Login| Sign Up| Help| Contact|

Patent Searching and Data


Title:
COMPUTER SYSTEM PROVIDING SAAS APPLICATION SESSION STATE MIGRATION FEATURES AND RELATED METHODS
Document Type and Number:
WIPO Patent Application WO/2019/212692
Kind Code:
A1
Abstract:
A computer system may include at least one client computing device configured to run a first Software as a Service (SaaS) application session within a first browser. Further, a server may cooperate with the at least one client computing device to store a series of browser commands executed by the first browser during the first SaaS application session, and run a second SaaS application session within a second browser on the at least one client computing device replicating a state of the first SaaS application session based upon the series of stored browser commands.

Inventors:
VAN ROTTERDAM, Jeroen (851 West Cypress Creek Road, Fort Lauderdale, Florida, 33309, US)
MOMCHILOV, Georgy (851 West Cypress Creek Road, Fort Lauderdale, Florida, 33309, US)
Application Number:
US2019/026247
Publication Date:
November 07, 2019
Filing Date:
April 08, 2019
Export Citation:
Click for automatic bibliography generation   Help
Assignee:
CITRIX SYSTEMS, INC. (851 W. Cypress Creek Rd, Fort Lauderdale, Florida, 33309, US)
International Classes:
G06F9/46; G06F9/48; H04L29/08
Foreign References:
US20160182627A12016-06-23
US20170339250A12017-11-23
US20140317081A12014-10-23
US20020062369A12002-05-23
US9176744B22015-11-03
US9538345B22017-01-03
US8850010B12014-09-30
Other References:
CHRISTOPHER NEASBITT ET AL: "ClickMiner", COMPUTER AND COMMUNICATIONS SECURITY, ACM, 2 PENN PLAZA, SUITE 701 NEW YORK NY 10121-0701 USA, 3 November 2014 (2014-11-03), pages 1244 - 1255, XP058060618, ISBN: 978-1-4503-2957-6, DOI: 10.1145/2660267.2660268
Attorney, Agent or Firm:
WOODSON, II, John F. et al. (Allen Dyer, Doppelt & Gilchrist P.A.,255 S. Orange Avenue, Suite 140, Orlando Florida, 32802-3791, US)
Download PDF:
Claims:
THAT WHICH IS CLAIMED IS:

1. A computer system comprising:

at least one client computing device configured to run a first Software as a Service (SaaS) application session within a first browser; and

a server cooperating with the at least one client computing device to

store a series of browser commands executed by the first browser during the first SaaS application session, and

run a second SaaS application session within a second browser on the at least one client computing device replicating a state of the first SaaS application session based upon the series of stored browser commands.

2. The computer system of Claim 1 wherein the at least one client computing device comprises a first client computing device running the first SaaS application session within the first browser, and a second client computing device different from the first client computing device running the second SaaS application session within the second browser.

3. The computer system of Claim 1 wherein the at least one client computing device comprises a single client computing device.

4. The computer system of Claim 1 wherein the server causes the at least one client computing device to repeat execution of the series of stored browser commands sequentially to replicate the state of the first SaaS application session in the second SaaS application session.

5. The computer system of Claim 1 wherein at least one of the first and second browsers comprises a managed browser.

6. The computer system of Claim 1 wherein at least one of the first and second browsers comprises a hosted browser.

7. The computer system of Claim 1 wherein the series of stored browser commands comprises Hypertext Markup Language (HTML) commands.

8. The computer system of Claim 1 wherein the series of stored browser commands comprises Hypertext Transfer Protocol (HTTP) requests.

9. The computer system of Claim 8 wherein the server cooperates with the at least one computing device to run the second SaaS application session within the second browser to replicate the state of the first SaaS application by replaying previously received responses to the HTTP requests.

10. The computer system of Claim 8 wherein the server cooperates with the at least one computing device to run the second SaaS application session within the second browser to replicate the state of the first SaaS application by re-sending the HTTP requests to respective target hosts.

