Authenticating user access to a network server without communicating user authentication cookie to the network server

Assignee

• Microsoft Corporation · US

Inventors

• John Hal Howard · Sammamish, US
• Jeffrey Craig Kunins · Seattle, US
• Darren L. Anderson · Bellevue, US
• Ryan Battle · Tampa, US
• Max Edward Metral · Brookline, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/0815
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A system determines whether to grants access to a network server by a user. Initially, a user attempts to gain access to a network server, such as a web server. Prior to granting access to the network server, the network server authenticates the user by sending an authentication request to an authentication server. The authentication server determines whether the user was already authenticated by the authentication server. If the user was already authenticated by the authentication server, then the network server is notified that the user is authenticated. The network server then grants the user access to the network server. If the user was not already authenticated by the authentication server, then login information is retrieved from the user and compared to authentication information maintained by the authentication server. If the retrieved login information matches the authentication information, then the network server is notified that the user is authenticated. The retrieved login information and the authentication information is concealed from the network server. If the user is authenticated, then a user profile is communicated to the network server along with the notificati…