Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Using an Organization's Existing Security Mechanism for Web-Based Applications

IP.com Disclosure Number: IPCOM000123276D
Original Publication Date: 1998-Aug-01
Included in the Prior Art Database: 2005-Apr-04
Document File: 2 page(s) / 52K

Publishing Venue

IBM

Related People

Shmueli, E: AUTHOR

Abstract

Disclosed is a method for using the existing security mechanism of an organization, for accessing and using Web-based applications.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 61% of the total text.

Using an Organization's Existing Security Mechanism for Web-Based
Applications

   Disclosed is a method for using the existing security
mechanism of an organization, for accessing and using Web-based
applications.

   In a rapidly expanding intranet environment, accessing and
running Web-based, client-server applications often require
end-users to pass an authentication test.

   By providing a user-id and password through the browser,
the, user is authenticated by the web server which maintains a
separate authentication database, which subsequently allows access
and use of the application.

   Having a separate authentication database on the web
server, makes it a single point of failure.  A corrupted database
prevents the user from accessing the application's services, and
could result in an unreliable connection.

   Relying on the primary access mechanism of the organization
enhances security, by allowing access through one primary
authentication database, common to all platforms and applications.
It simplifies the system implementation by not involving security
concerns, and allows local administrators to choose the access
method.

   The method for using  the organization's existing security
mechanism for Web applications is described below:
  1.  When a user enters the application's URL for the first
      time (the client's application), a prompt appears to
      enter a user-id and password.
  2.  A Program running on the web server, receives...