Remote access systems enable users to remotely access resources hosted on remote systems. Servers on the remote computing systems can execute programs and transmit signals indicative of a user interface to clients that can connect by sending signals over a network conforming to a communication protocol such as the TCP/IP protocol. Each connecting client may be provided a session, i.e., an execution environment that includes a set of resources. Each client can transmit signals indicative of user input to the server and the server can apply the user input to the appropriate session. The clients may use protocols such as the Remote Desktop Protocol (RDP) to connect to one or more server resources. Protocols such as RDP typically handle graphics, device traffic such as USB, printer keyboard and mouse and in addition, virtual channels for application between server and a client. The terminal server hosts client sessions which can be in hundreds in a typical server configuration.
When a client makes a remote access connection to a terminal server, the authentication credentials used to authenticate the user may not be shared between the web access server and additional terminal server connections. Thus a user may need to repeatedly enter authorization information in order to access additional resources. Thus it would be advantageous if remote access users can be provided a single authentication sign-on procedure that authenticates the user to access further downstream resources and applications without the need to re-authenticate.