Virtual folders for tracking HTTP sessions
First Claim
Patent Images
1. A method for authenticating requests from a client made to a network device, the method comprising:
- obtaining a session identification (ID) value when a session is initiated;
transmitting a hyper-text markup language (HTML) document to the client that embeds the session ID as a hidden field within the HTML so that a request to the network device based on the HTML document includes the session ID in the request, wherein the transmitting the HTML document is performed without using cookies, an administrator login name, credential information, or an Internet protocol address associated with the client; and
authenticating the request based on a determination of whether the session ID is included in the request.
1 Assignment
0 Petitions
Accused Products
Abstract
Requests from a client to a network device are authenticated based on a session ID obtained by the network device. Requests may be authenticated by obtaining a session ID value when a session is initiated and transmitting a document to the client that embeds the session ID in such a manner that additional requests to the network device based on the document include the session ID in the request. The additional requests are authenticated based on a determination of whether the session ID is included in the additional requests.
39 Citations
33 Claims
-
1. A method for authenticating requests from a client made to a network device, the method comprising:
-
obtaining a session identification (ID) value when a session is initiated; transmitting a hyper-text markup language (HTML) document to the client that embeds the session ID as a hidden field within the HTML so that a request to the network device based on the HTML document includes the session ID in the request, wherein the transmitting the HTML document is performed without using cookies, an administrator login name, credential information, or an Internet protocol address associated with the client; and authenticating the request based on a determination of whether the session ID is included in the request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A network device comprising:
-
means for generating a random value and converting the random value to a session identification (ID) value assigned to a session that is initiated by a client with the network device; means for transmitting a document to the client which embeds the session ID so that requests to the network device from the client based on the document include the session ID in the requests; and means for authenticating a request, without using cookies, an administrator login name, credential information, or an Internet protocol address associated with the client, based on a determination of whether the session ID is included in the request. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A device for authenticating requests from a client made to the device without using cookies, an administrator login name, credential information, or an Internet protocol address associated with the client, comprising:
-
a processor; and a computer memory operatively coupled to the processor, the computer memory including; programming instructions configured to generate a session identification (ID) value when an initial session request is received; programming instructions configured to transmit a hyper-text markup language (HTML) document to the client that includes the session ID as a query string within the HTML so that additional requests to the device based on the HTML document include the session ID in the request; and programming instructions configured to authenticate the additional requests based on a determination of whether the session ID is included in the additional requests. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A system comprising:
-
a client computing device; and a network device communicating with the client computing device via a network using hyper-text transfer protocol (HTTP), the network device configured to; authenticate the client computing device in response to receiving initial login information from the client computing device for a first session; obtain a first session identification (ID) value for the first session; transmit a management interface to the client computing device, the management interface embedding the session ID in such a manner that requests to the network device from the management interface include the session ID in the requests; and authenticating the requests based on the session ID included in the requests and without using cookies, an administrator login name, credential information, or an Internet protocol address of the client computing device. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A method comprising:
-
receiving a request from a client device relating to a hyper-text transfer protocol (HTTP) communication session; determining whether the received request includes an embedded session ID, as a name of a virtual folder, within one or more links to a document from which the request is based, which was created specifically for the communication session, wherein the determining whether the received request includes the embedded session ID is performed without using cookies, an administrator login name, credential information, or an IP address of the client device; and granting the request when the received request includes the session ID.
-
-
33. A method for authenticating requests from a client made to a network device, the method comprising:
-
obtaining a session identification (ID) value when a session is initiated; recording a client local time when the session is initiated; transmitting a document to the client that embeds the session ID so that a request to the network device based on the document includes the session ID in the request, wherein the transmitting the document is performed without using cookies, an administrator login name, credential information, or an Internet protocol address associated with the client; and authenticating the request when the session ID is included in the request and the session ID corresponds to the client local time and to source/destination information relating to the client or the network device.
-
Specification