Method and system for a service server to provide a service to a client.
The client (C) sets up a secure session to an authentication server (CAP)
and sends its identifier and a service request stating the required
service. The authentication server verifies the client identifier and
sends the service request to a service authorization server (DAP). The
authorization server checks whether the required service may be provided
and sends the authorized service request to the authentication server.
The authentication server generates a token, associated with the
authorized service request. Via the secure session, the authentication
server sends the address of the relevant service server and the token.
The client sends the token to the service server, which then sends the
token to the authentication server. The authentication server fetches the
service request associated with the token and forwards it to the service
server, after which the service server gives the client the required
service.