Method and apparatus for authenticating users
US6226752A · kind A · utility
Assignee
Inventors
Key dates
| Filing date | May 11, 1999 |
| Grant date | May 1, 2001 |
| Priority date | — |
| Expiry date | May 11, 2019 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0815
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method and apparatus for authenticating users. Prior art mechanisms require each individual application (running on an "application server") that the user is accessing to provide for the ability to use the various authentication mechanisms. One or more embodiments of the invention externalize the authentication mechanism from the application in the form of a login server. Only the login server needs to be configured to handle authentication mechanisms. The application server checks if a request has an active and valid session (e.g., a valid session may exist when there is active communication between a client and server that has not expired). If there is not a valid session, the application server redirects the user to the login server. The login server attempts to authenticate the user using any desired authentication mechanism. Once authenticated, the login server redirects the user back to the application server. The application server verifies the authentication directly with the login server. Once verified, the application server processes the user's request and responds accordingly. One or more embodiments of the invention may utilize cookies to aid in the authentication pr…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.