Automatic re-authentication
First Claim
Patent Images
1. A server system programmed to perform actions comprising:
- authenticating a client device for a particular server session;
sharing auto-reconnect data with the client device, the auto-reconnect data including a session ID associated with the particular server session and a first random number;
after losing communications with the client device, sharing a second random number with the client device, and receiving from the client device the session ID and a session verifier that is derived at least in part from the first and second random numbers;
validating the session verifier;
upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session.
1 Assignment
0 Petitions
Accused Products
Abstract
Upon successfully authenticating a client device with a server system, the client device and server system share auto-reconnect data. Upon subsequently losing and re-establishing communications with the server system, the client sends an auto-authenticate request to the server. The auto-authenticate request includes a session verifier that is based at least in part on the shared auto-reconnect data. The server validates the session verifier. If the validation is successful, the server automatically re-authenticates the client device.
52 Citations
14 Claims
-
1. A server system programmed to perform actions comprising:
-
authenticating a client device for a particular server session; sharing auto-reconnect data with the client device, the auto-reconnect data including a session ID associated with the particular server session and a first random number; after losing communications with the client device, sharing a second random number with the client device, and receiving from the client device the session ID and a session verifier that is derived at least in part from the first and second random numbers; validating the session verifier; upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A client device programmed to perform actions comprising:
-
providing user credentials to a server system to authenticate the client device with the server system; initiating a server session on a server system, the server session being associated with the client device; sharing auto-reconnect data with the server system, the auto-reconnect data including a session ID and a first random number; after losing and re-establishing communications with the server system, sharing a second random number with the server system, and deriving a session verifier at least in part from the first and second random numbers; requesting automatic re-authentication by the server system without providing user credentials, wherein said requesting comprises sending the session ID and the session verifier to the server system. - View Dependent Claims (9, 10)
-
-
11. A methods comprising:
-
establishing data communications between a client device and a server system; authenticating the client device for a particular server session; sharing auto-reconnect data between client device and the server system, the auto-reconnect data including a session ID associated with the particular server session and a first random number; re-establishing data communications between the client device and the server system after a communications failure; after re-establishing data communications, sharing a second random number between the client device and the server device; deriving a client session verifier at the client device at least in part from the first and second random numbers; providing the client session verifier and the session ID from the client device to the server system; deriving a server session verifier at the server system at least in part from the first and second random numbers; validating the client session verifier by comparing it to the server session verifier; upon successfully validating the session verifier, automatically re-authenticating the client device for the particular server session. - View Dependent Claims (12, 13, 14)
-
Specification