| CPC H04L 63/0892 (2013.01) [H04L 63/0884 (2013.01)] | 20 Claims |
|
1. A session move method, comprising:
authenticating, by an authentication agent on an authentication appliance, an Extensible Authentication Protocol over LAN (EAPOL) supplicant for a first session on a first network interface of the authentication appliance, the authenticating producing attributes for the first session as authenticated for the EAPOL supplicant on the first network interface;
receiving, by the authentication agent, an indication that the EAPOL supplicant has moved from the first network interface to start a second session on a second network interface of the authentication appliance;
storing, by the authentication agent in a cache local to the authentication agent, the attributes for the first session as authenticated for the EAPOL supplicant on the first network interface;
cleaning up, by the authentication agent, the first session on the first network interface;
applying, by the authentication agent, the attributes for the first session as authenticated for the EAPOL supplicant on the first network interface for the second session on the second network interface;
starting, by the authentication agent in a background process, a fresh authentication for the second session on the second network interface; and
if the fresh authentication fails, terminating, by the authentication agent, the second session on the second network interface so as to deny the EAPOL supplicant network access through the second session on the second network interface.
|