1. Technical Field of the Invention
This invention pertains to communications in a client/server session. More particularly, it pertains to communication of client IP addresses to server applications in a TCP/IP Telnet environment.
2. Background Art
TCP/IP Telnet is an application which provides a terminal to a user, which is used to gain access to machines and run other applications as the user desires. In today""s environment, more and more users are taking advantage of the increased security offered by firewalls, socks server and secured sockets layer (SSL) servers to protect their data transmissions to and from their terminals. Because of these new secure accesses, the actual client IP address is hidden or remapped, and thus not available to Telnet or other applications. However, over the years thousands of applications have been developed on the TCP/IP Client/Server model and in many cases they""ve become dependent upon knowing the IP address of the remote Telnet client. With security spoofing of the IP address, it is not safe to make any decisions at the server side based on the client IP address.
It is an object of the invention to enable applications to audit, track and log true client IP addresses over secure protocols.
It is an object of the invention to provide an improved system and method for making available to all applications the actual Client IP address.
It is a further object of the invention to provide a system and method for allowing decisions to be made at the server side in the TCP/IP Client/Server system based on client IP address in a safe manner.
In accordance with the invention, a system and method is provided for communicating a client IP address to server applications in a secure Telnet client/server system. During a client/server session, the secure connection handshake, including certificate authentication, occurs. Upon successful completion of this handshake, the terminal type is first negotiated, followed by negotiation of environment options, including requesting and receiving the client IP address. Upon creating a virtual device for the session, the client address is stored in device associated space where it becomes available to the server applications.
Other features and advantages of this invention will become apparent from the following detailed description of the presently preferred embodiment of the invention, taken in conjunction with the accompanying drawings.