Abstract: In an approach for autonomous claim requirements discovery of APIs, a processor receives an access request from a client to a server. A processor validates the access request. A processor queries claim requirements in a claim document from the server upon the validation of the access request. A processor receives the claim requirements. A processor constructs a token based on the claim requirements. A processor sends the token to the server. A processor receives a response from the server. A processor sends the response to the client.

Abstract: In an approach for autonomous claim requirements discovery of APIs, a processor receives an access request from a client to a server. A processor validates the access request. A processor queries claim requirements in a claim document from the server upon the validation of the access request. A processor receives the claim requirements. A processor constructs a token based on the claim requirements. A processor sends the token to the server. A processor receives a response from the server. A processor sends the response to the client.

Abstract: A “sign-off” cookie is generated and stored upon initiation of a web session between a client and a web application executing on a server. The sign-off cookie preferably comprises both an identifier for the session (a “session ID”) together with an identifier (such as a URL) for a sign-off resource (associated with a sign-off mechanism) that can be used to clean-up the web session following its termination. The sign-off cookie may be returned to the client and/or retained within a proxy. Upon termination of the web session, the URL in the sign-off cookie is used to initiate a request to the sign-off mechanism to clean-up the web session. This approach provides for dynamic web session clean-up without requiring any pre-configuration of the sign-off mechanism.

Abstract: The problem of sharing session information across client contexts is addressed by binding initial session information to a persistent, short-lived and one-time use temporary identifier. This identifier is persisted on a client side (e.g., through a cookie jar) that is shared among the different client contexts that can share the original session. This temporary identifier, in turn, allows one or more other sessions to use the original session information by acting as an index into that session information, which is stored on the server side. Preferably, this temporary identifier contains a unique identifier (ID) that is generated as a sufficiently-complex random number. A mapping back to the real session identifier is maintained on the server side for this short-lived ID.

Abstract: The problem of sharing session information across client contexts is addressed by binding initial session information to a persistent, short-lived and one-time use temporary identifier. This identifier is persisted on a client side (e.g., through a cookie jar) that is shared among the different client contexts that can share the original session. This temporary identifier, in turn, allows one or more other sessions to use the original session information by acting as an index into that session information, which is stored on the server side. Preferably, this temporary identifier contains a unique identifier (ID) that is generated as a sufficiently-complex random number. A mapping back to the real session identifier is maintained on the server side for this short-lived ID.

Abstract: A “sign-off” cookie is generated and stored upon initiation of a web session between a client and a web application executing on a server. The sign-off cookie preferably comprises both an identifier for the session (a “session ID”) together with an identifier (such as a URL) for a sign-off resource (associated with a sign-off mechanism) that can be used to clean-up the web session following its termination. The sign-off cookie may be returned to the client and/or retained within a proxy. Upon termination of the web session, the URL in the sign-off cookie is used to initiate a request to the sign-off mechanism to clean-up the web session. This approach provides for dynamic web session clean-up without requiring any pre-configuration of the sign-off mechanism.