Session redundancy among a server cluster
First Claim
Patent Images
1. An authentication server comprising:
- a memory;
a processor operable to execute instructions stored in the memory;
a network interface in communication with an authentication client on a network using an authentication protocol;
an authentication module for maintaining state for an individual authentication session with the authentication client; and
a mirroring module in communication with the authentication module, the mirroring module configured to receive authentication messages from the authentication module and from the authentication client for the individual authentication session, the mirroring module configured to individually forward each of the received authentication messages to an authentication mirror via a service provider'"'"'s network, and the mirroring module configured to select the authentication mirror from a pool of peer servers on the service provider'"'"'s network,each incoming authentication message being forwarded upon arrival by the authentication server to provide synchronization with a mirror server, allowing the authentication mirror to be up-to-date,wherein the instructions are operable to send identifying information of the authentication mirror to the authentication client via authentication protocol messages while received authentication messages for the authentication session are being forwarded by the authentication module.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided for providing redundancy and failover for servers communicating via an authentication protocol. Mirroring is initiated at the beginning of a Diameter application session by an enhanced Diameter server, which continuously provides updates of the Diameter session to one or more peer Diameter mirror servers and thereby maintains an active mirror of the session.
-
Citations
20 Claims
-
1. An authentication server comprising:
-
a memory; a processor operable to execute instructions stored in the memory; a network interface in communication with an authentication client on a network using an authentication protocol; an authentication module for maintaining state for an individual authentication session with the authentication client; and a mirroring module in communication with the authentication module, the mirroring module configured to receive authentication messages from the authentication module and from the authentication client for the individual authentication session, the mirroring module configured to individually forward each of the received authentication messages to an authentication mirror via a service provider'"'"'s network, and the mirroring module configured to select the authentication mirror from a pool of peer servers on the service provider'"'"'s network, each incoming authentication message being forwarded upon arrival by the authentication server to provide synchronization with a mirror server, allowing the authentication mirror to be up-to-date, wherein the instructions are operable to send identifying information of the authentication mirror to the authentication client via authentication protocol messages while received authentication messages for the authentication session are being forwarded by the authentication module. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method comprising:
-
receiving an authentication protocol message from an authentication client at a server initiating an authentication application session; receiving at a mirroring module authentication messages from authentication module and from authentication client for the authentication application session, the mirroring module individually forwarding the received authentication messages to a mirror server; establishing an authentication application session between the authentication client and the server; selecting at least the mirror server for the authentication application session from a pool of peer servers; configuring continuous and active forwarding of individual authentication protocol messages from the authentication client to the mirror server; sending identifying information about the mirror server to the authentication client in an authentication message while the authentication application session is being handled by the server; and allowing the mirror server to maintain up-to-date authentication state for the authentication application session. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
-
16. Logic encoded in one or more non-transitory media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
receiving an authentication protocol message from an authentication client at a server initiating an authentication application session; receiving at a mirroring module authentication messages from authentication module and from authentication client for the authentication application session, the mirroring module individually forwarding the received authentication messages to a mirror server; establishing an authentication application session between the authentication client and the server; selecting at least the mirror server for the authentication application session from a pool of peer servers; configuring continuous and active forwarding of individual authentication protocol messages from the authentication client to the mirror server; sending identifying information about the mirror server to the authentication client in an authentication message while the authentication application session is being handled by the server; and allowing the mirror server to maintain up-to-date authentication state for the authentication application session. - View Dependent Claims (17, 18, 19, 20)
-
Specification