HTTP password mediator
First Claim
Patent Images
1. A method comprising;
- intercepting, within an operating system network stack of a client device, a hypertext transfer protocol (HTTP) request message issued by a client application executing on the client device, the HTTP request message indicating an operation to be performed for a user of the client application at a destination system;
analyzing, by a processing device of the client device, the intercepted HTTP request message to identify the user of the client application;
requesting, by the client device, security information for the user with respect to the destination system, the security information being from a data store and comprising a concealed password that is associated with the user and remains hidden from the user;
determining, by the processing device of the client device, whether the user is allowed to perform the operation in view of the security information;
modifying, by the client device, the intercepted HTTP request message to include the concealed password upon determining that the user is allowed to perform the operation; and
sending, by the client device, the modified HTTP request message to the destination system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for password mediation including identifying an HTTP request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system, obtaining user credentials using the HTTP request, requesting security information for the user with respect to the destination system, determining whether the user is allowed to perform the operation based on the security information, and upon determining that the user is allowed to perform the operation, modifying the HTTP request based on the security information and sending the modified HTTP request to the destination system.
17 Citations
20 Claims
-
1. A method comprising;
-
intercepting, within an operating system network stack of a client device, a hypertext transfer protocol (HTTP) request message issued by a client application executing on the client device, the HTTP request message indicating an operation to be performed for a user of the client application at a destination system; analyzing, by a processing device of the client device, the intercepted HTTP request message to identify the user of the client application; requesting, by the client device, security information for the user with respect to the destination system, the security information being from a data store and comprising a concealed password that is associated with the user and remains hidden from the user; determining, by the processing device of the client device, whether the user is allowed to perform the operation in view of the security information; modifying, by the client device, the intercepted HTTP request message to include the concealed password upon determining that the user is allowed to perform the operation; and sending, by the client device, the modified HTTP request message to the destination system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 19)
-
-
8. A system comprising:
-
a memory; and a processing device of a client device, the processing device operatively coupled to the memory, the processing device to; intercept a hypertext transfer protocol (HTTP) request message within an operating system network stack of the client device, wherein the HTTP request message is issued by a client application executing on the client device and indicates an operation to be performed by a user of the client application at a destination system; analyze the intercepted HTTP request message to identify the user of the client application; request security information for the user with respect to the destination system, the security information being from a data store and comprising a concealed password that is associated with the user and remains hidden from the user; determine whether the user is allowed to perform the operation in view of the security information; modify the intercepted HTTP request message to include the concealed password upon determining that the user is allowed to perform the operation; and send the modified HTTP request message to the destination system. - View Dependent Claims (9, 10, 11, 12, 13, 20)
-
-
14. A non-transitory computer-readable storage medium including instructions that cause a processing device of a client device to:
-
intercept, within an operating system network stack of the client device, a hypertext transfer protocol (HTTP) request message issued by a client application executing on the client device, the HTTP request message indicating an operation to be performed for a user of the client application at a destination system; analyze, by the processing device of the client device, the intercepted HTTP request message to identify the user of the client application; request, by the client device, security information for the user with respect to the destination system, the security information being from a data store and comprising a concealed password that is associated with the user and remains hidden from the user; determine, by the processing device of the client device, whether the user is allowed to perform the operation in view of the security information; modify, by the client device, the intercepted HTTP request message to include the concealed password upon determining that the user is allowed to perform the operation; and send, by the client device, the modified HTTP request message to the destination system. - View Dependent Claims (15, 16, 17, 18)
-
Specification