A method and system for authenticating and authorizing requesters
interacting with content servers. A message including a request is
forwarded from an upstream device and received by an intermediate device.
The intermediate device authenticates the upstream device. Then, if the
intermediate device is authorized to make decisions as to which sender
may access the content server, the intermediate device determines whether
the sender of the message has authority to access the content server as
requested in the request. Otherwise, the message is forwarded towards the
content server with an indication that the intermediate device
authenticated the upstream device.