| 摘要 |
<p>A Security Assertion Markup Language (SAML) conversation is intercepted in an enhanced Reverse Proxy server computer located in the path between a user and a server computer that provide cloud application services to the user. During authentication, the SAML assertion signature is modified in the enhanced Reverse Proxy such that the enhanced Reverse Proxy and the user can share an encryption key. The modified assertion signature permits a common session key to be shared by the enhanced. Reverse Proxy and a targeted application in the server, thus enabling the user to be authenticated, and subsequently to communicate via the enhanced Reverse Proxy in a secure session with an application in the server.</p> |
