Abstract: A method and system for tracking communications in a client-server environment. The method includes the steps of sending a first request from the client to the server over a first connection, sending a first key from the server to the client over the first connection, sending the first key from the client and a second request to the server over a second connection, and sending a response to the second request and a second key distinct from the first key from the server to the client over the second connection. The system includes a client for establishing a terminal connection with a server and a server in communication with the client. The server further includes key generator means generating a plurality of keys for transmission to the client, authentication means in communication with the key generator means receiving the keys from the client to recognize the keys at the server, and discarding means linked to the key generator means for disposing of previously transmitted keys.
Abstract: The present invention generally relates to the field of secure centralized single sign-on and session maintenance for web servers on the Internet. In a preferred implementation, a single sign-on protocol for use by web servers is independent of the actual authentication mechanism used by any of the individual web servers accessed by the user. Users authenticate themselves with any one of a group of federated servers so that a user does not need to be re-authenticated by other servers in the federation. In a preferred implementation there is also a centralized server that provides for the transparent sign-on, session management, and session termination within each server in the federation of servers, and each federated server communicates with the central sign-on server.
Type:
Application
Filed:
May 31, 2001
Publication date:
December 5, 2002
Applicant:
ProAct Technologies Corp.
Inventors:
David Makower, Steven Schwell, Jay Sachs
Abstract: A method and system for tracking communications in a client-server environment. The method includes the steps of sending a first request from the client to the server over a first connection, sending a first key from the server to the client over the first connection, sending the first key from the client and a second request to the server over a second connection, and sending a response to the second request and a second key distinct from the first key from the server to the client over the second connection. The system includes a client for establishing a terminal connection with a server and a server in communication with the client. The server further includes key generator means generating a plurality of keys for transmission to the client, authentication means in communication with the key generator means receiving the keys from the client to recognize the keys at the server, and discarding means linked to the key generator means for disposing of previously transmitted keys.