Enabling proxy services using referral mechanisms
First Claim
1. A method for authenticating a client on a plurality of file servers in connection with providing proxy services to the client, comprising:
- establishing, at a network device, a connection between the client and a first file server of the plurality of file servers;
receiving, at the network device, a transaction request from the client to access an object on the plurality of file servers;
in response to the received transaction request and in order to provide proxy services to the client, authenticating, at the network device, the client on the other file servers of the plurality of file servers by successively obtaining a referral request from the client for each of the other file servers, wherein the successively obtained referral requests are used to authenticate the client on each of the other file servers of the plurality of file servers in connection with providing proxy services to the client, the authenticating comprising for each file server;
the network device sending a request declined message to the client indicating the requested object is not available;
the network device receiving a referral request from the client;
the network device responding to the received referral request by sending the client a referral, wherein the referral refers the client to the each file server;
the network device receiving a reformulated transaction request from the client in response to the referral, wherein the reformulated transaction request comprises authentication information for the client; and
the network device forwarding the reformulated transaction request to the each file server, wherein the each file server uses the authentication information to authenticate the client on the each file server; and
after authenticating the client on the plurality of file servers, performing transactions at the network device to access the object or other objects on the plurality of file servers on behalf of the client.
5 Assignments
0 Petitions
Accused Products
Abstract
A NAS (Network Attaches Storage) switch authenticates a client on multiple file servers for proxy services. The NAS switch enables proxy services by successively authenticating the client on the file servers using referrals. The NAS switch further comprises a connection manager to establish connections to the client and the file servers, a referral manager to redirect the client for successive authentications, and a transaction manager to perform data transfers with the file servers on behalf of the client. The system components support DFS (Distributed File System), and communicate using a protocol dialect that supports referral mechanisms such as NFSv4 (Network File Server version 4) or CIFS (Common Internet File System). The transaction manager also performs a protocol dialect translation service when the connection manager negotiates one protocol dialect with the client, and a different protocol dialect with the file server.
-
Citations
45 Claims
-
1. A method for authenticating a client on a plurality of file servers in connection with providing proxy services to the client, comprising:
-
establishing, at a network device, a connection between the client and a first file server of the plurality of file servers; receiving, at the network device, a transaction request from the client to access an object on the plurality of file servers; in response to the received transaction request and in order to provide proxy services to the client, authenticating, at the network device, the client on the other file servers of the plurality of file servers by successively obtaining a referral request from the client for each of the other file servers, wherein the successively obtained referral requests are used to authenticate the client on each of the other file servers of the plurality of file servers in connection with providing proxy services to the client, the authenticating comprising for each file server; the network device sending a request declined message to the client indicating the requested object is not available; the network device receiving a referral request from the client; the network device responding to the received referral request by sending the client a referral, wherein the referral refers the client to the each file server; the network device receiving a reformulated transaction request from the client in response to the referral, wherein the reformulated transaction request comprises authentication information for the client; and the network device forwarding the reformulated transaction request to the each file server, wherein the each file server uses the authentication information to authenticate the client on the each file server; and after authenticating the client on the plurality of file servers, performing transactions at the network device to access the object or other objects on the plurality of file servers on behalf of the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A NAS (Network Attached Storage) switch to authenticate a client on a plurality of file servers in connection with providing proxy services to the client, comprising:
-
an interface connecting the switch to other devices; memory; and a processor or processors, the processor or processors configured to perform the functions of; a connection manager to establish a connection between the client and a first file server of the plurality of file servers; a referral manager to authenticate the client on the other file servers of the plurality of file servers, in response to receiving a transaction request from the client to access an object on the plurality of file servers, by successively obtaining a referral request from the client for each of the other file servers, wherein the successively obtained referral requests are used to authenticate the client on each of the other file servers of the plurality of file servers in connection with providing proxy services to the client, the authenticating comprising for each file server; the NAS switch sending a request declined message to the client indicating that the requested object is not available; the NAS switch receiving a referral request from the client; the NAS switch responding to the received referral request by sending the client a referral, wherein the referral refers the client to the each file server; the NAS switch receiving a reformulated transaction request from the client in response to the referral, wherein the reformulated transaction request comprises authentication information for the client; and the NAS switch forwarding the reformulated transaction request to the each file server, wherein the each file server uses the authentication information to authenticate the client on the each file server; and a transaction manager to perform transactions to access the object or other objects on the plurality of file servers on behalf of the client after authenticating the client on the plurality of file servers. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A computer program product, comprising a non-transitory computer readable medium having computer program instructions for a method for authenticating a client on a plurality of file servers in connection with providing proxy services to the client, comprising:
-
establishing, at a network device, a connection between the client and a first file server of the plurality of file servers; receiving, at the network device, a transaction request from the client to access an object on the plurality of file servers; in response to the received transaction request and in order to provide proxy services to the client, authenticating, at the network device, the client on the other file servers of the plurality of file servers by successively obtaining a referral request from the client for each of the other file servers, wherein the successively obtained referral requests are used to authenticate the client on each of the other file servers of the plurality of file servers in connection with providing proxy services to the client, the authenticating comprising for each file server; the network device sending a request declined message to the client indicating the requested object is not available; the network device receiving a referral request from the client; the network device responding to the received referral request by sending the client a referral, wherein the referral refers the client to the each file server; the network device receiving a reformulated transaction request from the client in response to the referral, wherein the reformulated transaction request comprises authentication information for the client; and the network device forwarding the reformulated transaction request to the each file server, wherein the each file server uses the authentication information to authenticate the client on the each file server; and after authenticating the client on the plurality of file servers, performing transactions at the network device to access the object or other objects on the plurality of file servers on behalf of the client. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45)
-
Specification