| 摘要 |
A system and method for authenticating a client having a privilege server, a head end server, and a web adapter performs the steps of negotiating an authentication scheme between the server proxy and the privilege server. User information is presented to the web adapter. The user information is provided to the head end server and in turn presents the information to the web adapter. The user is validated in accordance with the authentication scheme. When the user is validated a ticket is generated for the user. The ticket is presented to the client privilege server proxy that decrypts the ticket. A token is formed from the ticket and the client user identification. The token from the client is provided to the privilege server. A packet is formed having a sequence number and session key encrypted with the ticket. The packet is provided to the head end server which in turn authenticates the user. The packet is provided to the client privilege proxy which decrypts the packet and sends the ticket and the sequence number encrypted with the session key to the data server through the web adapter. User is validated at the data server and privileges are granted thereto.
|
