SYSTEMS AND METHODS FOR CONFIGURATION DRIVEN REWRITE OF SSL VPN CLIENTLESS SESSIONS
First Claim
1. A method for rewriting by an intermediary content transmitted via a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the method comprising:
- a) identifying, by an intermediary, an access profile for a request from a client to access a server via a clientless SSL VPN session established between the client and the server, the access profile comprising a first rewrite policy for rewriting uniform resource locators (URLs) and one or more regular expressions to detect one or more URLs in content served by the server;
b) detecting, by the intermediary responsive to the one or more regular expressions of the access profile, one or more URLs in content served by the server in response to the request; and
c) rewriting, by the intermediary responsive to detecting, the one or more detected URLs in accordance with a URL transformation specified by the first rewrite policy.
8 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure provides solutions for an enterprise providing services to a variety of clients to enable the client to use the resources provided by the enterprise by modifying URLs received and the URLs from the responses from the servers to the client'"'"'s requests before forwarding the requests and the responses to the intended destinations. An intermediary may identify an access profile for a clients'"'"' request to access a server via a clientless SSL VPN session. The intermediary may detect one or more URLs in content served by the server in response to the request using one or more regular expressions of the access profile. The intermediary may rewrite or modify, responsive to detecting, the one or more detected URLs in accordance with a URL transformation specified by one or more rewrite policies of the access profile. The response with modified URLs may be forwarded to the client.
118 Citations
20 Claims
-
1. A method for rewriting by an intermediary content transmitted via a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the method comprising:
-
a) identifying, by an intermediary, an access profile for a request from a client to access a server via a clientless SSL VPN session established between the client and the server, the access profile comprising a first rewrite policy for rewriting uniform resource locators (URLs) and one or more regular expressions to detect one or more URLs in content served by the server; b) detecting, by the intermediary responsive to the one or more regular expressions of the access profile, one or more URLs in content served by the server in response to the request; and c) rewriting, by the intermediary responsive to detecting, the one or more detected URLs in accordance with a URL transformation specified by the first rewrite policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An intermediary for rewriting content transmitted via a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the intermediary comprising:
-
a policy engine for identifying an access profile for a request from a client to access a server via a clientless SSL VPN session established between the client and the server, the access profile comprising a first rewrite policy for rewriting uniform resource locators (URLs) and one or more regular expressions to detect one or more URLs in content served by the server; a detector for detecting responsive to the one or more regular expressions of the access profile, one or more URLs in content served by the server in response to the request; and a rewriter for rewriting responsive to the detector the one or more detected URLs in accordance with a URL transformation specified by the first rewrite policy. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for rewriting by an intermediary content transmitted via a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the method comprising:
-
a) identifying, by an intermediary, an access profile for a clientless SSL VPN session established between a client and a server, the access profile comprising a plurality of rewrite policies and a plurality of regular expressions, each of the plurality of rewrite policies specify a transformation for a type of content, and each of the plurality of regular expressions specify a regular expression to detect uniform resource locators (URLs) in each of a plurality of types of content; b) determining, by the intermediary, the type of content served by the server in response to the request; c) detecting, by the intermediary, one or more URLs in the content based on the regular expression specified for the determined type of content via the access profile; and d) rewriting, by the intermediary, a portion of the content based on the type of content and a rewrite policy from the plurality of rewrite policies for the type of content.
-
Specification