11. The computer system of Claim 1 wherein the series of stored browser commands comprises JavaScript commands.

12. The computer system of Claim 1 wherein the server is further configured to cooperate with the at least one client computing device to collect user input data from the first SaaS application session, and reproduce the user input data in the second SaaS application session.

13. The computer system of Claim 1 wherein the server is further configured to clear the series of stored browser commands based upon closing of the first SaaS application session.

14. A method comprising:

running a first Software as a Service (SaaS) application session within a first browser on at least one client computing device;

storing a series of browser commands executed by the first browser during the first SaaS application session; and running a second SaaS application session within a second browser on the at least one client computing device replicating a state of the first SaaS application session based upon the series of stored browser commands.

15. The method of Claim 14 wherein the at least one client computing device comprises a first client computing device running the first SaaS application session within the first browser, and a second client computing device different from the first client computing device running the second SaaS application session within the second browser.

16. The method of Claim 14 wherein the at least one client computing device comprises a single client computing device.

17. The method of Claim 14 further comprising causing the at least one client computing device to repeat execution of the series of stored browser commands sequentially to replicate the state of the first SaaS application session in the second SaaS application session.

18. A non-transitory computer-readable medium having computer- executable instructions for causing a server to perform steps comprising:

storing a series of browser commands executed by a first browser while running a first Software as a Service (SaaS) application session on at least one client computing device; and

cooperating with the at least one client computing device to run a second SaaS application session within a second browser replicating a state of the first SaaS application session based upon the series of stored browser commands.

19. The non-transitory computer-readable medium of Claim 18 wherein the at least one client computing device comprises a first client computing device running the first SaaS application session within the first browser, and a second client computing device different from the first client computing device running the second SaaS application session within the second browser.

20. The non-transitory computer-readable medium of Claim 18 wherein the at least one client computing device comprises a single client computing device.

Description:
COMPUTER SYSTEM PROVIDING SAAS APPLICATION SESSION STATE MIGRATION FEATURES AND RELATED METHODS

Background

[0001]Traditionally, personal computers include combinations of operating systems, applications, and user settings, which are each managed individually by owners or administrators on an ongoing basis. However, many organizations are now using desktop virtualization to provide a more flexible option to address the varying needs of their users. In desktop virtualization, a user's computing environment (e.g., operating system, applications, and/or user settings) may be separated from the user's physical computing device (e.g., smartphone, laptop, desktop computer). Using client-server technology, a“virtualized desktop” may be stored in and administered by a remote server, rather than in the local storage of the client computing device.

[0002] There are several different types of desktop virtualization systems. As an example, Virtual Desktop Infrastructure (VDI) refers to the process of running a user desktop inside a virtual machine that resides on a server. VDI and other server-based desktop virtualization systems may provide personalized desktops for each user, while allowing for centralized management and security. Servers in such systems may include storage for virtual desktop images and system configuration information, as well as software components to provide the virtual desktops and allow users to interconnect to them. For example, a VDI server may include one or more hypervisors (virtual machine managers) to create and maintain multiple virtual machines, software to manage the hypervisor(s), a connection broker, and software to provision and manage the virtual desktops. [0003] Desktop virtualization systems may be implemented using a single virtualization server or a combination of servers interconnected as a server grid. For example, a cloud computing environment, or cloud system, may include a pool of computing resources (e.g., desktop virtualization servers), storage disks, networking hardware, and other physical resources that may be used to provision virtual desktops, along with additional computing devices to provide management and customer portals for the cloud system.

[0004] Cloud systems may dynamically create and manage virtual machines for customers over a network, providing remote customers with computational resources, data storage services, networking capabilities, and computer platform and application support. For example, a customer in a cloud system may request a new virtual machine having a specified processor speed and memory, and a specified amount of disk storage. Within the cloud system, a resource manager may select a set of available physical resources from the cloud resource pool (e.g., servers, storage disks) and may provision and create a new virtual machine in accordance with the customer's specified computing parameters. Cloud computing services may service multiple customers with private and/or public components, and may be configured to provide various

specific services, including web servers, security systems, development environments, user interfaces, and the like.

