公开(公告)号：US10021018B2

公开(公告)日：2018-07-10

申请号：US14846946

申请日：2015-09-07

Applicant: Citrix Systems, Inc.

Inventor： Pravin Singhal ,  Meghashree Vasista ,  Charumathy Venkatraman ,  Anil Kumar Gavini

IPC: H04L12/733 ,  H04L12/715 ,  H04L29/08 ,  H04L29/06

CPC classification number: H04L45/20 ,  H04L45/64 ,  H04L67/02 ,  H04L67/14 ,  H04L67/22 ,  H04L67/2814 ,  H04L67/42 ,  H04L69/16 ,  H04L69/22

Abstract: The present disclosure is directed towards systems and methods for associating multiple transport layer hops between a client and a server. A first intermediary device may receive a request for a transport layer connection between the client and the server. The first intermediary device may generate a unique identifier to identify a connection chain between the client and the server across a plurality of transport layer connections via the plurality of devices. The first intermediary device may set a hop count to a number of hops that the first device is between the client and the server. The first intermediary device may forward information about the unique identifier and the hop count to a next device of the plurality of devices.

公开(公告)号：US09491161B2

公开(公告)日：2016-11-08

申请号：US14502598

申请日：2014-09-30

Applicant: Citrix Systems, Inc.

Inventor： Viswanath Yarangatta Suresh ,  Dileep Reddem ,  Anil Kumar Gavini ,  Arkesh Kumar

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0815 ,  H04L63/0272 ,  H04L63/0281 ,  H04L67/025 ,  H04L67/141 ,  H04L67/40 ,  H04L67/42

Abstract: The present disclosure is directed to systems and methods for performing single sign on by an intermediary device for a remote desktop session of a client. A first device intermediary to a plurality of clients and a plurality of servers authenticates a user and establishes a connection to the user's client device. The device provides a homepage including links to one or more remote desktop hosts associated with the user. The device receives a request to launch an RDP session with a remote desktop host via the homepage and generates RDP content, including a security token, for the user. The device receives a second request that includes the security token to launch the RDP session. The device validates the user using the security token and establishes a connection to the remote desktop host. The device signs into the desktop host using session credentials.

Abstract translation: 本公开涉及用于由客户端的远程桌面会话的中间设备执行单点登录的系统和方法。 多个客户端和多个服务器的第一设备中介对用户进行认证，并建立与用户的客户端设备的连接。 该设备提供主页，其中包括与用户相关联的一个或多个远程桌面主机的链接。 设备通过主页接收与远程桌面主机启动RDP会话的请求，并为用户生成包括安全令牌的RDP内容。 设备接收到包含安全令牌的第二个请求，以启动RDP会话。 该设备使用安全令牌验证用户，并建立与远程桌面主机的连接。 设备使用会话凭据登录桌面主机。

公开(公告)号：US20160094539A1

公开(公告)日：2016-03-31

申请号：US14502598

申请日：2014-09-30

Applicant: Citrix Systems, Inc.

Inventor： Viswanath Yarangatta Suresh ,  Dileep Reddem ,  Anil Kumar Gavini ,  Arkesh Kumar

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0815 ,  H04L63/0272 ,  H04L63/0281 ,  H04L67/025 ,  H04L67/141 ,  H04L67/40 ,  H04L67/42

Abstract: The present disclosure is directed to systems and methods for performing single sign on by an intermediary device for a remote desktop session of a client. A first device intermediary to a plurality of clients and a plurality of servers authenticates a user and establishes a connection to the user's client device. The device provides a homepage including links to one or more remote desktop hosts associated with the user. The device receives a request to launch an RDP session with a remote desktop host via the homepage and generates RDP content, including a security token, for the user. The device receives a second request that includes the security token to launch the RDP session. The device validates the user using the security token and establishes a connection to the remote desktop host. The device signs into the desktop host using session credentials.

Abstract translation: 本公开涉及用于由客户端的远程桌面会话的中间设备执行单点登录的系统和方法。 多个客户端和多个服务器的第一设备中介对用户进行认证，并建立与用户的客户端设备的连接。 该设备提供主页，其中包括与用户相关联的一个或多个远程桌面主机的链接。 设备通过主页接收与远程桌面主机启动RDP会话的请求，并为用户生成包括安全令牌的RDP内容。 设备接收到包含安全令牌的第二个请求，以启动RDP会话。 该设备使用安全令牌验证用户，并建立与远程桌面主机的连接。 设备使用会话凭据登录桌面主机。

公开(公告)号：US09009813B2

公开(公告)日：2015-04-14

申请号：US14172385

申请日：2014-02-04

Applicant: Citrix Systems, Inc.

Inventor： Puneet Agarwal ,  Ravindra Nath Thakur ,  Anil Kumar Gavini

IPC: G06F9/00 ,  G06F15/16 ,  G06F17/00 ,  H04L29/06

CPC classification number: H04L63/0272 ,  H04L63/0227 ,  H04L63/105 ,  H04L63/1441 ,  H04L63/166

Abstract: The present disclosure presents methods, systems and intermediaries which determine an encoding scheme of a uniform resource location (URL) from a plurality of encoding schemes for a clientless secure socket layer virtual private network (SSL VPN) via a proxy. An intermediary may receive a response from a server comprising a URL. The response from the server may be directed to a client via a SSL VPN session and via the intermediary. The intermediary may determine, responsive to an encoding policy, one of a transparent, opaque or encrypted encoding scheme for encoding the URL. The intermediary may rewrite the URL for transmission to the client in accordance with the determined encoding scheme.

Abstract translation: 本公开提供了通过代理从无客户端安全套接字层虚拟专用网（SSL VPN）的多个编码方案中确定统一资源位置（URL）的编码方案的方法，系统和中介​​。 中介可以从包含URL的服务器接收响应。 来自服务器的响应可以经由SSL VPN会话并且经由中介向客户端发送。 中介可以响应于编码策略来确定用于对URL进行编码的透明，不透明或加密的编码方案之一。 中介可以根据所确定的编码方案重写用于传送给客户端的URL。