Security server token caching
First Claim
1. A system comprising:
- one or more processors; and
memory coupled to the processor, the memory containing one or more sequences of instructions for establishing sessions between a client and a server over a communications network, wherein execution of the one or more sequences of instructions by the one or more processors causes the processors to perform;
receiving a first request to establish a first session between a client and a first server, wherein the request includes user identification information;
determining, based on the user identification information, whether the first session between the client and the first server should be established, and if so,authorizing the first session between the client and the first server, andcausing the user identification information to be stored in a cache; and
authorizing a second session between the client and the first server in response to a second request for the second session, based on the user identification information from the first request that is stored in the cache.
0 Assignments
0 Petitions
Accused Products
Abstract
A mechanism for establishing a plurality of sessions between a client and a first server based on a single input of user authenticating information is disclosed. A request to establish a connection between the client and the first server is received. The request includes identification information for authenticating a requesting user. Based on the identification information, a determination is made as to whether the connection between the client and the first server should be established. If it is determined that the connection between the client and the first server should be established, the identification information is cached in memory and the connection between the client and the first server is allowed to be established. Subsequent connection requests from the same client are authenticated, and further connections can be established, based on the cached identification information, without further input from the client or user.
41 Citations
42 Claims
-
1. A system comprising:
-
one or more processors; and memory coupled to the processor, the memory containing one or more sequences of instructions for establishing sessions between a client and a server over a communications network, wherein execution of the one or more sequences of instructions by the one or more processors causes the processors to perform; receiving a first request to establish a first session between a client and a first server, wherein the request includes user identification information; determining, based on the user identification information, whether the first session between the client and the first server should be established, and if so, authorizing the first session between the client and the first server, and causing the user identification information to be stored in a cache; and authorizing a second session between the client and the first server in response to a second request for the second session, based on the user identification information from the first request that is stored in the cache. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method comprising computer-implemented steps of:
-
determining, based on user identification information that is included in a first request to establish a first session between a client and a first server, whether the first session between the client and the first server should be established, and if so, authorizing the first session between the client and the first server, and causing the user identification information to be stored in a cache; and authorizing a second session between the client and the first server in response to a second request for the second session, based on the user identification information from the first request that is stored in the cache. - View Dependent Claims (22, 23, 24, 27, 28, 29)
-
- 25. The method recited in 21, wherein the user identification information includes a username and a one-time password (OTP), and wherein authorizing a second session comprises determining whether the OTP is valid at the time that the second request is received.
-
30. A method comprising computer-implemented steps of:
-
receiving at a first server a first request to establish a first session between a client and the first server, wherein the first request includes first user identification information; passing at least the first user identification information to a second server for use by the second server in determining whether the first session between the client and the first server should be established, and if so, authorizing the first session between the client and the first server, and for storing in a cache at the second server; receiving at the first server a second request to establish a second session between the client and the first server, wherein the second request includes second user identification information; passing at least the second user identification information to the second server for use by the second server in determining, based on the first user identification information that is stored in the cache and on the second user identification information, whether the second session between the client and the first server should be established, and if so, authorizing the second session between the client and the first server.
-
-
31. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform at least the steps of:
-
determining, based on user identification information that is included in a first request to establish a first session between a client and a first server, whether the first session between the client and the first server should be established, and if so, authorizing the first session between the client and the first server, and causing the user identification information to be stored in a cache; and authorizing a second session between the client and the first server in response to a second request for the second session, based on the user identification information from the first request that is stored in the cache.
-
-
32. A computer-readable medium carrying one or more sequences of instructions which, when executed by one or more processors, cause the one or more processors to at least the steps of:
-
receiving at a first server a first request to establish a first session between a client and the first server, wherein the first request includes first user identification information; passing at least the first user identification information to a second server for use by the second server in determining whether the first session between the client and the first server should be established, and if so, authorizing the first session between the client and the first server, and for storing in a cache at the second server; receiving at the first server a second request to establish a second session between the client and the first server, wherein the second request includes second user identification information; passing at least the second user identification information to the second server for use by the second server in determining, based on the first user identification information that is stored in the cache and on the second user identification information, whether the second session between the client and the first server should be established, and if so, authorizing the second session between the client and the first server.
-
-
33. A system comprising:
-
one or more processors; and memory coupled to the processor, the memory containing one or more sequences of instructions which, when executed by the one or more processors cause the processors to at least the steps of; determining, based on user identification information that is included in a first request to establish a first session between a client and a first server, whether the first session between the client and the first server should be established, and if so, authorizing the first session between the client and the first server, and causing the user identification information to be stored in a cache; and authorizing a second session between the client and the first server in response to a second request for the second session, based on the user identification information from the first request that is stored in the cache. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41)
-
-
42. A system comprising:
-
one or more processors; and memory coupled to the processor, the memory containing one or more sequences of instructions which, when executed by the one or more processors cause the processors to at least the steps of; receiving at a first server a first request to establish a first session between a client and the first server, wherein the first request includes first user identification information; passing at least the first user identification information to a second server for use by the second server in determining whether the first session between the client and the first server should be established, and if so, authorizing the first session between the client and the first server, and for storing in a cache at the second server; receiving at the first server a second request to establish a second session between the client and the first server, wherein the second request includes second user identification information; passing at least the second user identification information to the second server for use by the second server in determining, based on the first user identification information that is stored in the cache and on the second user identification information, whether the second session between the client and the first server should be established, and if so, authorizing the second session between the client and the first server.
-
Specification