METHOD AND SYSTEM FOR AUTHENTICATING A USER IN A WEB-BASED ENVIRONMENT

摘要

A system (10) and method for authenticating a client includes negotiating an authentication scheme between the server proxy (14) and the privilege server (26). The user information is provided to the head end server (20) and the web adapter. The user is validated with the authentication scheme. After validation, a ticket is generated for the user. The ticket is decrypted by the client privilege server proxy (18). A token is formed from the ticket and the client user identification. The token is provided to the privilege server (26). A packet is formed having a sequence number and session key encrypted with the ticket. The head end server (20) authenticates the user using the packet. The packet is provided to the client privilege proxy (14) which decrypts the packet and sends the ticket and the sequence number encrypted with the session key to the data server (32). User is validated at the data server (32) and privileges are granted thereto.