Integrating server applications with multiple authentication providers
    1.
    发明授权
    Integrating server applications with multiple authentication providers 有权
    将服务器应用程序与多个身份验证提供程序集成

    公开(公告)号:US08819794B2

    公开(公告)日:2014-08-26

    申请号:US13354324

    申请日:2012-01-19

    IPC分类号: G06F15/16

    摘要: Online and on-premise applications identify trusted authentication providers. The applications are configured with a list of trusted issuers of authentication credentials. When an application receives a request requiring authentication, the application returns a 401 response that includes the trusted issuer list. The requesting application compares the trusted issuer list from the 401 response to its own list of authentication providers. If there is a match between the two lists, then the requesting application creates a self-issued token for the authentication provider. The authentication provider uses the self-issued token to generate an authentication token for the requesting application. The requesting application may also directly create a token for a target partner application, without an authentication provider, if there is a direct trust between the two applications.

    摘要翻译: 在线和内部部署应用程序标识可信赖的身份验证提供程序。 这些应用程序配置有可信赖的认证凭证发行者列表。 当应用程序接收到需要认证的请求时,应用程序返回包含受信任发行者列表的401响应。 请求应用将可信发行者列表从401响应与其自己的认证提供者列表进行比较。 如果两个列表之间存在匹配,则请求的应用程序将为身份验证提供程序创建自发证券。 认证提供者使用自发证令牌为请求的应用程序生成认证令牌。 如果两个应用程序之间存在直接的信任,请求应用程序也可以直接为目标伙伴应用程序创建令牌,而不需要身份验证提供程序。

    Integrating Server Applications with Multiple Authentication Providers
    2.
    发明申请
    Integrating Server Applications with Multiple Authentication Providers 有权
    将服务器应用程序与多个验证提供程序集成

    公开(公告)号:US20130191894A1

    公开(公告)日:2013-07-25

    申请号:US13354324

    申请日:2012-01-19

    IPC分类号: G06F21/22

    摘要: Online and on-premise applications identify trusted authentication providers. The applications are configured with a list of trusted issuers of authentication credentials. When an application receives a request requiring authentication, the application returns a 401 response that includes the trusted issuer list. The requesting application compares the trusted issuer list from the 401 response to its own list of authentication providers. If there is a match between the two lists, then the requesting application creates a self-issued token for the authentication provider. The authentication provider uses the self-issued token to generate an authentication token for the requesting application. The requesting application may also directly create a token for a target partner application, without an authentication provider, if there is a direct trust between the two applications.

    摘要翻译: 在线和内部部署应用程序标识可信赖的身份验证提供程序。 这些应用程序配置有可靠的认证凭证发行者列表。 当应用程序接收到需要认证的请求时,应用程序返回包含受信任发行者列表的401响应。 请求应用将可信发行者列表从401响应与其自己的认证提供者列表进行比较。 如果两个列表之间存在匹配,则请求的应用程序将为身份验证提供程序创建自发证券。 认证提供者使用自发证令牌为请求的应用程序生成认证令牌。 如果两个应用程序之间存在直接的信任,请求应用程序也可以直接为目标伙伴应用程序创建令牌,而不需要身份验证提供程序。

    Directing Messages Based On Domain Names
    5.
    发明申请
    Directing Messages Based On Domain Names 有权
    指导基于域名的消息

    公开(公告)号:US20120317207A1

    公开(公告)日:2012-12-13

    申请号:US13157501

    申请日:2011-06-10

    IPC分类号: G06F15/16

    摘要: A communication system has a plurality of collections. Each collection comprises a security boundary within which private data is accessible. Each collection is associated with a director. The directors receive messages that specify domains. When a director for a given collection receives a message, the director identifies one of the collections as being a home collection for the domain specified by the message. If the specified domain's home collection is the given collection or another collection within a given privacy boundary, the director forwards the message to a server pool associated with the specified domain's home collection. Otherwise, if the specified domain's home collection is not within the given privacy boundary, the director forwards the message to the director of the specified domain's home collection.

