The present invention relates to authentication techniques and more particularly to using multiple authentication techniques to authenticate clients of differing capabilities.
An ever-increasing number of resources are now available via communication networks such as the Internet. Access servers and devices are generally used to control access to such resources. These access servers are configured to authenticate access requests received from clients and provide access to the resources only if authentication is successful. Various different authentication techniques may be used to perform the authentication. The type of authentication technique used is sometimes dependent upon the capability of the client requesting access.
For example, authentication techniques based upon the IEEE 802.1x standard (referred to as 802.1x based authentication) are commonly used to authenticate devices. These 802.1x based authentication techniques are however usable only if the client or device being authenticated can support 802.1x authentication, i.e., the client can interpret requests arising from the 802.1x authentication and respond to the requests appropriately. A client may support 802.1x authentication only if the client comprises an 802.1x client module that facilitates and supports 802.1x authentication and can respond to 802.1x authentication requests. However, there are several devices that do not have an embedded 802.1x client module that can support 802.1x authentication. For example, several IP phones do not have a 802.1x client installed on them. Other devices that may not provide support for 802.1x authentication include printers, and other networked devices. For such devices alternative authentication techniques have to be used.
Accordingly, the authentication technique that may be used to authenticate a client may depend upon the capabilities of the client. On several occasions, the access server does not have any information about the capabilities of a client. Consequently, techniques are desired that enable access servers to authenticate clients of differing capabilities in an efficient manner.