[0005] Software as a Service (SaaS) is a cloud computing approach to software delivery by which software applications are centrally hosted in the cloud and provided on a subscription basis to users. SaaS applications are offered for numerous areas, including business, accounting, and even gaming applications. SaaS applications are typically accessed on client devices with a thin client via a browser program.

Summary

[0006]A computer system may include at least one client computing device configured to run a first Software as a Service (SaaS) application session within a first browser. Further, a server may cooperate with the at least one client computing device to store a series of browser commands executed by the first browser during the first SaaS application session, and run a second SaaS application session within a second browser on the at least one client computing device replicating a state of the first SaaS application session based upon the series of stored browser commands.

[0007] In accordance with an example embodiment, the at least one client computing device may comprise a first client computing device running the first SaaS application session within the first browser, and a second client computing device different from the first client computing device running the second SaaS application session within the second browser session. In accordance with another example embodiment, the at least one client computing device may comprise a single client computing device.

[0008] By way of example, the server may cause the at least one client computing device to repeat execution of the series of stored browser commands sequentially to replicate the state of the first SaaS application session in the second SaaS application session. Also by way of example, the first and/or the second browser may be a managed browser or hosted browser.

[0009] In one example implementation, the series of stored browser commands may include Hypertext Markup Language (HTML) commands, JavaScript commands, etc. In accordance with another example, the series of stored browser commands may include Hypertext Transfer Protocol (HTTP) requests. More particularly, the server may cooperate with the at least one computing device to run the second SaaS application session within the second browser to replicate the state of the first SaaS application by replaying previously received responses to the HTTP requests, for example. In still another example approach, the server may cooperate with the at least one computing device to run the second SaaS application session within the second browser to replicate the state of the first SaaS application by re-sending the HTTP requests to respective target hosts.

[0010] In accordance with an example embodiment, the server may be further configured to cooperate with the at least one client computing device to collect user input data from the first SaaS application session, and reproduce the user input data in the second SaaS application session. The server may also be configured to clear the series of stored browser commands based upon closing of the first SaaS application session in some implementations. [0011] A related method may include running a first SaaS application session within a first browser on at least one client computing device, and storing a series of browser commands executed by the first browser during the first SaaS application session. The method may further include running a second SaaS application session within a second browser on the at least one client computing device replicating a state of the first SaaS application session based upon the series of stored browser commands.

[0012] A related non-transitory computer-readable medium may have computer- executable instructions for causing a server to perform steps including storing a series of browser commands executed by a first browser while running a first SaaS application session on at least one client computing device, and cooperating with the at least one client computing device to run a second SaaS application session within a second browser replicating a state of the first SaaS application based upon the series of stored browser commands.

Brief Description of the Drawings

[0013] FIG. 1 is a block diagram of a network environment of computing devices in which various aspects of the disclosure may be implemented.

[0014] FIG. 2 is a block diagram of a computing device useful for practicing an embodiment of the client machines or the remote machines illustrated in FIG. 1.

[0015] FIG. 3 is a block diagram of a computing system providing Software as a Service (SaaS) application session roaming between browsers on difference client computing devices in accordance with an example implementation.

[0016] FIG. 4 is a block diagram of another example implementation of the computing system of FIG. 3 providing SaaS application roaming features between different browsers on a same client computing device.

[0017] FIGS. 5 and 6A-6B are flow diagrams illustrating method aspects associated with the systems of FIGS. 3 and 4.

Detailed Description

[0018] The present description is made with reference to the accompanying drawings, in which example embodiments are shown. However, many different embodiments may be used, and thus the description should not be construed as limited to the particular embodiments set forth herein. Like numbers refer to like elements throughout, and prime notation may be used to indicate similar elements in different embodiments.

