Methods and systems for authentication through multiple proxy servers that require different authentication data
First Claim
1. In a network configuration that includes a client computer system, a server computer system and a plurality of proxy computer systems that the client computer system would need to communicate through in order to communicate with the server computer system, the plurality of proxy computer systems including at least a first proxy that requires authentication using first authentication data and a second proxy that requires authentication using second authentication data, a method of the client computer system transmitting a request to the server computer system notwithstanding that the first and second proxies require different authentication data, the method comprising the following:
- an act of the client computer system dispatching a first request for a service through the first proxy;
an act of the client computer system receiving a first authentication request from the first proxy;
an act of the client computer system retrieving first authentication data associated with the first proxy;
an act of the client computer system dispatching a second request for the service, the second request including the first authentication data;
an act of the client computer system receiving a second authentication request from the second proxy, the first proxy using the first authentication data to authenticate the client computer system and forwarding the second request for the service to the second proxy, the second proxy then receiving the second request for the service;
an act of the client computer system retrieving second authentication data associated with the second proxy; and
an act of the client computer system dispatching a third request for the service to the server computer system, the third request including the first authentication data and the second authentication data, the first proxy using the first authentication data to authenticate the client computer system and thereafter forwarding the third request for the service to the second proxy, the second proxy using the second authentication data to authenticate the client computer system and thereafter forwarding the third request to the server computer system or to a third proxy that requires third authentication data.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, computer program products and data structures are described which allow a client to communicate with a server even though multiple proxies that require different authentication data must be traversed to allow such communication. In operation, the client first authenticates to a first proxy using authentication data appropriate for the first proxy. The client then authenticates to a second proxy using different authentication data that is appropriate for the second proxy. This proxy authentication continues through as many proxies as necessary until the client is in communication with the server.
-
Citations
46 Claims
-
1. In a network configuration that includes a client computer system, a server computer system and a plurality of proxy computer systems that the client computer system would need to communicate through in order to communicate with the server computer system, the plurality of proxy computer systems including at least a first proxy that requires authentication using first authentication data and a second proxy that requires authentication using second authentication data, a method of the client computer system transmitting a request to the server computer system notwithstanding that the first and second proxies require different authentication data, the method comprising the following:
-
an act of the client computer system dispatching a first request for a service through the first proxy;
an act of the client computer system receiving a first authentication request from the first proxy;
an act of the client computer system retrieving first authentication data associated with the first proxy;
an act of the client computer system dispatching a second request for the service, the second request including the first authentication data;
an act of the client computer system receiving a second authentication request from the second proxy, the first proxy using the first authentication data to authenticate the client computer system and forwarding the second request for the service to the second proxy, the second proxy then receiving the second request for the service;
an act of the client computer system retrieving second authentication data associated with the second proxy; and
an act of the client computer system dispatching a third request for the service to the server computer system, the third request including the first authentication data and the second authentication data, the first proxy using the first authentication data to authenticate the client computer system and thereafter forwarding the third request for the service to the second proxy, the second proxy using the second authentication data to authenticate the client computer system and thereafter forwarding the third request to the server computer system or to a third proxy that requires third authentication data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. In a computer program product for use in a network configuration that includes a client computer system, a server computer system and a plurality of proxy computer systems that the client computer system would need to communicate through in order to communicate with the server computer system, the plurality of proxy computer systems including at least a first proxy that requires authentication using first authentication data and a second proxy that requires authentication using second authentication data, the computer program product for implementing a method of the client computer system transmitting a request to the server computer system notwithstanding that the first and second proxies require different authentication data, the computer program product comprising a computer-readable medium having computer-executable instructions for performing the following:
-
an act of the client computer system causing a first request for a service to be dispatched through the first proxy;
an act of the client computer system detecting the receipt of a first authentication request from the first proxy;
an act of the client computer system causing first authentication data associated with the first proxy to be retrieved;
an act of the client computer system causing a second request for the service to be dispatched, the second request including the first authentication data;
an act of the client computer system detecting the receipt of a second authentication request from the second proxy, the first proxy using the first authentication data to authenticate the client computer system and forwarding the second request for the service to the second proxy, the second proxy then receiving the second request for the service;