    摘要翻译: 通信系统具有多个集合。 每个集合包括可访问私有数据的安全边界。 每个集合都与一个董事有关。 导演收到指定域的邮件。 当给定集合的董事收到消息时,董事将其中一个集合标识为该消息指定的域的归属集合。 如果指定的域的归属集合是给定集合或给定隐私边界内的另一集合,则Director将转发该消息到与指定域的归属集合关联的服务器池。 否则,如果指定的域的归属地址不在给定的隐私边界内,则导演将该消息转发到指定域的归属地址的主管。

    SURVIVABLE AND RESILIENT REAL TIME COMMUNICATION ARCHITECTURE
    6.
    发明申请
    SURVIVABLE AND RESILIENT REAL TIME COMMUNICATION ARCHITECTURE 有权
    生存和恢复实时通信架构

    公开(公告)号:US20110299387A1

    公开(公告)日:2011-12-08

    申请号:US12794861

    申请日:2010-06-07

    IPC分类号: H04L12/26

    摘要: Enhanced communication systems with various resiliency and survivability aspects are provided. Data center, cluster, network, and load balancer survivability are provided for seamless communication experience in case of data center, cluster, discovery infrastructure, or hardware load balancer failures. Call, data, and authentication survivability are provided through dynamic re-routing over alternative networks, continuous data replication, and alternative authentication mechanisms. Seamless failover is ensured through use of identical signaling protocols and data carried by protocols between primary and backup clusters. Voicemail resiliency is achieved by re-routing calls directed to voicemail over alternative paths such as PSTN connections.

    摘要翻译: 提供了具有各种弹性和生存性方面的增强的通信系统。 数据中心,集群,网络和负载平衡器的生存能力提供了在数据中心,集群,发现基础设施或硬件负载平衡器故障的情况下的无缝通信体验。 通过替代网络的动态重路由,连续数据复制和替代认证机制提供呼叫,数据和认证生存性。 通过使用相同的信令协议和主协议和备份集群之间的协议承载的数据,确保无缝故障转移。 语音邮件弹性是通过重新路由通过诸如PSTN连接等替代路径的语音邮件的呼叫来实现的。

    System and method of enhancing web server throughput in single and multiple processor systems
    9.
    发明授权
    System and method of enhancing web server throughput in single and multiple processor systems 有权
    在单处理器和多处理器系统中增强Web服务器吞吐量的系统和方法

    公开(公告)号:US07398292B2

    公开(公告)日:2008-07-08

    申请号:US11005995

    申请日:2004-12-07

    IPC分类号: G06F15/16

    CPC分类号: H04L67/02

    摘要: A system and method are presented that enhance the performance of single and multiple-processor servers by taking advantage of the half-duplex nature of many HTTP requests. Upon receipt of an HTTP Get resource request, a single send and disconnect IRP is generated. The semantics of the send and disconnect IRP completion recognizes the half-duplex nature of the transaction by indicating a graceful close of the TCP/IP connection. This send and disconnect IRP is also completed without a queuing stage (queuelessly) on the processor that serviced the client request. To further enhance performance, the server FIN message to the client is included in the last data frame transmitted to the server. The invention also contemplates transmission of a single HTTP get and disconnect request by a client to allow acknowledgementless disconnection of the TCP/IP connection once a requested resource has been sent.

    摘要翻译: 提出了一种通过利用许多HTTP请求的半双工特性来提高单处理器和多处理器服务器性能的系统和方法。 收到HTTP Get资源请求后,将生成单个发送和断开IRP。 发送和断开IRP完成的语义通过指示TCP / IP连接的正常关闭来识别事务的半双工性质。 这个发送和断开的IRP也在处理器上没有排队阶段(无间歇地)完成,为客户端请求提供服务。 为了进一步提高性能,向客户端发送的服务器FIN消息包含在发送到服务器的最后一个数据帧中。 本发明还考虑了一旦客户端发送单个HTTP获取和断开请求,一旦所请求的资源被发送,允许TCP / IP连接的无条件断开。

    Adaptive flow control protocol
    10.
    发明申请
    Adaptive flow control protocol 有权
    自适应流控制协议

    公开(公告)号:US20060031568A1

    公开(公告)日:2006-02-09

    申请号:US11248061

    申请日:2005-10-12

    IPC分类号: G06F15/16

    摘要: A method and system for directing data transfers between applications and devices residing on different computers or devices using an adaptive flow control protocol has been described. When an application or device requests to transfer data with another application or device, adaptive flow control protocol adapts the way data is transferred by observing when an application that is receiving data posts a receive buffer and detects the receive buffer's size. Based upon the application's or device's behavior, the adaptive flow control protocol transfers the data in a mode that is best suited for the application.

    摘要翻译: 已经描述了用于使用自适应流控制协议在驻留在不同计算机或设备上的应用和设备之间引导数据传输的方法和系统。 当应用程序或设备请求与其他应用程序或设备传输数据时,自适应流控制协议通过观察正在接收数据的应用程序何时发布接收缓冲区并检测接收缓冲区的大小来调整数据传输的方式。 基于应用或设备的行为,自适应流控制协议以最适合于应用的模式传输数据。