Abstract: A mechanism for authorizing a data communication session between a client and a first server is disclosed. When a request is received to establish a session with a particular entity that is associated with the client, it is determined whether authorization of the session can be performed locally at a second server. If it is determined that authorization of the session can be performed locally at the second server then, the first server is informed that the session may be established between the client and the first server for the particular entity. A third server that is associated with the particular entity is identified and once the first server is informed that the session may be established, the third server is informed that the session has been authorized to be established for the particular entity. However, if authorization of the session cannot be performed locally at the second server then, the third server is requested to authorize the session between the client and the first server.

Abstract: A mechanism for performing a disconnect policy involving authorizing a data communication session between a client and a first server is disclosed. The mechanism provides a failover scheme in which local servers record the number of active sessions that they have authorized for a particular user entity. Each user entity is assigned an authoritative server. The authoritative servers maintain global session information for each user entity in which they are assigned. When a local server cannot authorize a session for a particular user entity the local server communicates with the authoritative server to determine whether a session should be established for the user entity. If communication is lost between a local server and an authoritative server, the local server assumes that no other servers have authorized active sessions for the particular user entity. In a similar manner, the authoritative server assumes that the local server has not authorized any active sessions for the particular entity.

Abstract: A mechanism for authorizing a data communication session between a client and a first server is disclosed. When a request is received to establish a session with a particular entity that is associated with the client, it is determined whether authorization of the session can be performed locally at a second server. If it is determined that authorization of the session can be performed locally at the second server then, the first server is informed that the session may be established between the client and the first server for the particular entity. A third server that is associated with the particular entity is identified and once the first server is informed that the session may be established, the third server is informed that the session has been authorized to be established for the particular entity. However, if authorization of the session cannot be performed locally at the second server then, the third server is requested to authorize the session between the client and the first server.