US 6,374,359 B1
Dynamic use and validation of HTTP cookies for authenticationGeneral
US 6,374,359 B1
Dynamic use and validation of HTTP cookies for authentication
Tech Center:
2100 Computer Architecture and Software
Examiner:
Gail Hayes
Art Unit:
2131 Memory Access and Control
Agent:
Inventors:
THEODORE JACK LONDON SHRADER; GARRY L. CHILD; WILLIAM H. GENGLER
Priority:
11/19/98
Filed:
11/19/98
Granted:
04/16/02
Expiration:
11/19/18
Abstract
A method of enabling a Web browser user to interact with a given application running on a Web server begins by constructing and returning a cookie to the Web browser upon a given occurrence, e.g., user login to the application. Without additional user input, the routine then forces the Web browser to check with the Web server that the cookie was set on the Web browser. Preferably, this is accomplished by sending the cookie from the Web server in a refresh page that redirects the HTTP flow back to itself with a parameter to check if the cookie was set. At the Web server, a test is then done to determine whether the cookie is valid. If so, the user is allowed to interact with the given server application (e.g., to take a given action or to log off from the application without closing the Web browser). A novel cookie construction and validation mechanism is also described.