Separate client state object and user interface domains
First Claim
1. A method of routing communication between a client computer and network servers, said client computer and said network servers being coupled to a data communication network, said client computer operating a browser configured to permit a user of the client computer to communicate on the data communication network, said method comprising:
- providing a user interface from a first network server coupled to the data communication network, said first network server providing the user interface to the user of the client computer via the browser, said user interface requesting information to be retrieved from the user;
receiving the information retrieved from the user directly at a second network server coupled to the data communication network, said first and second network servers being in different domains on the data communication network;
validating, by the second network server, the information retrieved from the user;
providing a client state object from the second network server to the browser of the client computer after the information retrieved from the user is validated, said client state object having a domain attribute corresponding to the domain of the second network server;
receiving a request from the user via the browser of the client computer, said request being for a selected service to be provided by a third network server coupled to the data communication network;
issuing a first redirect command from the third network server to the client computer for directing the client computer to the second network server in response to the request from the user;
issuing a second redirect command from the second network server to the client computer for directing the client computer to the first network server for providing the user interface to the user; and
issuing a third redirect command from the second network server directly to the client computer for directing the client computer to the third network server coupled to the data communication network, said third network server providing the selected service requested by the user.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and system for routing communication between a client computer and network servers on a data communication network. In response to a request from a web server on the network to authenticate a user of the client computer, an authentication network server directs the client to a user interface network server. The user interface server provides a user interface to the user requesting login information. The authentication server, which is in a different domain than the user interface server, receives and validates the login information. The authentication server further provides a cookie to the client computer if the information retrieved from the user is valid. The cookie has a domain attribute corresponding to the domain of the authentication server.
78 Citations
30 Claims
-
1. A method of routing communication between a client computer and network servers, said client computer and said network servers being coupled to a data communication network, said client computer operating a browser configured to permit a user of the client computer to communicate on the data communication network, said method comprising:
-
providing a user interface from a first network server coupled to the data communication network, said first network server providing the user interface to the user of the client computer via the browser, said user interface requesting information to be retrieved from the user; receiving the information retrieved from the user directly at a second network server coupled to the data communication network, said first and second network servers being in different domains on the data communication network; validating, by the second network server, the information retrieved from the user; providing a client state object from the second network server to the browser of the client computer after the information retrieved from the user is validated, said client state object having a domain attribute corresponding to the domain of the second network server; receiving a request from the user via the browser of the client computer, said request being for a selected service to be provided by a third network server coupled to the data communication network; issuing a first redirect command from the third network server to the client computer for directing the client computer to the second network server in response to the request from the user; issuing a second redirect command from the second network server to the client computer for directing the client computer to the first network server for providing the user interface to the user; and issuing a third redirect command from the second network server directly to the client computer for directing the client computer to the third network server coupled to the data communication network, said third network server providing the selected service requested by the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
receiving a request from a web server to authenticate a user of a client computer, said web server and said client computer being coupled to the data communication network and said user seeking access to the web server via the data communication network, said client computer operating a browser configured to permit the user to communicate on a data communication network; directing the client computer from the web server to an authentication server in response to the request from the web server and then directing the client computer from the authentication server to a user interface server, said authentication server and said user interface server also being coupled to the data communication network, said authentication server and said user interface server being in different domains on the data communication network; providing a user interface to the user via the browser for retrieving login information from the user, said user interface being provided to the user by the user interface server; posting the login information retrieved from the user directly to the authentication server; authenticating the user by the authentication server based on the login information retrieved from the user; and when the user is determined to have been authenticated; providing a cookie from the authentication server to the browser of the client computer, said cookie having a domain attribute corresponding to the domain of the authentication server; and issuing a redirect command from the authentication server to the browser of the client computer for directing the client computer to directly back to the web server. - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. A system comprising:
-
a first network server coupled to a data communication network, said first network server providing a user interface to the user of a client computer, said user interface requesting information to be retrieved from the user and being provided to the user via a browser operating on the client computer, said client computer being coupled to the data communication network, said browser being configured to permit a user of the client computer to communicate on the data communication network; a second network server coupled to the data communication network, said first and second network servers being in different domains on the data communication network, said second network server receiving and validating the information retrieved directly from the user, said information retrieved from the user is posted to the second network server from the client computer, said second network server further providing a client state object to the browser of the client computer after the information retrieved from the user is validated, said client state object having a domain attribute corresponding to the domain of the second network server; and a third network server coupled to the data communication network, said third network server receiving a request from the user via the browser of the client computer for a selected service to be provided by the third network server, wherein the third network server issues a redirect command for directing the client computer to the second network server in response to the request from the user, wherein the second network server issues a redirect command to the client computer for directing the client computer to the first network server for providing the user interface to the user, and wherein the second network server issues another redirect command for directing the client computer directly to the third network server when the second server validates the information retrieved from the user. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
Specification