Method and system of integrating third party authentication into internet browser code
First Claim
1. In a networked computing environment, a method of authenticating client requests utilizing HTTP-based authentication, comprising:
- requesting content from a remote server;
receiving an HTTP redirect response from the remote server, the HTTP redirect response including information identifying a location corresponding to an authentication server of an authentication service and including authentication data identifying a specified authentication scheme;
upon recognizing the authentication data included with the HTTP redirect response,a) invoking local code corresponding to the specified authentication scheme to obtain credentials locally, andb) providing the credentials to the authentication server concurrent with providing an authentication request to the authentication server;
upon failing to recognize the authentication data included with the HTTP redirect response, providing an authentication request to the authentication server in response to the HTTP redirect response; and
receiving an authentication ticket from the authentication server, wherein the authentication ticket provides access to the requested content on the remote server.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for using an Internet client'"'"'s local authentication mechanism in systems having updated browser code, so as to enable third party authentication according to an authentication scheme specified by a participating server on clients with updated browser code, while not breaking clients with legacy browser code. A redirect response from a server has authentication data added thereto such that updated browser code can detect the data'"'"'s presence and enable the use of local security mechanisms for authentication purposes with the server-specified authentication scheme, including local credential entry for verification at a third party login server. At the same time, if such a redirect response is received by prior browser code, the added data is ignored while conventional redirection occurs, such that third party authentication may be performed via redirection to a third party'"'"'s Internet page that provides a form for credential entry.
163 Citations
24 Claims
-
1. In a networked computing environment, a method of authenticating client requests utilizing HTTP-based authentication, comprising:
-
requesting content from a remote server; receiving an HTTP redirect response from the remote server, the HTTP redirect response including information identifying a location corresponding to an authentication server of an authentication service and including authentication data identifying a specified authentication scheme; upon recognizing the authentication data included with the HTTP redirect response, a) invoking local code corresponding to the specified authentication scheme to obtain credentials locally, and b) providing the credentials to the authentication server concurrent with providing an authentication request to the authentication server; upon failing to recognize the authentication data included with the HTTP redirect response, providing an authentication request to the authentication server in response to the HTTP redirect response; and receiving an authentication ticket from the authentication server, wherein the authentication ticket provides access to the requested content on the remote server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-readable storage medium having computer-executable instructions for performing a method of authenticating client requests utilizing HTTP-based authentication, comprising:
-
requesting content from a remote server; receiving an HTTP redirect response from the remote server, the HTTP redirect response including information identifying a location corresponding to an authentication server of an authentication service and including authentication data identifying a specified authentication scheme; upon recognizing the authentication data included with the HTTP redirect response, a) invoking local code corresponding to the specified authentication scheme to obtain credentials locally, and b) providing the credentials to the authentication server concurrent with providing an authentication request to the authentication server; upon failing to recognize the authentication data included with the HTTP redirect response, providing an authentication request to the authentication server in response to the HTTP redirect response; and receiving an authentication ticket from the authentication server, wherein the authentication ticket provides access to the requested content on the remote server. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer-readable storage medium having stored thereon a data structure for authenticating client requests utilizing HTTP-based authentication, comprising:
-
a first set of data indicating that the data structure is an HTTP redirect response received from a remote server in response to a request to that remote server; a second set of data identifying a location to where the request should be redirected; and a third set of data corresponding to an authentication scheme; wherein the third set of data instructs an updated browser to invoke local authentication code corresponding to the authentication scheme to obtain credentials to be sent concurrent with an authentication request to the location identified in the second set of data, and wherein a legacy browser is not capable of recognizing the third set of data, and the first set of data instructs the legacy browser to redirect the request to the location identified in the second set of data.
-
-
17. A method of authenticating client requests utilizing HTTP-based authentication, including requests from a first client having updated browser code and a second client having legacy browser code, comprising:
-
receiving initial requests for content from both the first and second clients; and in response to the initial requests, sending both the first and second clients an identical HTTP redirect response including; information identifying a location corresponding to an authentication server of an authentication service, and authentication data identifying a specified authentication scheme; wherein the updated browser code detects the authentication data in the HTTP redirect response and instructs the first client to invoke local code corresponding to the specified authentication scheme to obtain credentials locally and provide the credentials to the authentication server concurrent with an authentication request; wherein the legacy browser code of the second client fails to detect the authentication data in the HTTP redirect response and redirects the initial request to the authentication server; and wherein both the first and second clients receive an authentication ticket from the authentication server, the authentication ticket providing access to the requested content. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification