(i9) United States
(12) Patent Application Publication oo) Pub. No.: US 2007/0094373 Al
Brendel (43) Pub. Date: Apr. 26,2007
(54) ATOMIC SESSION-START OPERATION
COMBINING CLEAR-TEXT AND
ENCRYPTED SESSIONS TO PROVIDE ID
VISIBILITY TO MIDDLEWARE SUCH AS
(75) Inventor: Juergen Brendel, Santa Clara, CA (US)
TOWNSEND AND TOWNSEND AND CREW,
TWO EMBARCADERO CENTER
SAN FRANCISCO, CA 94111-3834 (US)
(73) Assignee: Resonate Inc., Mountain View, CA
(21) Appl. No.: 11/515,358
(22) Filed: Aug. 31, 2006
Related U.S. Application Data
(63) Continuation of application No. 10/900,840, filed on Jul. 27, 2004, which is a continuation of application No. 09/388,319, filed on Sep. 1, 1999, now Pat. No. 6,772,333.
(51) Int. CI.
G06F 15/173 (2006.01)
(52) U.S. CI 709/223
A load-balancer assigns incoming requests to servers at a server farm. An atomic operation assigns both un-encrypted clear-text requests and encrypted requests from a client to the same server at the server farm. An encrypted session is started early by the atomic operation, before encryption is required. The atomic operation is initiated by a special, automatically loaded component on a web page. This component is referenced by code requiring that an encrypted session be used to retrieve the component. Keys and certificates are exchanged between a server and the client to establish the encrypted session. The server generates a secure-sockets-layer (SSL) session ID for the encrypted session. The server also generates a server-assignment cookie that identifies the server at the server farm. The server-assignment cookie is encrypted and sent to the client along with the SSL session ID. The Client decrypts the server-assignment cookie and stores it along with the SSL session ID. The load-balancer stores the SSL session ID along with a server assignment that identifies the server that generated the SSL session ID. When other encrypted requests are generated by the client to the server farm, they include the SSL session ID. The load-balancer uses the SSL session ID to send the requests to the assigned server. When the client sends a non-encrypted clear-text request to the server farm, it includes the decrypted server-assignment cookie. The load balancer parses the clear-text request to find the server-assignment cookie. The load-balancer then sends the request to the assigned server.