Web Clients and Servers
As is known in the art, the primary function of a web server is to deliver web pages to clients. This means delivery of HTML documents and any additional content that may be included by a document, such as images, style sheets and JavaScripts.
A client, commonly a web browser, initiates communication by making a request for a specific resource using HTTP and the server responds with the content of that resource, or an error message if unable to do so. The resource is typically a real file on the server's secondary memory, but this is not necessarily the case and depends on how the web server is implemented.
While the primary function is to serve content, a full implementation of HTTP also includes a way of receiving content from clients. This feature is used for submitting web forms, including uploading of files.
Conventional Web Filters
A conventional web filter blocks access to Web servers and Internet applications and attempts to eliminate spyware and other forms of malware from an organization. Typical web filters                Block access to Web sites based on domain, URL pattern, or content category        Block downloads based on file type        Block applications that access the Internet, including IM, music services, and software update utilities        Integrate with “safe search” filters built into popular images search engines        Provide gateway and desktop spyware protectionDirectory Access Services        
Directory Access Services are known to those skilled in the art as a set of database and related technologies which allows administrators to assign policies, deploy software, and apply critical updates to an organization. Typically, Active Directory stores information and settings in a central database. Such networks are popular from a small installation with a few computers, users and printers to tens of thousands of users, many different domains and spanning many geographical locations. This and similar resources provide information security and single sign-on for user access to network based resources. However resources external to a network, such as servers on the Internet are not easily controlled and the recipients of data originating from outside the network are not conveniently authenticated without substantial network administration work.
What is needed is an easily installed way to determine the authenticated group, role, and identity of a user requesting a resource or application from an external server, a way to control access by said user, and a way to disable access to external resources according to a policy customized to groups, roles, and individuals. What is needed is a way to easily enforce custom policies for particular users and groups across customizable time ranges by integrating with LDAP directory servers, such as Microsoft Active Directory, for both authentication and group membership information on which to apply custom policies.