Unified authentication for web method platforms

Assignee

• Microsoft Corporation · US

Inventors

• Brian J. Guarraci · Redmond, US
• Christopher C. White · Seattle, US
• Niels T. Ferguson · Redmond, US
• Jeffrey Dick Jones · Redmond, US
• Sean Nolan · Issaquah, US
• Johnson T. Apacible · Mercer Island, US
• Vijay Varadan · State College, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/42
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An authentication mechanism is provided for a web method platform that allows homogeneous access for different types of clients according to a bootstrapping procedure utilized to establish the session. Different clients can be assigned different levels of trust based in part on the bootstrapping procedure and/or information provided during the procedure. The bootstrapping procedure can produce a token that is used by the clients in subsequent requests to provide previous authentication or state information to the platform. The token can comprise a shared secret used to ensure integrity of communications in some cases, and the token can be opaque to the client. Tokens can expire and require a client to re-bootstrap to provide higher levels of authentication protection, and tokens can be shared among a plurality of application servers to facilitate effective handling of requests in a farmed environment.