Remote application presentation over a public network connection
First Claim
Patent Images
1. A method comprising:
- receiving at a first server a request over a public network from a user computer, the request including a user identification;
querying, by the first server, a directory service for an identity of a virtual machine on a second server that is assigned to the user identification;
in response to the query, receiving by the first server, a remote desktop protocol file from the directory service, the remote desktop protocol file corresponding to the virtual machine;
sending, by the first server, the remote desktop protocol file and the user identification to the second server;
identifying, by the second server, the virtual machine based on the remote desktop protocol file;
determining, by the second server, that the virtual machine is configured to execute a first application and a second application, the second server being configured to enumerate to the first server each application that the virtual machine is configured to execute in response to receiving a remote desktop protocol file;
sending, by the second server and to the first server, an indication that the virtual machine is configured to execute the first application and the second application;
determining, by the first server, that the user identification is authorized to access the first application, and not authorized to access the second application based on the indication that the virtual machine is configured to execute a first application and a second application; and
in response to determining that that the user identification is authorized to access the first application, and not authorized to access the second application, returning to the user computer an indicator for the first application but not the second application.
2 Assignments
0 Petitions
Accused Products
Abstract
Web access over a public network for applications that operate on virtual desktops on a plurality of servers is facilitated. Through the web access the user is provided with the information necessary to establish a connection with an application by way of the virtual desktop. Applications that the user is authorized to access are determined and those applications that the user is not authorized to access are filtered out. The applications associated access control list is used for determining the user'"'"'s access to discover an application.
-
Citations
16 Claims
-
1. A method comprising:
-
receiving at a first server a request over a public network from a user computer, the request including a user identification; querying, by the first server, a directory service for an identity of a virtual machine on a second server that is assigned to the user identification; in response to the query, receiving by the first server, a remote desktop protocol file from the directory service, the remote desktop protocol file corresponding to the virtual machine; sending, by the first server, the remote desktop protocol file and the user identification to the second server; identifying, by the second server, the virtual machine based on the remote desktop protocol file; determining, by the second server, that the virtual machine is configured to execute a first application and a second application, the second server being configured to enumerate to the first server each application that the virtual machine is configured to execute in response to receiving a remote desktop protocol file; sending, by the second server and to the first server, an indication that the virtual machine is configured to execute the first application and the second application; determining, by the first server, that the user identification is authorized to access the first application, and not authorized to access the second application based on the indication that the virtual machine is configured to execute a first application and a second application; and in response to determining that that the user identification is authorized to access the first application, and not authorized to access the second application, returning to the user computer an indicator for the first application but not the second application. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-readable storage device having stored thereon computer-readable instructions that when executed by a computing device cause:
-
receiving at a first server a request over a public network from a user computer, the request including a user identification; querying, by the first server, a directory service for an identity of a virtual machine on a second server that is assigned to the user identification; in response to the query, receiving by the first server, a remote desktop protocol file from the directory service, the remote desktop protocol file corresponding to the virtual machine; sending, by the first server, the remote desktop protocol file and the user identification to the second server; identifying, by the second server, the virtual machine based on the remote desktop protocol file; determining, by the second server, that the virtual machine is configured to execute a first application and a second application, the second server being configured to enumerate to the first server each application that the virtual machine is configured to execute in response to receiving a remote desktop protocol file; sending, by the second server and to the first server, an indication that the virtual machine is configured to execute the first application and the second application; determining, by the first server, that the user identification is authorized to access the first application, and not authorized to access the second application based on the indication that the virtual machine is configured to execute a first application and a second application; and in response to determining that that the user identification is authorized to access the first application, and not authorized to access the second application, returning to the user computer an indicator for the first application but not the second application. - View Dependent Claims (7, 8, 9)
-
-
10. A system adapted to connect a client computer to one of a plurality of virtual machines executing on a plurality of servers, comprising:
-
at least one computing device comprising a processor; and at least one memory communicatively coupled to said at least one computing device when the system is operational, the memory having stored therein computer-executable instructions that when executed cause the system to at least; receive at a first server a request over a public network from a user computer, the request including a user identification; query, by the first server, a directory service for an identity of a virtual machine on a second server that is assigned to the user identification; in response to the query, receive by the first server, a remote desktop protocol file from the directory service, the remote desktop protocol file corresponding to the virtual machine; send, by the first server, the remote desktop protocol file and the user identification to the second server; identify, by the second server, the virtual machine based on the remote desktop protocol file; determine, by the second server, that the virtual machine is configured to execute a first application and a second application, the second server being configured to enumerate to the first server each application that the virtual machine is configured to execute in response to receiving a remote desktop protocol file; send, by the second server and to the first server, an indication that the virtual machine is configured to execute the first application and the second application; determine, by the first server, that the user identification is authorized to access the first application, and not authorized to access the second application based on the indication that the virtual machine is configured to execute a first application and a second application; and in response to determining that that the user identification is authorized to access the first application, and not authorized to access the second application, return to the user computer an indicator for the first application but not the second application. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
Specification