an act of the client computer system causing second authentication data associated with the second proxy to be retrieved; and
an act of the client computer system causing a third request for the service to be dispatched to the server computer system, the third request including the first authentication data and the second authentication data, the first proxy using the first authentication data to authenticate the client computer system and thereafter forwarding the third request for the service to the second proxy, the second proxy using the second authentication data to authenticate the client computer system and thereafter forwarding the third request to the server computer system or to a third proxy that requires third authentication data. - View Dependent Claims (16, 17, 18, 19, 20)
-
-
21. In a network configuration that includes a client computer system, a server computer system and a plurality of proxy computer systems that the client computer system would need to communicate through in order to communicate with the server computer system, the plurality of proxy computer systems including at least a first proxy that requires authentication using first authentication data and a second proxy that requires authentication using second authentication data, a method of the client computer system connecting to the server computer system notwithstanding that the first and second proxies require different authentication data, the method comprising the following:
-
an act of the client computer system dispatching a connect request to the first proxy;
an act of the client computer system receiving a first authentication request from the first proxy;
an act of the client computer system retrieving first authentication data associated with the first proxy;
an act of the client computer system dispatching a connect request to the second proxy, the connect request to the second proxy including the first authentication data, wherein the first proxy uses the first authentication data to authenticate the client computer system, enters byte forwarding mode, and forwards the connect request to the second proxy server;
an act of the client computer system receiving, via the first proxy, a second authentication request from the second proxy;
an act of the client computer system retrieving second authentication data associated with the second proxy; and
an act of the client computer system dispatching a connect request to the server computer system or to a third proxy that requires third authentication data, the connect request to the server computer system or to the third proxy including the first authentication data and the second authentication data, wherein the second proxy uses the second authentication data to authenticate the client computer system, enters byte forwarding mode, and forwarding the connect request to the server computer system or to the third proxy. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. A computer program product for use in a network configuration that includes a client computer system, a server computer system and a plurality of proxy computer systems that the client computer system would need to communicate through in order to communicate with the server computer system, the plurality of proxy computer systems including at least a first proxy that requires authentication using first authentication data and a second proxy that requires authentication using second authentication data, the computer program product for implementing a method of the client computer system connecting to the server computer system notwithstanding that the first and second proxies require different authentication data, the computer program product comprising a computer-readable medium having computer-executable instructions for performing the following:
-
an act of the client computer system causing a connect request to be dispatched to the first proxy;
an act of the client computer system detecting the receipt of a first authentication request from the first proxy;
an act of the client computer system causing the first authentication data associated with the first proxy to be retrieved;
an act of the client computer system causing a connect request to be dispatched to the second proxy, the connect request to the second proxy including the first authentication data, wherein the first proxy uses the first authentication data to authenticate the client computer system, enters byte forwarding mode, and forwards the connect request to the second proxy server;
an act of the client computer system detecting the receipt of a second authentication request from the second proxy;
an act of the client computer system causing the second authentication data associated with the second proxy to be retrieved; and
an act of the client computer system causing a connect request to be dispatched to the server computer system or to a third proxy that requires third authentication data, the connect request to the server computer system or to the third proxy including the first authentication data and the second authentication data, wherein the second proxy uses the second authentication data to authenticate the client computer system, enters byte forwarding mode, and forwarding the connect request to the server computer system or to the third proxy. - View Dependent Claims (36, 37, 38, 39, 40, 41)
-
-
42. A computer-readable medium for use in a network configuration that includes a client computer system, a server computer system and a plurality of proxy computer systems that the client computer system would need to communicate through in order to communicate with the server computer system, the plurality of proxy computer systems including at least a first proxy that requires authentication using first authentication data and a second proxy that requires authentication using second authentication data, the computer-readable medium having stored thereon a data structure, the data structure comprising the following:
-
a first field representing authentication data, the first field comprising the following;
a second field representing an authentication header that identifies the first field as containing the authentication data;
a third field representing authentication data for the first proxy; and
a fourth field representing authentication data for the second proxy, wherein the third field comprises the following;
a fifth field representing an identifier that identifies the third field as containing authentication data for the first proxy; and
a sixth field representing the first authentication data;
wherein the fourth field comprises the following;
a seventh field representing an identifier that identifies the fourth field as containing authentication data for the second proxy; and
an eighth field representing the second authentication data. - View Dependent Claims (43, 44, 45, 46)
-
Specification