Automatic re-authentication
First Claim
Patent Images
1. One or more computer readable storage media comprising computer executable instructions that, when executed, direct a terminal server system to:
- execute multiple server sessions in conjunction with remote terminals, wherein user applications execute primarily on the terminal server system and user I/O is performed through the remote terminals;
request user credentials to authenticate a particular remote terminal for a particular server session;
share auto-reconnect data with the particular remote terminal over a secure communications channel, the auto-reconnect data comprising a first random number;
re-establish communications with the particular remote terminal after a communications failure;
share a second random number with the particular remote terminal after re-establishing communications;
receive from the particular remote terminal a session verifier that is derived at least in part from the first and second random numbers;
validate the session verifier; and
when the session verifier is successfully validated, automatically re-authenticate the particular remote terminal for the particular server session without again requesting user credentials.
1 Assignment
0 Petitions
Accused Products
Abstract
Upon successfully authenticating a client device with a server system, the client device and server system share auto-reconnect data. Upon subsequently losing and re-establishing communications with the server system, the client sends an auto-authenticate request to the server. The auto-authenticate request includes a session verifier that is based at least in part on the shared auto-reconnect data. The server validates the session verifier. If the validation is successful, the server automatically re-authenticates the client device.
17 Citations
20 Claims
-
1. One or more computer readable storage media comprising computer executable instructions that, when executed, direct a terminal server system to:
-
execute multiple server sessions in conjunction with remote terminals, wherein user applications execute primarily on the terminal server system and user I/O is performed through the remote terminals; request user credentials to authenticate a particular remote terminal for a particular server session; share auto-reconnect data with the particular remote terminal over a secure communications channel, the auto-reconnect data comprising a first random number; re-establish communications with the particular remote terminal after a communications failure; share a second random number with the particular remote terminal after re-establishing communications; receive from the particular remote terminal a session verifier that is derived at least in part from the first and second random numbers; validate the session verifier; and when the session verifier is successfully validated, automatically re-authenticate the particular remote terminal for the particular server session without again requesting user credentials. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. One or more computer readable storage media comprising computer executable instructions that, when executed, direct a client device to:
-
provide user credentials to a server system to authenticate the client device with the server system; initiate a server session on a server system, the server session being associated with the client device; share auto-reconnect data with the server system, the auto-reconnect data comprising a session ID and a first random number; after losing communications with the server system, share a second random number with the server system; derive a session verifier at least in part from both the first and second random numbers; after losing and re-establishing communications with the server system, request automatic re-authentication by the server system without providing user credentials, wherein said request comprises sending the session verifier to the server system. - View Dependent Claims (10, 11, 12, 13)
-
-
14. One or more computer readable storage media comprising computer executable instructions that, when executed, direct a server system to:
-
establish data communications between a client device and the server system; authenticate the client device for a particular server session; share auto-reconnect data between client device and the server system, the auto-reconnect data including a first random number; derive a client session verifier at the client device from at least a portion of the auto-reconnect data; re-establish data communications between the client device and the server system after a communications failure; after re-establishing data communications; share a second random number between the client device and the server system; provide the client session verifier from the client device to the server system; derive a server session verifier at the server system at least in part from the first and second random numbers; validate the client session verifier including comparing it to the server session verifier; upon successfully validation of the session verifier, automatically re-authenticate the client device for the particular server session. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification