HTTP header-based adaptable authentication mechanism
First Claim
1. A computer-implemented method for exchanging data using a data transfer protocol between a first device and a second device, the method comprising:
- receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device;
responsive to receipt of the first request message, sending, to the second device, a first response message having a first authentication query within header portions of the first response message;
receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message, the first authentication credentials being responsive to the first authentication query;
determining whether the first authentication credentials satisfy the first authentication query;
responsive to determining that the first authentication credentials satisfy the first authentication query, sending, to the second device, a second response message having a second authentication query within header portions of the second response message;
receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message, the second authentication credentials being responsive to the second authentication query;
determining whether the second authentication credentials satisfy the second authentication query, wherein each of the first and second authentication credentials rely upon different security mechanisms;
responsive to determining that the second authentication credentials satisfy the second authentication query; and
transmitting, to the second device, the application upon a predetermined number of authentication techniques having been used as determined by a request counter that updates in connection with the authentication queries.
1 Assignment
0 Petitions
Accused Products
Abstract
The disclosure is generally directed to systems and methods for HTTP header-based authentication. For example, the systems and methods include receiving, at a mobile platform server, a first request message from a client device, the first request message requesting to download an application from the mobile platform server, sending, to the client device, a first response message having a first authentication query within header portions of the first response message, receiving, at the mobile platform server, a second request message having first authentication credentials within header portions of the second request message, sending, to the client device, a second response message having a second authentication query within header portions of the second response message, receiving, at the mobile platform server first device, a third request message having second authentication credentials within header portions of the third request message, and sending, to the client device, the application.
31 Citations
16 Claims
-
1. A computer-implemented method for exchanging data using a data transfer protocol between a first device and a second device, the method comprising:
-
receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device; responsive to receipt of the first request message, sending, to the second device, a first response message having a first authentication query within header portions of the first response message; receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message, the first authentication credentials being responsive to the first authentication query; determining whether the first authentication credentials satisfy the first authentication query; responsive to determining that the first authentication credentials satisfy the first authentication query, sending, to the second device, a second response message having a second authentication query within header portions of the second response message; receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message, the second authentication credentials being responsive to the second authentication query; determining whether the second authentication credentials satisfy the second authentication query, wherein each of the first and second authentication credentials rely upon different security mechanisms; responsive to determining that the second authentication credentials satisfy the second authentication query; and transmitting, to the second device, the application upon a predetermined number of authentication techniques having been used as determined by a request counter that updates in connection with the authentication queries. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer readable storage medium storing one or more programs configured to be executed by a processor, the one or more programs for exchanging data using a data transfer protocol between a first device and a second device, and comprising instructions for:
-
receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device; responsive to receipt of the first request message, sending, to the second device, a first response message having a first authentication query within header portions of the first response message; receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message, the first authentication credentials being responsive to the first authentication query; determining whether the first authentication credentials satisfy the first authentication query; responsive to determining that the first authentication credentials satisfy the first authentication query, sending, to the second device, a second response message having a second authentication query within header portions of the second response message; receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message, the second authentication credentials being responsive to the second authentication query; determining whether the second authentication credentials satisfy the second authentication query, wherein each of the first and second authentication credentials rely upon different security mechanisms; responsive to determining that the second authentication credentials satisfy the second authentication query; and transmitting, to the second device, the application upon a predetermined number of authentication techniques having been used as determined by a request counter that updates in connection with the authentication queries. - View Dependent Claims (6, 7, 8)
-
-
9. A communication apparatus comprising:
-
one or more processors; and a memory storing one or more programs for exchanging data using a data transfer protocol between a first device and a second device, and comprising instructions for execution by the one or more processors, the one or more programs including instructions for; receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device; responsive to receipt of the first request message, sending, to the second device, a first response message having a first authentication query within header portions of the first response message; receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message, the first authentication credentials being responsive to the first authentication query; determining whether the first authentication credentials satisfy the first authentication query; responsive to determining that the first authentication credentials satisfy the first authentication query, sending, to the second device, a second response message having a second authentication query within header portions of the second response portion; receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message, the second authentication credentials being responsive to the second authentication query; determining whether the second authentication credentials satisfy the second authentication query, wherein each of the first and second authentication credentials rely upon different security mechanisms; responsive to determining that the second authentication credentials satisfy the second authentication query; and transmitting, to the second device, the application upon a predetermined number of authentication techniques having been used as determined by a request counter that updates in connection with the authentication queries. - View Dependent Claims (10, 11, 12)
-
-
13. A computer-implemented method for exchanging data using a data transfer protocol between a first device and a second device, the method comprising:
-
sending, at the first device, a first request message to a second device, the first request message requesting to download an application from the second device; receiving, from the second device, a first response message having a first authentication query within header portions of the first response message, the first authentication query being responsive to the first authentication message; responsive to receipt of the first authentication query, generating, at the first device, a first user interface to prompt an end user for first authentication credentials; sending, at the first device, a second request message having the first authentication credentials within header portions of the second request message; responsive to the second device determining that the first authentication credentials satisfy the first authentication query, receiving, from the second device, a second response message having a second authentication query within header portions of the second response; responsive to receipt of the second authentication query, generating, at the first device, a second user interface to prompt an end user for second authentication credentials; sending, at the first device, a third request message having the second authentication credentials within header portions of the third request message; responsive to the second device determining that the second authentication credentials satisfy the first authentication query, wherein each of the first and second authentication credentials rely upon different security mechanisms; and receiving, from the second device, the application upon a predetermined number of authentication techniques having been used as determined by a request counter that updates in connection with the authentication queries. - View Dependent Claims (14, 15, 16)
-
Specification