Browse Prior Art Database

A METHOD FOR ALLOWING MULTIPLE USER SESSIONS FROM A WEB BROWSER TO A WEB SERVER APPLICATION

IP.com Disclosure Number: IPCOM000027844D
Original Publication Date: 2000-Feb-29
Included in the Prior Art Database: 2004-Apr-09
Document File: 3 page(s) / 204K

Publishing Venue

Xerox Disclosure Journal

Abstract

Disclosed is a method allowing a user to connect to a web application from a single browser instance using single or multiple user identities such as user identifications or login names at the same time, while keeping each connection distinct and secure. Two well-known methods known as Uniform Resource Location (URL) rewriting and cookies for user authentication are combined in a unique way to overcome their separate deficiencies.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 41% of the total text.

Page 1 of 3

XEROX DISCLOSURE JOURNAL

A METHOD FOR ALLOWING MULTIPLE USER SESSIONS FROM A WEB BROWSER TO A WEB SERVER APPLICATION Gavan Tredoux

Proposed Classification
U. S. C1.709/250 Int. C1. HOll 12/54

Disclosed is a method allowing a user to connect to a web application from a single browser instance using single or multiple user identities such as user identifications or login names at the same time, while keeping each connection distinct and secure. Two well-known methods known as Uniform Resource Location (URL) rewriting and cookies for user authentication are combined in a unique way to overcome their separate deficiencies.

In using the disclosed method, a user is authenticated and establishes a session, through a web browser, to the web application. The user may then establish additional distinct sessions under the same use identification, or under any combination of distinct user identifications in additional browser windows, without having one session interfere with another. The URLs used to connect to the application can be published to other users without compromising the security of the sessions, as other users cannot use them without logging in themselves. Only one running instance of a web browser is required to establish the multiple distinct sessions. Additional authentication information is encrypted to guard against security compromises.

Web-based applications provide access to users based on authentication information that typically includes a user identification and password. Existing methods of establishing login sessions through a web browser do not allow the same user to connect, securely and simultaneously, under multiple user identifications or to establish simultaneous, distinct and secure sessions under the same user identifications.

There are three widely used methods for web-based user authentication:

1. Basic Authentication and Authorization

This scheme is part of the HyperText Transfer Protocol (HTTP) standard and requires that browsers challenge users for user identifications and passwords when accessing secured resources. The browser then remembers this information so that further challenges are not issued until some inactivity is encountered. This only permits a user to login under one-user identifications -- it is not possible to run two logins simultaneously.

Xerox Disclosure Journal - Vol. 25, No. 1 JanuaryFebruary 2000 59

[This page contains 1 picture or other non-text object]

Page 2 of 3

A METHOD FOR ALLOWING MULTIPLE USER SESSIONS FROM A WEB BROWSER TO A WEB SERVER APPLICATION (Cont'd)

2. URL Rewriting

This has been widely implemented, although there is no standard way of doing it. The URLs used to connect to the application are redirected and then modified to include extra information that is only used for authentication or session identification purposes, and not to identify the resources being requested (the usual function of a URL). The additional information is stripped off by the web application....