[0019] As will be appreciated by one of skill in the art upon reading the following disclosure, various aspects described herein may be embodied as a device, a method or a computer program product (e.g., a non-transitory computer-readable medium having computer executable instruction for performing the noted operations or steps). Accordingly, those aspects may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects.

[0020] Furthermore, such aspects may take the form of a computer program product stored by one or more computer-readable storage media having computer-readable program code, or instructions, embodied in or on the storage media. Any suitable computer readable storage media may be utilized, including hard disks, CD-ROMs, optical storage devices, magnetic storage devices, and/or any combination thereof.

[0021] Referring initially to FIG. 1 , a non-limiting network environment 101 in which various aspects of the disclosure may be implemented includes one or more client machines 102A-102N, one or more remote machines 106A-106N, one or more networks 104, 104’, and one or more appliances 108 installed within the computing environment 101. The client machines 102A-102N communicate with the remote machines 106A-106N via the networks 104, 104’.

[0022] In some embodiments, the client machines 102A-102N communicate with the remote machines 106A-106N via an intermediary appliance 108. The illustrated appliance 108 is positioned between the networks 104, 104’ and may also be referred to as a network interface or gateway. In some embodiments, the appliance 108 may operate as an application delivery controller (ADC) to provide clients with access to business applications and other data deployed in a datacenter, the cloud, or delivered as Software as a Service (SaaS) across a range of client devices, and/or provide other functionality such as load balancing, etc. In some embodiments, multiple appliances 108 may be used, and the appliance(s) 108 may be deployed as part of the network 104 and/or 104’. [0023] The client machines 102A-102N may be generally referred to as client machines 102, local machines 102, clients 102, client nodes 102, client computers 102, client devices 102, computing devices 102, endpoints 102, or endpoint nodes 102. The remote machines 106A-106N may be generally referred to as servers 106 or a server farm 106. In some embodiments, a client device 102 may have the capacity to function as both a client node seeking access to resources provided by a server 106 and as a server 106 providing access to hosted resources for other client devices 102A-102N. The networks 104, 104’ may be generally referred to as a network 104. The networks 104 may be configured in any combination of wired and wireless networks.

[0024] A server 106 may be any server type such as, for example: a file server; an application server; a web server; a proxy server; an appliance; a network appliance; a gateway; an application gateway; a gateway server; a virtualization server; a

deployment server; a Secure Sockets Layer Virtual Private Network (SSL VPN) server; a firewall; a web server; a server executing an active directory; a cloud server; or a server executing an application acceleration program that provides firewall functionality, application functionality, or load balancing functionality.

[0025] A server 106 may execute, operate or otherwise provide an application that may be any one of the following: software; a program; executable instructions; a virtual machine; a hypervisor; a web browser; a web-based client; a client-server application; a thin-client computing client; an ActiveX control; a Java applet; software related to voice over internet protocol (VoIP) communications like a soft IP telephone; an application for streaming video and/or audio; an application for facilitating real-time-data

communications; a HTTP client; a FTP client; an Oscar client; a Telnet client; or any other set of executable instructions.

[0026] In some embodiments, a server 106 may execute a remote presentation services program or other program that uses a thin-client or a remote-display protocol to capture display output generated by an application executing on a server 106 and transmit the application display output to a client device 102.

[0027] In yet other embodiments, a server 106 may execute a virtual machine providing, to a user of a client device 102, access to a computing environment. The client device 102 may be a virtual machine. The virtual machine may be managed by, for example, a hypervisor, a virtual machine manager (VMM), or any other hardware virtualization technique within the server 106.

[0028] In some embodiments, the network 104 may be: a local-area network (LAN); a metropolitan area network (MAN); a wide area network (WAN); a primary public network 104; and a primary private network 104. Additional embodiments may include a network 104 of mobile telephone networks that use various protocols to communicate among mobile devices. For short range communications within a wireless local-area network (WLAN), the protocols may include 802.1 1 , Bluetooth, and Near Field

Communication (NFC).

[0029] FIG. 2 depicts a block diagram of a computing device 100 useful for practicing an embodiment of client devices 102, appliances 108 and/or servers 106. The computing device 100 includes one or more processors 103, volatile memory 122 (e.g., random access memory (RAM)), non-volatile memory 128, user interface (Ul) 123, one or more communications interfaces 118, and a communications bus 150.

[0030] The non-volatile memory 128 may include: one or more hard disk drives (HDDs) or other magnetic or optical storage media; one or more solid state drives (SSDs), such as a flash drive or other solid-state storage media; one or more hybrid magnetic and solid-state drives; and/or one or more virtual storage volumes, such as a cloud storage, or a combination of such physical storage volumes and virtual storage volumes or arrays thereof.

[0031] The user interface 123 may include a graphical user interface (GUI) 124 (e.g., a touchscreen, a display, etc.) and one or more input/output (I/O) devices 126 (e.g., a mouse, a keyboard, a microphone, one or more speakers, one or more cameras, one or more biometric scanners, one or more environmental sensors, and one or more accelerometers, etc.).

[0032]The non-volatile memory 128 stores an operating system 115, one or more applications 116, and data 117 such that, for example, computer instructions of the operating system 115 and/or the applications 116 are executed by processor(s) 103 out of the volatile memory 122. In some embodiments, the volatile memory 122 may include one or more types of RAM and/or a cache memory that may offer a faster response time than a main memory. Data may be entered using an input device of the GU1 124 or received from the I/O device(s) 126. Various elements of the computer 100 may communicate via the communications bus 150.

[0033] The illustrated computing device 100 is shown merely as an example client device or server, and may be implemented by any computing or processing

environment with any type of machine or set of machines that may have suitable hardware and/or software capable of operating as described herein.

[0034] The processor(s) 103 may be implemented by one or more programmable processors to execute one or more executable instructions, such as a computer program, to perform the functions of the system. As used herein, the term“processor” describes circuitry that performs a function, an operation, or a sequence of operations. The function, operation, or sequence of operations may be hard coded into the circuitry or soft coded by way of instructions held in a memory device and executed by the circuitry. A processor may perform the function, operation, or sequence of operations using digital values and/or using analog signals.

[0035] In some embodiments, the processor can be embodied in one or more application specific integrated circuits (ASICs), microprocessors, digital signal processors (DSPs), graphics processing units (GPUs), microcontrollers, field programmable gate arrays (FPGAs), programmable logic arrays (PLAs), multi-core processors, or general-purpose computers with associated memory.

[0036]The processor 103 may be analog, digital or mixed-signal. In some

embodiments, the processor 103 may be one or more physical processors, or one or more virtual (e.g., remotely located or cloud) processors. A processor including multiple processor cores and/or multiple processors may provide functionality for parallel, simultaneous execution of instructions or for parallel, simultaneous execution of one instruction on more than one piece of data.

[0037] The communications interfaces 118 may include one or more interfaces to enable the computing device 100 to access a computer network such as a Local Area Network (LAN), a Wide Area Network (WAN), a Personal Area Network (PAN), or the Internet through a variety of wired and/or wireless connections, including cellular connections. [0038] In described embodiments, the computing device 100 may execute an application on behalf of a user of a client device. For example, the computing device 100 may execute one or more virtual machines managed by a hypervisor. Each virtual machine may provide an execution session within which applications execute on behalf of a user or a client device, such as a hosted desktop session. The computing device 100 may also execute a terminal services session to provide a hosted desktop environment. The computing device 100 may provide access to a remote computing environment including one or more applications, one or more desktop applications, and one or more desktop sessions in which one or more applications may execute.

[0039] Additional descriptions of a computing device 100 configured as a client device 102 or as a server 106, or as an appliance intermediary to a client device 102 and a server 106, and operations thereof, may be found in U.S. Patent Nos. 9,176,744 and 9,538,345, which are incorporated herein by reference in their entirety. The 744 and ‘345 patents are both assigned to the current assignee of the present disclosure.

[0040] Turning now to FIG. 3 and the flow diagram 50 of FIG. 5, a computer system 30 which advantageously provides Software as a Service (SaaS) migration features between different browsers and associated method aspects are first described. By way of background, currently users are required to execute repetitive steps to rebuild context every time they open a new SaaS application session. For example, in the Citrix

Workday SaaS application a user could start from the home screen, then transition to specific task screen and start working on a task. More particularly, a user may start with the home screen, then go to My Performance, Add/Change Priorities, Individual Priorities, browse through a long list of existing priories, select specific priority, Edit, start modifying some text or input fields, etc., for example.

[0041] If a user pauses his or her work and roams to a new device, then the user has to not only authenticate and launch the SaaS application session but also execute the same potentially long sequence of steps to rebuild the context to where they previously left off. In addition, the user has to remember where they left off, which may sometimes be challenging if roaming occurred over a long period of time.

[0042] The system 30 may automatically preserve and recreate the context or state of SaaS applications during various forms of session roaming or migration to advantageously improve productivity and user experience (UX) with SaaS applications. More particularly, beginning at Block 51 , a first client computing device 31 (such as those discussed above) is configured to run a first SaaS application session 32 within a first browser 33, at Block 52. The browser 33 may be one of various types, including a local browser, managed or embedded browser, or hosted browser, for example.

[0043] Generally speaking, a local browser is one that runs on a client computing device and communicates directly with a target host (e.g., a SaaS server) via the Internet. In some cases, the local browser may be a managed browser which provides access to the Internet and/or enterprise resources in accordance with certain rules and permission levels. For example, Citrix Receiver and Citrix Workspace App are programs that are installed on client devices and provide a browser through which permissions and access to different resources can be managed. Further details regarding managed browsers are provided in U.S. Pat. No. 8,850,010 to Qureshi, which is assigned to the present Applicant and is hereby incorporated herein in its entirety by reference. A hosted browser is similar to a managed browser but is instead run remotely on a cloud or network server, such as in a virtual computing session, and displayed locally at a client computing device. By way of example, such hosted browsers are provided through the Citrix Secure Browser Standard Service. However, it will be appreciated that other forms of managed and hosted browsers may be used in different embodiments.

[0044] Furthermore, a server 34 (such as those described above) cooperates with the client computing device 31 to store a series of browser commands executed by the first browser 33 during the first SaaS application session 32, at Block 53. In this regard, the server 34 may be a network server, a virtualization server providing virtual computing sessions for the first client computing device 31 , and/or a cloud based server. In one example implementation, the server 34 may be part of a secure file sharing system such as ShareFile from Citrix Systems, although other file sharing systems may also be used. When it is time for the user to roam or migrate to a second client computing device 35, a second SaaS application session 36 may be run within a second browser 37 on the second client computing device replicating a state of the first SaaS application session based upon the series of stored browser commands maintained by the server 34, at Block 54, which concludes the method illustrated in FIG. 5 (Block 55). [0045] Referring now to FIG. 4, in another form of SaaS roaming, an automatic transition may occur between a SaaS session in a local browser (e.g., one embedded or managed by Citrix Receiver or the Citrix Workspace App) and a new session in a hosted browser (e.g., the Citrix Secure Browser), or vice-versa. This transition may occur either at the start of the SaaS application session or dynamically depending on UX, performance, security or other considerations. In this use case, the client computing device 31’ of the system 30’ runs the first SaaS application session 32’ within the first browser 33’ at a first time, and the collected series of browser commands executed by the first browser are stored with the server 34’ as described above. When it is time for migration from the first browser 33’ (which is a managed browser in this example) to a second browser 37’ (a hosted browser in this example), the client computing device 31’ and server 34’ cooperate to run a new session 36’ of the same SaaS application based upon the stored series of browser commands, yet while still retaining the same state of the first SaaS application session as noted above.

[0046]The foregoing will be further understood with reference to the flow diagram 60 of FIGS. 6A-6B and various example use cases. For purposes of this discussion, it will be assumed that the user is migrating between different client devices (as in FIG. 3) unless otherwise noted. However, it will be understood that these same actions or steps may apply to browser migration on the same client device (as illustrated in FIG. 4). With respect to the first SaaS application session instance 32 on the first client device 31 , beginning at Block 61 , a user authenticates and launches the desired SaaS application in the first browser 33 (Block 62), which in this example is a managed browser such as the Chromium Browser Engine in Citrix Receiver or Citrix Workspace App. The first managed browser 33 applies browser hooks, stubs or proxy elements, for example, to perform various actions. These may include recording user actions in the managed browser and loaded HTML pages. More particularly, information such as action type, position, direction relative to browser controls or HTML tags, as well as relative time of action may be captured, in addition to other pertinent information.

[0047] Capturing of the browser commands may further include recording HTTP requests and responses in the first managed browser 33. By way of example, these may include the HTTP method, URI, host, path, body and headers, as well as relative time of requests and responses. In still other examples, these may involve REST API calls, JavaScript commands, etc.

[0048] In some embodiments, the recorded state captured in the browser commands may be stored in a serialized format to be sequentially replayed when creating the second SaaS application session 36 having the same state as the first SaaS application session 32. The serialized format may encompass user actions, HTTP requests and responses, SaaS application ID, etc. In accordance with one example, this may be accomplished by serializing the recorded state in JSON, although other approaches may also be used which allow the information to be later shared and replayed sequentially. The serialized recorded state may be stored in a secure shared location, such as the server 34, at Block 63. For example, this may be done using Citrix

ShareFile in the context of the authenticated user, although other suitable approaches may also be used.

[0049] In some cases, a user may close the first SaaS application session 32, at Block 64. For example, the use may user close the managed browser 33 tab hosting the SaaS application, or close the program running the managed browser (e.g., Citrix Receiver or Workspace App). Other intuitive forms of“closing” or discarding work in an SaaS application may also exist. When this occurs, the series of browser commands may then be cleared or erased from the server 34 and/or local storage (Block 65), concluding the illustrated method (Block 66).

[0050] When it is time for the user to roam from the first device 31 to the second device 35, at Block 67, the user may authenticate and launch the second SaaS app session 36 of the same SaaS application within the second browser 37. In accordance with one example implementation, a second instance of Citrix Receiver or Citrix Workspace App may be invoked including the managed browser 37. A transition may also occur between a SaaS session in a local browser (e.g., one embedded or managed by Citrix Receiver or Citrix Workspace App) and a new session in a hosted browser (such as the Citrix Secure Browser), or vice versa. As noted above, this may be between different devices, or different browsers on the same client device. In some embodiments, to provide enhanced UX, authentication tokens may also be shared for cross-device single sign-on (SSO), although this need not be done in all embodiments. [0051]With respect to the second SaaS application session instance 36 on the second device 35, the second browser 37 applies the appropriate browser hooks, stubs or proxy elements to recreate the state of the first SaaS application session 32, at Block 68. More particularly, this may include retrieving the serialized recorded state based on a SaaS application ID. In accordance with one example, this state data may be retrieved from Citrix ShareFile in the context of the authenticated user. Moreover, network activity may optionally be suspended for the second computing device 35 while the prior browser commands are re-executed to recreate the state of the first SaaS application session 32. In particular, the user actions may be replayed or executed sequentially. Where the user simply interacts with browser controls or local HTML, e.g., scroll text or selecting a checkbox, no further action is required and the local user agent at the client device may handle execution of such updates.

[0052] On the other hand, if the user action within the first SaaS application session 32 triggers a more complex process, such as an HTTP request, at Block 69, then various options exist when replaying such requests. First, the server 34 (or local agent such as Citrix Receiver in some embodiments) may search the recorded state for a matching request. By way of example, request matching may be performed based on an HTTP method, URI, host, path, body and headers, etc., or a combination of these approaches. In some cases, it is possible that multiple versions of the same request may be found, in which case a relative timing of the requests may be used to select the appropriate response. If a matching HTTP request is found, the response from the recorded state may be played, instead of forwarding the request to the target host, at Block 70.

[0053] If no recorded state for an HTTP request exists, then the request may be re-sent to the appropriate target host, at Block 71. More particularly, a request may be allowed to go to the target host by temporarily allowing network activity until a response comes back. Another instance where this may be appropriate is where a change of response has occurred. More particularly, if Data Loss Prevention (DLP) policies on the first client computing device 31 resulted in denied access but DLP policies on the second client computing device 35 would allow such access, then that same request may then be permitted to go to the target host when initiating the second SaaS application session 36. [0054] Optionally, for relatively closely timed requests, servicing responses may be serialized based on an original relative timing of the browser commands. This may be done to avoid potential issues with different user agents and multi-threaded page rendering, where certain sequences of responses may be expected. However, this may result in a proportionately timed delay in the replay of responses.

[0055] Once all the recorded user actions (i.e., browser commands) are exhausted, network activity may be resumed for the second client computing device 35 with normal HTTP handling to target hosts. The state of the first SaaS application session 32 is then re-created in the second SaaS application session 36, and the further recording of browser commands from the second browser 37 to add to the SaaS application state may be performed just like in the first SaaS session instance 32. That is, the process may continue to migrate to another browser on the same device, or to another browser on a different client computing device as described above and may continue indefinitely if desired.

[0056] In some embodiments, the user may be given a choice as to whether he or she wishes to reproduce the first SaaS application session state. For example, the user may be given a choice right after launching the second SaaS application, at Blocks 72-73, between starting fresh (Block 74) or continuing where they left off (i.e., from the first SaaS application session state), at Block 75. In the former case, the recorded state stored at the server 34 may be reset.

[0057] In some example implementations, data such as metadata identifying HTML pages, their tags and user input (e.g., text) into specific fields may be recorded during the first SaaS application session 32. Then, in the second SaaS application session instance 36, and while the user is in the respective context (e.g., filling out the same or similar form, etc.), the previously-recorded user input data may be replayed either automatically or by suggesting to the user to replay it, at Block 76. For example, this fhay include pasting text into fields, or presenting a“clipboard blob” and allowing the user to manually copy and paste from it. As such, the user need not be required to explicitly copy and paste information (in the fully automatic implementation), or at least the user need not be required to proactively copy it prior to roaming (in the suggestive implementation). In some embodiments, such input data may be recorded and migrated without recording all of the other browser commands noted above (e.g., HTML/HTTP) to recreate the state of user input data by itself, to thereby provide a partial state migration from the first SaaS application session 32. Stated alternatively, only part of the SaaS application state would be migrated in such an embodiment, while the user would “manually” rebuild the rest of the context, if desired.

[0058] The above-described approach advantageously provides live state migration for SaaS applications in different forms of roaming. For example, these include roaming device-to-device between client endpoints, as well as roaming between a local client device browser and a hosted Secure Browser service. For example, in one example use case this may be orchestrated by Citrix Receiver or the Citrix Workspace App with an embedded or managed browser during local versus remote fallback to help balance the needs of local UX, performance, security, etc. The above-described approach may accordingly improve productivity and UX with SaaS applications in various forms of SaaS application session roaming by helping to avoid execution of repetitive steps to rebuild context in each new SaaS application session.

[0059] Many modifications and other embodiments will come to the mind of one skilled in the art having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is understood that the foregoing is not to be limited to the example embodiments, and that modifications and other embodiments are intended to be included within the scope of the appended claims.