| 发明名称 | Managing authentication requests when accessing networks | ||
| 摘要 | Techniques for managing authentication requests. At a gateway device to a network, packets of a message intended for said network are received. Fields within payloads of the packets which contain authentication or authorization information are read. The message is redirected to an authentication server. The authentication server determines that a requester who sent the message to the gateway device is authorized to access a target resource specified in the message and responds to the gateway device that the requester is authorized to access the target resource. The gateway device responds to the requester that the requester is authorized to access the target resource. The gateway device notifies a server hosting the target resource that the requester is authorized to access the target resource. If the gateway device receives a subsequent message from the requester to utilize the target resource, the gateway device forwards the message toward the server. | ||
| 申请公布号 | US9515991(B2) | 申请公布日期 | 2016.12.06 |
| 申请号 | US201615012713 | 申请日期 | 2016.02.01 |
| 申请人 | International Business Machines Corporation | 发明人 | Curtis Richard S.;Forrester Jason D. |
| 分类号 | H04L29/06 | 主分类号 | H04L29/06 |
| 代理机构 | Yee & Associates, P.C. | 代理人 | Yee & Associates, P.C. ;Ulrich Lisa J. |
| 主权项 | 1. A method for managing authentication requests, said method comprising the steps of: a gateway device of a network receiving packets of a first message intended for a target server of the network, and in response, the gateway device reading one or more fields within a payload of one of the packets which contains authentication information for a sender of the first message without reading an indication of authentication information in headers of the packets, and in response, the gateway device redirecting the first message to an authentication server to authenticate the sender; the gateway device receiving other packets of a second message intended for the target server of the network, the other packets having headers which identify the second message as an authentication request, and in response, the gateway device redirecting the second message to the authentication server; and in response to receiving a response from the authentication server that the sender of the first message or the second message is authorized to access a target resource specified in either the first message or the second message, the gateway device responding to the sender that the sender is authorized to access the target resource and notifying the target server that the sender is authorized to access the target resource. | ||
| 地址 | Armonk NY US | ||