Data transfer using hyper-text transfer protocol (HTTP) query strings

US 7,702,917 B2
Filed: 11/19/2004
Issued: 04/20/2010
Est. Priority Date: 11/19/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving a request from an application server redirected through a client that does not support execution of scripts to create Hyper-Text Protocol (HTTP) Post messages;

determining a security token in response to the request;

determining that the security token must be sent in a query string;

in response to determining that the security token must be sent in a query string;

partitioning the security tokens into sections;

determining an identifier indicating the length of the security token;

generating a query string containing the identifier and at least one section of the security token;

generating a cookie containing the security token;

including the cookie in an HTTP message; and

sending the HTTP message with a location identifier for the application server to the client so that the client can redirect the message to the application server, the HTTP message including the query string containing the identifier and at least one section of the security token, the HTTP message further including the cookie for storing on the client; and

receiving a second HTTP message from the client, the second HTTP message including the cookie containing the security token and a second query string containing an index;

identifying a current section of the security token indicated by the index;

generating a third query string containing the current section of the security token; and

sending a third HTTP message with the location identifier for the application server to the client, the third HTTP message including the third query string.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The described systems, methods, and data structures are directed at data transfer using Hyper-Text Transfer Protocol (HTTP) query strings. A block of data is partitioned into sections. Each section is encoded in a query string of a HTTP message. Each HTTP message is sent to a server by redirecting through a client. Multiple redirected messages are sent until the entire block of data is transferred to the server. The data block may be stored as a cookie on the client so that the data block does not have to persist on any server. Data transfer using HTTP query strings may be implemented to transfer a security token from a security token service (STS) server to an application server.

100 Citations

View as Search Results

28 Claims

1. A method comprising:
- receiving a request from an application server redirected through a client that does not support execution of scripts to create Hyper-Text Protocol (HTTP) Post messages;
  
  determining a security token in response to the request;
  
  determining that the security token must be sent in a query string;
  
  in response to determining that the security token must be sent in a query string;
  
  partitioning the security tokens into sections;
  
  determining an identifier indicating the length of the security token;
  
  generating a query string containing the identifier and at least one section of the security token;
  
  generating a cookie containing the security token;
  
  including the cookie in an HTTP message; and
  
  sending the HTTP message with a location identifier for the application server to the client so that the client can redirect the message to the application server, the HTTP message including the query string containing the identifier and at least one section of the security token, the HTTP message further including the cookie for storing on the client; and
  
  receiving a second HTTP message from the client, the second HTTP message including the cookie containing the security token and a second query string containing an index;
  
  identifying a current section of the security token indicated by the index;
  
  generating a third query string containing the current section of the security token; and
  
  sending a third HTTP message with the location identifier for the application server to the client, the third HTTP message including the third query string.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as recited in claim 1, further comprising:
    - generating another cookie containing the security token without the current section; and
      
      including the another cookie with the third HTTP message.
  - 3. The method as recited in claim 1, further comprising:
    - receiving a second HTTP message from the client, the second HTTP message including the cookie containing a security token and a second query string containing an index;
      
      identifying a current section of the security token indicated by the index;
      
      determining another index indicating a next section of the security token after the current section;
      
      generating a third query string containing the current section of the security token and the other index; and
      
      sending a third HTTP message with the location identifier for the application server to the client, the third HTTP message including the third query string.
  - 4. The method as recited in claim 3, further comprising repeating the acts recited in claim 5 until all sections of the security token have been sent.
  - 5. The method as recited in claim 1, further comprising:
    - receiving a second HTTP message from the client, the second HTTP message including a flag indicating that the security token transfer has been completed; and
      
      in response to the received HTTP message, sending a third HTTP message to the client to reset the cookie containing the security token.
  - 6. The method as recited in claim 1, further comprising encoding the security token in base 64.
  - 7. The method as recited in claim 1, further comprising performing data compression on the security token.
  - 8. The method as recited in claim 1, further comprising:
    - performing data compression on the security token; and
      
      encoding the compressed security token in base 64.

9. A method comprising:
- receiving a request from a client;
  
  in response to the request from the client, determining that the client does not support execution of scripts to create Hyper-Text Transfer Protocol (HTTP) Post messages;
  
  in response to determining that the client does not support execution of scripts to create HTTP Post messages, sending a first HTTP message to the client with a location identifier for a security token service (STS) server, the first HTTP message including a request to transfer a security token using query strings;
  
  receiving a second HTTP message from the STS server redirected through the client, the second HTTP message including a query string with a first section of a security token; and
  
  sending a third HTTP message to the client with the location identifier for the STS server, the third HTTP message including a request for a second section of the security token.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method as recited in claim 9, further comprising repeating the receiving the second HTTP message and sending the third HTTP messages acts until all of the sections of the security token have been received.
  - 11. The method as recited in claim 9, further comprising:
    - generating a cookie containing the first section of the security token; and
      
      including the cookie in the third HTTP message for storing on the client.
  - 12. The method as recited in claim 11, further comprising determining a new section of the security token to request based, at least in part, on identifying in the cookie sections of the security token that have already been received.
  - 13. The method as recited in claim 9, further comprising:
    - in response to receiving all sections of the security token, verifying the security token;
      
      when the security token is valid, providing data responsive to the request from the client.
  - 14. The method as recited in claim 13, further comprising performing data decompression before verifying the security token.

