Browse Prior Art Database

Method for Consolidating Authentication in Web Browsers

IP.com Disclosure Number: IPCOM000033537D
Original Publication Date: 2004-Dec-15
Included in the Prior Art Database: 2004-Dec-15
Document File: 1 page(s) / 43K

Publishing Venue

IBM

Abstract

Browsers typically have a very simple password manager, which can remember the user and password for a specific URL. This usually suffices for users which have different credentials on different sites, but on corporate intranets or websites which have a single shared credential, this causes headaches to the user. Changing the shared credential password requires that all entries that use it be updated. Disclosed here is an algorithm to permit the association of HTTP Basic Authentication realms with a single shared credential.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 100% of the total text.

Page 1 of 1

Method for Consolidating Authentication in Web Browsers

Flow of the solution:

Request Page

Authentication needed

URL in cred. vault

Credentials accepted

Prompt user To use cred

no

yes no

yes

yes

yes

no no

no

Realm in cred. vault

Prompt for user Cred.

store

don't store

  Send credentials

  Store credentials

yes

Render Page

Explanation: - A request is sent from the browser to the server, which will send the result back. In most cases, no authentication is needed and the browser simply renders the page. - If authentication is needed, the browser will consult its password vault for the visited URL and check if the credentials are already stored. - If not, it then checks the realm sent on the HTTP response for an association between the realm and URL. If it exists, it prompts the users whether to use the credential associated with realm - If realm is not associated, the user can either associate the realm with a credential (existing or new) or use the regular password manager function.

1

[This page contains 6 pictures or other non-text objects]