发明名称 Redirecting access requests to an authorized server system for a cloud service
摘要 In some embodiments, a first server system of a cloud service can receive a bearer token for accessing the cloud service. The bearer token can be generated based on authenticating a remote client in communication with the first server system. The first server system can determine that a resource of the cloud service is hosted by a second server system of the cloud service rather than the first server system. The resource can be identified using the bearer token. The first server system can provide the bearer token to the remote client along with redirect information for accessing the second server system. The second server system can in respond to receiving the bearer token from the remote client by establishing a session with the remote client. The remote client can access the resource via the session with the second server system.
申请公布号 US9584615(B2) 申请公布日期 2017.02.28
申请号 US201314091830 申请日期 2013.11.27
申请人 Adobe Systems Incorporated 发明人 Maret Timothée Vincent;Alvarez Tobias Martin Bocanegra;Sanso Antonio
分类号 G06F15/16;H04L29/08 主分类号 G06F15/16
代理机构 Kilpatrick Townsend & Stockton LLP 代理人 Kilpatrick Townsend & Stockton LLP
主权项 1. A method for efficiently enabling access to cloud-hosted resources by remote clients in communication with cloud-based computing systems, the method comprising: receiving, by a first server system of a cloud service, a bearer token for accessing the cloud service, wherein the bearer token is generated based on authenticating a remote client in communication with the first server system; determining, by the first server system, that a resource of the cloud service is hosted by a second server system of the cloud service rather than the first server system, wherein the first server system determines that the resource is hosted by the second server system based at least in part on the bearer token, wherein determining that the resource is hosted by the second server system comprises: requesting a resource identifier from an authentication provider that provided the bearer token to the first server system,receiving the resource identifier from the authentication provider, anddetermining that the resource identifier identifies the resource that is hosted by the second server system and that is not hosted by the first server system; redirecting the remote client to the resource at the second server system based on determining that the resource of the cloud service is hosted by the second server system of the cloud service rather than the first server system, wherein redirecting the remote client comprises: generating, by the first server system, a cookie comprising the bearer token and a redirect command for instructing the remote client to access the second server system, andtransmitting, by the first server system and via a data network, the cookie having the bearer token and the redirect command to the remote client for accessing the second server system; receiving, by the second server system, the bearer token and the redirect command from the remote client; and establishing, by the second server system, a session between the second server system and the remote client for accessing the resource in response to receiving the bearer token.
地址 San Jose CA US