Inter-application management of user credential data
First Claim
Patent Images
1. A computer-implemented method for providing a software development kit (SDK) for a client web application that performs user authorizations, wherein the SDK has an enhanced set of authorization application program interfaces (APIs), the method comprising:
- providing a resource, with one or more computing devices, to utilize the developer-defined user information for at least authorization, wherein the developer-defined user information comprises at least a user identifier for an on-demand database service; and
providing, with the one or more computing devices, access to the resource that can either use a cookie, or server-side storage for storing the developer-defined user information, wherein when the cookie is to be used perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory; and
providing, with the one or more computing devices, the resource to choose between two of security framework configurations, wherein a first configuration utilizes a cookie and a second configuration utilizes server-side storage.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and apparatus for enhancing the functionality and utility of an authentication process for web applications is disclosed.
-
Citations
19 Claims
-
1. A computer-implemented method for providing a software development kit (SDK) for a client web application that performs user authorizations, wherein the SDK has an enhanced set of authorization application program interfaces (APIs), the method comprising:
-
providing a resource, with one or more computing devices, to utilize the developer-defined user information for at least authorization, wherein the developer-defined user information comprises at least a user identifier for an on-demand database service; and providing, with the one or more computing devices, access to the resource that can either use a cookie, or server-side storage for storing the developer-defined user information, wherein when the cookie is to be used perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory; and providing, with the one or more computing devices, the resource to choose between two of security framework configurations, wherein a first configuration utilizes a cookie and a second configuration utilizes server-side storage. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A multi-tenant database system having one or more hardware processors coupled with one or more memory devices, the system comprising:
-
a database system to store data in the one or more memory devices for each of multiple tenants; an application server communicably coupled to the database system and to a network, the application server to provide network access to the database system for each of the multiple tenants, the application server utilizing a software development kit (SDK) for building client applications that are to be accessible on the application server, the SDK having authorization application program interfaces (APIs); and wherein the authorization APIs include at least developer-defined user information comprising at least a user identifier for the multi-tenant database system and providing access to at least two security framework configurations using cookies or using server-side storage, wherein when the cookie is to be used perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, a hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory.
-
-
13. A non-transitory machine-readable medium carrying one or more sequences of instructions for implementing a method for providing an interface for object relationships having at least a software development kit (SDK) for a client web application that performs user authorizations, wherein the SDK has an enhanced set of authorization application program interfaces (APIs), comprising:
wherein that enhanced set of APIs including the following; providing access to a resource that can either use a cookie, or server-side storage for storing the developer-defined user information, wherein when the cookie is to be used perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory; and providing the resource to choose between two of security framework configurations, wherein a first configuration utilizes the cookie and a second configuration utilizes server-side storage. - View Dependent Claims (14, 15, 16, 17, 18, 19)
Specification