A method is presented for providing an HTTP-based authentication mechanism. A request for a controlled resource is received from a client at a first server, which sends a request for an uncontrolled resource to a second server, which may be an HTTP-based authentication server, e.g., by redirecting a request via the client to the second server or by forwarding a request directly to the second server. The second server then obtains authentication information from the client. The second server returns the authentication credential or the authenticated identify to the first server within a response message, e.g., by storing the authentication credential within one or more HTTP headers. In response to receiving the authentication information, the first server builds a session for the client and processes the original request for the controlled resource, e.g., by sending a redirection for the controlled resource through the client.

 
Web www.patentalert.com

< Piggy-backed key exchange protocol for providing secure, low-overhead browser connections when a client requests a server to propose a message encoding scheme

< Dynamic user interfaces for network services

> Method for transmitting function parameters to a remote node for execution of the function thereon

> Federated identity brokering
~ 00232