, a value that identifies a process of the second server that carries out the identifying step and the selectively replacing step.
-
5. The method recited in claim 1, wherein the selectively replacing step comprises the steps of:
attaching, to each of the references to resources of the first server, a value that identifies a process of the second server that carries out the identifying step and the selectively replacing step.
-
6. The method recited in claim 1,
wherein the step of receiving a client request at the second server comprises the steps of receiving a client HTTP request at a second Web server; -
wherein the step of automatically forwarding the client request to the first server comprises the steps of redirecting the client HTTP request to a first Web server, wherein the step of receiving a result message from the first server comprises the steps of receiving an HTTP response message from the first Web server that contains an HTML document.
-
-
7. The method recited in claim 6,
wherein the step of identifying, in the result message, references to resources of the first server comprises the steps of parsing the HTML document to identify one or more URLs. -
8. The method recited in claim 6,
wherein the step of identifying, in the result message, references to resources of the first server comprises the steps of parsing the HTML document to identify one or more relative URLs that lack an explicit reference to the first server or one or more URLs that explicitly reference the first server. -
9. The method recited in claim 6,
wherein the steps of identifying and selectively replacing are carried out using a CGI script that may contain one or more associated software elements, and wherein the step of selectively replacing comprises the steps of attaching, to each of the references to resources of the first server, a value that identifies the CGI script. -
10. The method recited in claim 1, wherein the steps of identifying, selectively replacing and sending comprise the steps of:
-
stream tokenizing the result message into a plurality of tags, each of the tags having zero or more attributes;
storing in an output message any tags that are not associated with references to resources of the first server;
for each tag that is associated with a reference to a resource of the first server;
identifying a resource attribute associated with the tag that identifies the resource;
prepending a value, which identifies a software element that cries out the steps of identifying and replacing, to the resource attribute; and
storing the tag, value, and resource attribute in the output message.
-
-
11. A method as recited in claim 1, wherein the client request is a request to log in to an access server that does not require the Secure Sockets Layer (SSL) capability, and wherein the step of selectively replacing the references is not performed, such that the client request may be serviced directly by the access server.
-
12. A data communications apparatus that redirects a request received from a client that is communicatively coupled over a network to a first server that hosts a resource that may respond to the request, comprising:
-
a second server that has a Secure Sockets Layer (SSL) capability coupled to the first server, which lacks the Secure Sockets Layer (SSL) capability;
means in the second server for receiving the request at the second server, wherein the request requires use of the Secure Sockets Layer (SSL) capability, determining whether the request requires use of the Secure Sockets Layer (SSL) capability, automatically forwarding the request to the first server, receiving a result message from the first server, identifying, in the result message, references to resources of the first server, selectively replacing the references to resources of the first server with translated references that reference the second server only when the request requires use of the Secure Sockets Layer (SSL) capability, and sending the translated references to the client as a response to the request. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer-readable medium carrying one or more sequences of instructions for redirecting a client request of a client that may be serviced by a first server which lacks a Secure Sockets Layer (SSL) capability, to a second server which has the Secure Sockets Layer (SSL) capability, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
-
receiving a client request at the second server, wherein the client requires use of the Secure Sockets Layer (SSL) capability;
determining whether the client request requires use of the Secure Sockets Layer (SSL) capability;
automatically forwarding the client request to the first server;
receiving a result message from the first server;
identifying, in the result message, references to resources of the first server;
selectively replacing the references to resources of the first server with translated references that reference the second server only when the client request requires use of the Secure Sockets Layer (SSL) capability; and
sending the translated references to the client as a response to the client request.
-
Specification