Distributed file system web server user authentication with cookies

Assignee

• International Business Machines Corporation · US

Inventors

• Shaw-Ben Shi · Austin, US
• Michael Bradford Ault · Austin, US
• Ernst Robert Plassmann · Pflugerville, US
• Bruce Arland Rich · Round Rock, US
• Mickella Ann Rosiles · Austin, US
• Theodore Jack London Shrader · Austin, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0815
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment. The distributed computing environment includes a security service for returning a credential to a user authenticated to access the distributed file system. In response to receipt by the Web server of a user id and password from the Web client, a login protocol is executed with the security service. If the user can be authenticated, a credential is stored in a database of credentials associated with authenticated users. The Web server then returns to the Web client a persistent client state object having a unique identifier therein. This object, sometimes referred to as a cookie, is then used to enable the Web client to browse Web documents in the distributed file system. In particular, when the Web client desires to make a subsequest request to the distributed file system, the persistent client state object including the identifier is used in lieu of the user's id and password, which makes the session much more secure. In this operation, the cookie identifier is used as a pointer into the credential storage table, and the credential is then retrie…