| 发明名称 |
Reauthentication to a web service without disruption |
| 摘要 |
Authenticating internet application sessions. A method includes downloading client side code that when executed implements one or more client side modules including at least one module with message interception functionality. The method includes executing the client side code to implement the one or more client side modules. A request is sent to an internet application server. In response to the request, a message is received from the internet application server indicating that the request is not authorized. The message from the internet application server indicating that the request is not authorized is intercepted at the one or more client side modules. The one or more client side modules, as a result of the message indicating that the request is not authorized, send a request for authentication in a required format for authentication. Authentication is performed without losing user state associated with the request to the internet application server. |
| 申请公布号 |
US9143501(B2) |
申请公布日期 |
2015.09.22 |
| 申请号 |
US201012875778 |
申请日期 |
2010.09.03 |
| 申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Baker Caleb Geoffrey;Shee Seng Lin;Choo Jan Lyk;Mas Marcelo Albuquerque Fernandes;Shenoy Krishnanand K.;Devasahayam Samuel R. |
| 分类号 |
G06F21/00;H04L29/06 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
Churna Timothy;Fashokun Sade;Minhas Micky |
| 主权项 |
1. In a computing environment which includes a client computer system and an internet application server, a method of re-authenticating an internet application session after authentication fails subsequent to previous authentication, without disrupting the internet application session as a result of the re-authentication, the method comprising:
executing at the client computer system client side code to implement one or more client side modules including at least one module for intercepting an authentication failure message; after having established authentication with the internet application server, the client computer system sending a client application request to the internet application server, the request being associated with a user state associated with a session corresponding to the established authentication; in response to the request, the client system receiving an authentication failure message from the application server that indicates that the request is not authorized at the application server, the received authentication failure message indicating that the previously established authentication has failed; at the at least one client side module for intercepting an authentication failure message, intercepting the authentication failure message, the authentication failure message having been sent from the application server to the client system, so that the authentication failure message is prevented from disrupting the application request and losing the user state; and in response to intercepting the authentication failure message, the one or more client side modules preserving the user state, sending a request for re-authentication in a required format for authentication to the internet application server, and causing the client computer to re-authenticate the user to the internet application server without disrupting the session and without losing the user state associated with the request such that the request to the application server can be resent to the application server with the preserved user state after re-authentication. |
| 地址 |
Redmond WA US |
