HTTP header-based adaptable authentication mechanism

摘要

The disclosure is generally directed to systems and methods for HTTP header-based authentication. For example, the systems and methods include receiving, at a mobile platform server, a first request message from a client device, the first request message requesting to download an application from the mobile platform server, sending, to the client device, a first response message having a first authentication query within header portions of the first response message, receiving, at the mobile platform server, a second request message having first authentication credentials within header portions of the second request message, sending, to the client device, a second response message having a second authentication query within header portions of the second response message, receiving, at the mobile platform server first device, a third request message having second authentication credentials within header portions of the third request message, and sending, to the client device, the application.

主权项

1. A computer-implemented method for exchanging data using a data transfer protocol between a first device and a second device, the method comprising:
receiving, at the first device, a first request message from a second device, the first request message requesting to download an application from the first device; responsive to receipt of the first request message, sending, to the second device, a first response message having a first authentication query within header portions of the first response message; receiving, at the first device, a second request message having first authentication credentials within header portions of the second request message, the first authentication credentials being responsive to the first authentication query; determining whether the first authentication credentials satisfy the first authentication query; responsive to determining that the first authentication credentials satisfy the first authentication query, sending, to the second device, a second response message having a second authentication query within header portions of the second response message; receiving, at the first device, a third request message having second authentication credentials within header portions of the third request message, the second authentication credentials being responsive to the second authentication query; determining whether the second authentication credentials satisfy the second authentication query, wherein each of the first and second authentication credentials rely upon different security mechanisms; responsive to determining that the second authentication credentials satisfy the second authentication query; and transmitting, to the second device, the application upon a predetermined number of authentication techniques having been used as determined by a request counter that updates in connection with the authentication queries.