15. A method for transferring a data block to a server through a client, comprising:
- determining that the data block must be sent using query strings;
  
  in response to determining that the data block must be sent in a query string;
  
  partitioning the data block into sections;
  
  determining an identifier indicating the length of the data block;
  
  generating a first query string including the length identifier and a first section of the data block;
  
  creating a cookie containing the block; and
  
  sending a first message with a location identifier for the server to the client, the first message including a first Hyper-Text Transfer Protocol (HTTP) request containing the query string and the cookie for storing on the client, the query string including the length identifier and the first section of the data block, wherein the client does not support execution of scripts to create HTTP Post messages; and
  
  receiving a second message from the server redirected through the client, the second message including a second HTTP request and the cookie;
  
  identifying an index in the second HTTP message;
  
  determining a next section of the data block based, at least in part, on the index;
  
  generating a second query string containing the next section; and
  
  sending a third message with the location identifier for the server to the client, the third message including a HTTP request containing the second query string.

16. A computer system comprising:
- a processing unit configured to execute computer readable instructions;
  
  a computer storage medium with computer readable instructions that when executed by the processing unit cause the processing unit to;
  
  receive a request from an application server redirected through a client that does not support execution of scripts to create Hyper-Text Transfer Protocol (HTTP) Post messages;
  
  determine a security token in response to the request;
  
  determine that the security token must be sent in a query string;
  
  in response to determining that the security token must be sent in a query string;
  
  partition the security token into sections;
  
  determining an identifier indicating the length of the security token;
  
  generate a query string containing at least one section of the security token and the identifier;
  
  generate a cookie containing the security token; and
  
  include the cookie in an HTTP message; and
  
  send the HTTP message with a location identifier for the application server to the client, the HTTP message including the query string containing the identifier and at least one section of the security token, the HTTP message further including the cookie for storing on the client; and
  
  receive a second HTTP message from the client, the second HTTP message including the cookie containing the security token and a second query string containing an index;
  
  identify a current section of the security token indicated by the index;
  
  generate a third query string containing the current section of the security token; and
  
  send a third HTTP message with the location identifier for the application server to the client, the third HTTP message including the third query string.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The computer system as recited in claim 16, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - generate another cookie containing the security token without the current section; and
      
      include the other cookie with the third HTTP message.
  - 18. The computer system as recited in claim 16, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - receive a second HTTP message from the client, the second HTTP message including the cookie containing the security token and a query string containing an index;
      
      identify a current section of the security token intoxicated by the index;
      
      determine another index indicating a next section of the security token after the current section;
      
      generate a third query string containing the current section of the security token and the other index; and
      
      send a third HTTP message with the location identifier for the application server to the client, the third HTTP message including the third query string.
  - 19. The computer system as recited in claim 18, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - repeat the acts recited in claim 18 until all sections of the security token have been sent.
  - 20. The computer system as recited in claim 16, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - receive a second HTTP message from the client, the second HTTP message including a flag indicating that the security token transfer has been completed; and
      
      in response to receiving the second HTTP message, send a third HTTP message to the client to reset a cookie containing the security token.
  - 21. The computer system as recited in claim 16, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - encode the security token in base64.
  - 22. The computer system as recited in claim 16, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - perform data compression on the security token.
  - 23. The computer system as recited in claim 16, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - perform data compression on the security token; and
      
      encode the compressed security token in base64.

24. A computer system comprising:
- a processing unit configured to execute computer readable instructions;
  
  a computer storage medium storing computer readable instructions that when executed by the processing unit cause the processing unit to;
  
  receive a request from a client;
  
  in response to the request from the client, determine that the client does not support execution of scripts to create Hyper-Text Transfer Protocol (HTTP) Post messages;
  
  in response to determining that the client does not support execution of scripts to create HTTP, send a first HTTP message to the client with a location identifier for a security token service (STS) server, the first HTTP message including a request to transfer a security token using query strings;
  
  receive a second HTTP message from the STS server redirected through the client, the second HTTP message including a query string with a first section of the security token; and
  
  send a third HTTP message to the to the client with the location identifier for the STS server, the third HTTP message including a request for a second section of the security token.
- View Dependent Claims (25, 26, 27, 28)
- - 25. The computer system as recited in claim 24, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - repeat the receiving the second HTTP message and sending the third HTTP message acts until all of the sections of the security token have been received.
  - 26. The computer system as recited in claim 24, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - generate a cookie containing the first section of the security token; and
      
      include the cookie in the third HTTP message for storing on the client.
  - 27. The computer system as recited in claim 24, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - determine a new section of the security token to request based, at least in part, onidentifying in the cookie sections of the security token that have already been received.
  - 28. The computer system as recited in claim 24, wherein the computer storage medium further comprises instructions that when executed by the processing unit cause the processing unit to:
    - in response to receiving all sections of the security token, verify the security token; and
      
      when the security token is valid, provide data responsive to the request from the client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Spelman, Jeffrey F, Schmidt, Donald E, Johnson, Ryan D, Hur, Matthew, Tevosyan, Kahren
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
McNally; Michael S

Application Number

US10/993,745
Publication Number

US 20060112422A1
Time in Patent Office

1,978 Days
Field of Search

713/185
US Class Current

713/185
CPC Class Codes

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0815   providing single-sign-on or...

H04L 67/02   based on web technology, e....

H04L 67/563   Data redirection of data ne...

Data transfer using hyper-text transfer protocol (HTTP) query strings

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

100 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Data transfer using hyper-text transfer protocol (HTTP) query strings

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others