Systems and Methods for Policy Based Triggering of Client-Authentication at Directory Level Granularity
First Claim
1. A method for an appliance to authenticate access of a client to a protected resource on a server via the appliance, the method comprising the steps of:
- (a) receiving, by an appliance, a client request to access a protected resource of a server;
(b) determining, by the appliance, a portion of the client request matches a corresponding specification of a client authentication policy of the appliance;
(c) queuing, by the appliance, the client request upon determining the portion of the client request matches the client authentication policy;
(d) determining, by the appliance, the client authentication policy identifies an action to request an authentication certificate from the client in order to access the server via the appliance, and(e) transmitting, by the appliance in response to the client authentication policy, a request to the client for an authentication certificate.
7 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for an appliance to authenticate access of a client to a protected directory on a server via a connection, such as a secure SSL connection, established by the appliance. A method comprises the steps of: receiving, by an appliance, a first request from a client on a first network to access a server on a second network, the appliance providing the client a virtual private network connection from the first network to the second network; determining, by the appliance, the first request comprises access to a protected directory of the server; associating, by the appliance, an authentication policy with the protected directory, the authentication policy specifying an action to authenticate the client'"'"'s access to the protected directory; and transmitting, by the appliance in response to the authentication policy, a second request to the client for an authentication certificate. Corresponding systems are also disclosed.
122 Citations
24 Claims
-
1. A method for an appliance to authenticate access of a client to a protected resource on a server via the appliance, the method comprising the steps of:
-
(a) receiving, by an appliance, a client request to access a protected resource of a server; (b) determining, by the appliance, a portion of the client request matches a corresponding specification of a client authentication policy of the appliance; (c) queuing, by the appliance, the client request upon determining the portion of the client request matches the client authentication policy; (d) determining, by the appliance, the client authentication policy identifies an action to request an authentication certificate from the client in order to access the server via the appliance, and (e) transmitting, by the appliance in response to the client authentication policy, a request to the client for an authentication certificate. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An appliance for providing finer control for authenticating access of a client to a protected resource on a server, the appliance comprising:
-
means for receiving a client request to access a protected resource of a server; means for determining a portion of the client request matches a corresponding specification of a client authentication policy of the appliance; means for queuing the client request upon determining the portion of the client request matches the client authentication policy; means for determining the client authentication policy identifies an action to request an authentication certificate from the client in order to access the server via the appliance, and means for transmitting, in response to the client authentication policy, a request to the client for an authentication certificate. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
Specification