System and method for double-capture/double-redirect to a different location
First Claim
1. A method for automatic pre-authentication redirection of network traffic, comprising:
- providing a network access controller in a shared network, wherein the shared network comprises a plurality of server computers and a set of network destinations hosted on the plurality of server computers;
intercepting at the network access controller a request to access a network resource from a browser application running on a client device within the shared network associated with an anonymous user;
determining whether the network resource referenced in the request is in the set of network destinations hosted on the plurality of server computers in the shared network;
if the network resource is in the set of network destinations hosted on the plurality of server computers in the shared network, directing the browser application running on the client device within the shared network associated with the anonymous user to the network resource; and
if the network resource is not in the set of network destinations hosted on the plurality of server computers in the shared network, redirecting the browser application running on the client device within the shared network associated with the anonymous user to a pre-authentication capture destination hosted on a first server computer, wherein the first server computer is one of the plurality of server computers in the shared network and wherein from the pre-authentication capture destination the anonymous user is free to visit any of the set of network destinations hosted on the plurality of server computers in the shared network without authentication.
12 Assignments
0 Petitions
Accused Products
Abstract
Embodiments disclosed herein provide a system, method, and computer program product for providing network access control for a shared network. One embodiment of a network access controller may intercept a request to access a network resource from a browser application running on a client device associated with an anonymous user and determine whether the network resource is in a set of network destinations in the shared network. If the network resource is in the set of network destinations, the network access controller may direct the browser application to the network resource. If the network resource is not in the set of network destinations, the network access controller may redirect the browser application to a pre-authentication capture destination in the shared network. From the pre-authentication capture destination the anonymous user is free to visit any of the set of network destinations in the shared network without authentication.
-
Citations
20 Claims
-
1. A method for automatic pre-authentication redirection of network traffic, comprising:
-
providing a network access controller in a shared network, wherein the shared network comprises a plurality of server computers and a set of network destinations hosted on the plurality of server computers; intercepting at the network access controller a request to access a network resource from a browser application running on a client device within the shared network associated with an anonymous user; determining whether the network resource referenced in the request is in the set of network destinations hosted on the plurality of server computers in the shared network; if the network resource is in the set of network destinations hosted on the plurality of server computers in the shared network, directing the browser application running on the client device within the shared network associated with the anonymous user to the network resource; and if the network resource is not in the set of network destinations hosted on the plurality of server computers in the shared network, redirecting the browser application running on the client device within the shared network associated with the anonymous user to a pre-authentication capture destination hosted on a first server computer, wherein the first server computer is one of the plurality of server computers in the shared network and wherein from the pre-authentication capture destination the anonymous user is free to visit any of the set of network destinations hosted on the plurality of server computers in the shared network without authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product comprising a non-transitory computer readable storage medium storing computer instructions translatable by a processor to perform:
-
intercepting at a network access controller a request to access a network resource from a browser application running on a client device within the shared network associated with an anonymous user; determining whether the network resource referenced in the request is in a set of network destinations hosted on a plurality of server computers in a shared network; if the network resource is in the set of network destinations hosted on the plurality of server computers in the shared network, directing the browser application running on the client device within the shared network associated with the anonymous user to the network resource; and if the network resource is not in the set of network destinations hosted on the plurality of server computers in the shared network, redirecting the browser application running on the client device within the shared network associated with the anonymous user to a pre-authentication capture destination hosted on a first server computer, wherein the first server computer is one of the plurality of server computers in the shared network and wherein from the pre-authentication capture destination the anonymous user is free to visit any of the set of network destinations hosted on the plurality of server computers in the shared network without authentication. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. An apparatus for controlling network access, comprising:
-
a processor within a shared network; and a computer readable storage medium storing computer instructions translatable by the processor to perform; intercepting a request to access a network resource from a browser application running on a client device within the shared network coupled to the apparatus, wherein the client device is associated with an anonymous user; determining whether the network resource referenced in the request is in a set of network destinations hosted on a plurality of server computers coupled to the apparatus, wherein the plurality of server computers resides on the shared network; if the network resource is in the set of network destinations hosted on the plurality of server computers in the shared network, directing the browser application running on the client device within the shared network associated with the anonymous user to the network resource; and if the network resource is not in the set of network destinations hosted on the plurality of server computers in the shared network, redirecting the browser application running on the client device within the shared network associated with the anonymous user to a pre-authentication capture destination hosted on a first server computer, wherein the first server computer is one of the plurality of server computers in the shared network and wherein from the pre-authentication capture destination the anonymous user is free to visit any of the set of network destinations hosted on the plurality of server computers in the shared network without authentication. - View Dependent Claims (17, 18, 19, 20)
-
Specification