Nutanix, Inc.
EFFICIENT APPROACH FOR ACHIEVING SESSION FAILOVER FOR HTTP TRAFFIC IN A SCALE OUT WEB TIER USING A SHARED SALT

Abstract:

A node at a server side of a client-server system receives a request corresponding to a user account maintained in the server side. If login credentials in the request are valid, the node generates a session and a set of values including session metadata, a timeframe, and a signature associated with the session, wherein the signature is generated from the session metadata, the timeframe, and a salt that is shared among nodes at the server side. The session and the set of values are sent to a client from which the request originated. An additional node at the server side receives a request to access the session and obtains values from a value included in the request corresponding to the signature associated with the session using the salt. Session access is granted or denied based at least in part on whether the obtained values match the session metadata and timeframe.