Storage virtualization is commonly used to relocate data from a first server to a second server without disturbing client access to either server. An administrator may use a storage virtualization system (also known as a file virtualization appliance or service virtualization device) to migrate data in order to upgrade, replace, or backup the first server, or for any other reasons that require copying or movement of data from a first server to a second server. After completing data migration from the first server to the second server, users attempting to access data originally located on the first server will be automatically and transparently re-directed to the migrated data the second server. The storage virtualization system will act as an intermediary or bridge between the user's computer (or client), the first server and the second server. Transparent re-direction is desirable so that IT administrators do not have to notify each and every user every time there is server maintenance, and users do not notice any disruption when accessing the server.
A storage virtualization system is designed to perform its tasks of copying, migration and re-direction with little impact to the user. However, in some cases, even though data may be successfully migrated from a first server to a second server, user access privileges may not migrate. This may occur when the first server requires user account authentication by a third party prior to allowing access to data stored on the first server. For example, access to the first server may require Kerberos authentication of the client. After this data is migrated to the second server, requests from the user's client computer are re-directed by the storage virtualization system, which may not have been authenticated for access to this data. As a result, after migration, user re-direction to the second server may fail, disrupting user access to data stored on the second server. What is therefore needed is a way for the storage virtualization system to act as a trusted, authenticated delegate for the user, so that the storage virtualization system can access the user's data on the second server on the user's behalf. What is also needed is a way for the storage virtualization system to perform delegation transparently, so that access to the user's data is not disrupted.