-
1.发明授权公开(公告)号:US07313816B2
公开(公告)日:2007-12-25
申请号:US10022578
申请日:2001-12-17
IPC分类号: H04L9/32
CPC分类号: H04L63/0428 , H04L9/083 , H04L9/3213 , H04L63/062 , H04L63/0807 , H04L63/102
摘要: A system and method for authenticating a client having a privilege server, a head end server, and a web adapter performs the steps of negotiating an authentication scheme between the server proxy and the privilege server. User information is presented to the web adapter. The user information is provided to the head end server and in turn presents the information to the web adapter. The user is validated in accordance with the authentication scheme. When the user is validated a ticket is generated for the user. The ticket is presented to the client privilege server proxy that decrypts the ticket. A token is formed from the ticket and the client user identification. The token from the client is provided to the privilege server. A packet is formed having a sequence number and session key encrypted with the ticket. The packet is provided to the head end server which in turn authenticates the user. The packet is provided to the client privilege proxy which decrypts the packet and sends the ticket and the sequence number encrypted with the session key to the data server through the web adapter. User is validated at the data server and privileges are granted thereto.
摘要翻译: 用于认证具有特权服务器,头端服务器和web适配器的客户端的系统和方法执行在服务器代理和特权服务器之间协商认证方案的步骤。 用户信息被呈现给Web适配器。 将用户信息提供给头端服务器,并将信息呈现给web适配器。 用户根据认证方案进行验证。 当用户被验证时,为用户生成故障单。 将票证提交给解密票证的客户端特权服务器代理。 令牌是从票证和客户端用户标识形成的。 来自客户端的令牌被提供给特权服务器。 形成具有使用票证加密的序列号和会话密钥的分组。 该分组被提供给头端服务器,后端认证用户。 该分组被提供给客户端特权代理,该代理对数据包进行解密,并通过web适配器将会话密钥和用会话密钥加密的序列号发送到数据服务器。 用户在数据服务器上进行验证,并授予其权限。
搜索结果
1 条记录 (耗时 0.007 秒)
