The number of computer applications used by large corporations has increased significantly over the past thirty years. For example, companies may employ separate applications for electronic mail, document control, financial applications, inventory management, manufacturing control and engineering functions, in addition to overall network access. Each application often requires a separate login sequence or procedure (including some form of personal identification such as a user ID, a password, a key sequence or biometric authentication) and other routine responses to screens, forms and messages during the authentication and/or operation of the application.
A typical approach to automating a login sequence is for a person to monitor and manually record a login sequence a user may input into web-based forms as a macro, and play the login sequence back either through a browser or directly at the HTTP layer on a client device. Many public-facing websites use this type of forms-based authentication. With such record-and-playback browser methods, however, there is generally no standardized process for forms-based web authentication, and manual intervention by the user and/or another person is required to determine the login sequence.
Some techniques describe software intervening the web browser and the network, that tries to discern a set of HTTP exchanges that are related to authentication. At some point, the software can re-issue this set of exchanges to extend the session. Such software operates at the HTTP layer and, like the above described techniques, requires some person to manually login to the website while the software is listening to the exchanges at the HTTP layer, in order to determine the login sequence. Another technique, on the other hand, compares the web server's response with an already-known set of login macros/forms and fills in user credentials appropriately. This approach requires a priori knowledge of the login form because the response must be compared to a previously validated form, in order to automate the login. Therefore, this approach cannot determine a login sequence on-the-fly. In summary, various previously known techniques do not determine a login sequence without requiring manual intervention and/or prior knowledge of the login form.
The foregoing examples of the related art and limitations related therewith are intended to be illustrative and not exclusive. Other limitations of the related art will become apparent upon a reading of the specification and a study of the drawings. Improved systems and methods are therefore needed for login sequence automation.