Systems and methods for proxying cookies for SSL VPN clientless sessions
First Claim
1. A method comprising:
- (a) identifying, by the device intermediary to a client and a server, a type of application from a communication via a session between the client and the server(b) identifying, by the device based on the type of application, an access profile for the session, the access profile comprising a policy for proxying cookies to be sent to the client;
(c) determining, by the device responsive to the policy of the access profile identified for the session based on the type of application, to proxy for the client one or more cookies of a response received by the device from the server; and
(d) retaining, by the device responsive to the determination, the one or more cookies at the device while forwarding to the client the response with the one or more cookies removed from the response.
7 Assignments
0 Petitions
Accused Products
Abstract
The present application enables the enterprise to configure various policies to address various subsets of the traffic based on various information relating the client, the server, or the details and nature of the interactions between the client and the server. An intermediary deployed between clients and servers may establish an SSL VPN session between a client and a server. The intermediary may receiving a response from a server to a request of a client via the clientless SSL VPN session. The response may comprise one or more cookies. The intermediary may identify an access profile for the clientless SSL VPN session. The access profile may identify one or more policies for proxying cookies. The intermediary may determine, responsive to the one or more policies of the access profile, whether to proxy or bypass proxying for the client the one or more cookies.
393 Citations
20 Claims
-
1. A method comprising:
-
(a) identifying, by the device intermediary to a client and a server, a type of application from a communication via a session between the client and the server (b) identifying, by the device based on the type of application, an access profile for the session, the access profile comprising a policy for proxying cookies to be sent to the client; (c) determining, by the device responsive to the policy of the access profile identified for the session based on the type of application, to proxy for the client one or more cookies of a response received by the device from the server; and (d) retaining, by the device responsive to the determination, the one or more cookies at the device while forwarding to the client the response with the one or more cookies removed from the response. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a device intermediary to a client and a server, the device configured to identify a type of application from a communication via a session between the client and the server and based on the type of application, identify an access profile for the session, wherein the access profile comprises a policy for proxying cookies to be sent to the client; a policy engine of the device configured to proxy for the client one or more cookies of a response received by the device from the server responsive to the policy of the access profile identified for the session based on the type of application, and wherein the device is configured to, responsive to the determination, retain the one or more cookies at the device while forwarding to the client the response with the one or more cookies removed from the response. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification