Method and apparatus for protecting against attacks from outside content
First Claim
Patent Images
1. A method comprising:
- receiving an authentication of a user to a first domain by an application server, the application server being a computing system connected to the first domain and a second domain;
establishing a first active session for the user with the first domain by the application server based on the authentication;
receiving a request from the user to access content from the second domain at the application server after establishing the first active session;
searching for a second active session for the user with the second domain;
if no second active session with the second domain is found, then determining whether the first session with the first domain is active;
if the first active session with the first domain is found, then establishing a sub-session with the second domain based on and dependent upon the active session with the first domain by the application server; and
providing the requested content through the application server to the user based on the established sub-session with the second domain.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for protecting against attacks from outside content is described. In one example, a request is received from a user to access content from a second domain. An active session for the user with the second domain is searched for. If no active session is found, then an active session with a related first domain is searched for. If an active session is found with the first domain, then a session is established with the second domain based on the active session with the first domain. The requested content is then provided to the user based on the established session with the second domain.
147 Citations
17 Claims
-
1. A method comprising:
-
receiving an authentication of a user to a first domain by an application server, the application server being a computing system connected to the first domain and a second domain; establishing a first active session for the user with the first domain by the application server based on the authentication; receiving a request from the user to access content from the second domain at the application server after establishing the first active session; searching for a second active session for the user with the second domain; if no second active session with the second domain is found, then determining whether the first session with the first domain is active; if the first active session with the first domain is found, then establishing a sub-session with the second domain based on and dependent upon the active session with the first domain by the application server; and providing the requested content through the application server to the user based on the established sub-session with the second domain. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus comprising:
an application server in the form of a hardware computing system coupled to a first and a second database in first and second domains, respectively, to receive an authentication of a user to the first domain, to establish a first active session for a user with the first domain based on the authentication, to receive a request from the user to access content from the second domain after establishing the first active session, the application server having a servlet to search for a second active session for the user with the second domain, if no second active session is found, then to determine whether the first session with the first domain is active, and if an active first session is found with the first domain, then to establish a sub-session with the second domain based on and dependent upon the active first session with the first domain, the application server to provide the requested content to the user based on the established sub-session with the second domain. - View Dependent Claims (9, 10, 11, 12)
-
13. A non-transitory machine-readable medium carrying one or more sequences of instructions for providing content of a second domain from a first domain, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
receiving an authentication of a user to the first domain; establishing a first active session for the user with the first domain by an application server, the application server being a computing system connected to the first domain and a second domain; receiving a request from the user to access content from the second domain at the application server after establishing the first active session; searching for a second active session for the user with the second domain; if no second active session is found with the second domain, then determining whether the first session with the first domain is active; if the first active session with the first domain is found, then establishing a sub-session with the second domain based on and dependent upon the active session with the first domain by the application server; and providing the requested content through the application server to the user based on the established sub-session with the second domain. - View Dependent Claims (14, 15)
-
-
16. An apparatus for providing content of a second domain from a first domain, the apparatus comprising:
-
a hardware processor; and one or more stored sequences of instructions which, when executed by the processor, cause the processor to carry out the steps of; receiving an authentication of a user to a first domain by an application server, the application server being a computing system connected to the first domain and a second domain; establishing a first active session for the user with the first domain by the application server based on the authentication; receiving a request from the user to access content from the second domain at the application server after establishing the first active session; searching for a second active session for the user with the second domain; if no second active session with the second domain is found, then determining whether the first session with the first domain is active; if the first active session with the first domain is found, then establishing a sub-session with the second domain based on and dependent upon the active session with the first domain by the application server; and providing the requested content through the application server to the user based on the established sub-session with the second domain. - View Dependent Claims (17)
-
Specification