Web-based single sign-on with form-fill proxy application

US 10,075,426 B2
Filed: 03/20/2017
Issued: 09/11/2018
Est. Priority Date: 09/20/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

based on a response received from an application, modifying, by a computer system, the response to include one or more computer-executable instructions, wherein the response is based on a first request by a device to access the application; and

sending, by the computer system, the modified response to the device;

wherein execution of the one or more computer-executable instructions on the device causes the device to;

obtain, from the computer system, a plurality of credentials associated with a user of the device;

invoke an automated logon chooser process that, until a successful logon is detected, for each credential of the plurality of credentials, submits the credential to the application for logon; and

in response to detecting the successful logon to the application, send, to the computer system, a second request to update a user credential associated with the user for the application with the credential that resulted in the successful logon.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Web-based single sign-on can enable a user to log in to a single interface (such as through a web browser or thin client) and then provide SSO services to the user for one or more web applications. The web-based SSO system can be extended to support one or more different access control methods, such as form-fill, Federated (OIF), SSO Protected (OAM), and other policies. The web-based SSO system can include a user interface through which the user can access different web applications, systems, etc. and manage their credentials. Each SSO service can be associated with a web interface allowing the SSO services to be accessed over the web. The web interfaces can provide CRUD (create, read, update, delete) functionality for each SSO service. To support different access policy types, the web-based SSO system can include an extensible data manager that can manage data access to different types of repositories transparently.

45 Citations

View as Search Results

20 Claims

1. A method comprising:
- based on a response received from an application, modifying, by a computer system, the response to include one or more computer-executable instructions, wherein the response is based on a first request by a device to access the application; and
  
  sending, by the computer system, the modified response to the device;
  
  wherein execution of the one or more computer-executable instructions on the device causes the device to;
  
  obtain, from the computer system, a plurality of credentials associated with a user of the device;
  
  invoke an automated logon chooser process that, until a successful logon is detected, for each credential of the plurality of credentials, submits the credential to the application for logon; and
  
  in response to detecting the successful logon to the application, send, to the computer system, a second request to update a user credential associated with the user for the application with the credential that resulted in the successful logon.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the automated logon chooser process is further configured to:
    - display, at the device, an interface that enables selection of a credential from the plurality of credentials;
      
      submit the selected credential to the application for logon; and
      
      detect whether authentication of the user is successful.
  - 3. The method of claim 2:
    - wherein the execution of the one or more computer-executable instructions further causes the device to obtain, from the computer system, a page template and match the page template to a page received from the application; and
      
      wherein submitting the selected credential to the application for logon comprises injecting the selected credential into one or more fields on the matched page and submitting the matched page with the selected credential to the application.
  - 4. The method of claim 1, wherein execution of the one or more computer-executable instructions on the device causes the device to:
    - for each credential the automated logon chooser process submits to the application for logon;
      
      monitor a status of submitting the credential to the application for logon; and
      
      detect whether authentication of the user is successful using the credential.
  - 5. The method of claim 1, wherein the execution of the one or more computer-executable instructions further causes the device to:
    - identify a platform associated with the device; and
      
      execute one or more operations at the device based on the identified platform.
  - 6. The method of claim 5, wherein the platform is determined based on a type of browser application, a type of operating system, a type of the device, or a combination thereof.
  - 7. The method of claim 1, further comprising:
    - receiving, at the computer system, the first request from the device to access the application;
      
      sending, by the computer system, the first request to the application; and
      
      receiving, at the computer system, the response from the application.
  - 8. The method of claim 1, wherein the one or more computer-executable instructions are based on JavaScript code.

9. A system comprising:
- one or more processors; and
  
  a memory accessible to the one or more processors, the memory storing one or more instructions which, upon execution by the one or more processors, causes the one or more processors to;
  
  based on a response received from an application, modify the response to include one or more computer-executable instructions, wherein the response is based on a first request by a device to access the application; and
  
  send the modified response to the device;
  
  wherein execution of the one or more computer-executable instructions on the device causes the device to;
  
  obtain, from the system, a plurality of credentials associated with a user of the device;
  
  invoke an automated logon chooser process that, until a successful logon is detected, for each credential of the plurality of credentials, submits the credential to the application for logon; and
  
  in response to detecting the successful logon to the application, send, to the system, a second request to update a user credential associated with the user for the application with the credential that resulted in the successful logon.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the automated logon chooser process is further configured to:
    - display, at the device, an interface that enables selection of a credential from the plurality of credentials;
      
      submit the selected credential to the application for logon; and
      
      detect whether authentication of the user is successful.
  - 11. The system of claim 10:
    - wherein the execution of the one or more computer-executable instructions further causes the device to obtain, from the system, a page template and match the page template to a page received from the application; and
      
      wherein submitting the selected credential to the application for logon comprises injecting the selected credential into one or more fields on the matched page and submitting the matched page with the selected credential to the application.
  - 12. The system of claim 9, wherein execution of the one or more computer-executable instructions on the device causes the device to:
    - for each credential the automated logon chooser process submits to the application for logon;
      
      monitor a status of submitting the credential to the application for logon; and
      
      detect whether authentication of the user is successful using the credential.
  - 13. The system of claim 9, wherein the execution of the one or more computer-executable instructions further causes the device to:
    - identify a platform associated with the device; and
      
      execute one or more operations at the device based on the identified platform.
  - 14. The system of claim 13, wherein the platform is determined based on a type of browser application, a type of operating system, a type of the device, or a combination thereof.
  - 15. The system of claim 9, further comprising:
    - receiving the first request from the device to access the application;
      
      sending the first request to the application; and
      
      receiving the response from the application.
  - 16. The system of claim 9, wherein the one or more computer-executable instructions are based on JavaScript code.

17. A method comprising:
- sending, by a device, to a computer system, a first request to access an application; and
  
  based on the first request, receiving, by the device, from the computer system, a response including one or more computer-executable instructions;
  
  executing, by the device, the one or more computer-executable instructions that are included in the response received from the computer system, wherein execution of the one or more computer-executable instructions causes the device to;
  
  obtain, from the computer system, a plurality of credentials associated with a user of the device;
  
  invoke an automated logon chooser process that, until a successful logon is detected, for each credential of the plurality of credentials, submits the credential to the application for logon; and
  
  in response to detecting the successful logon to the application, send, to the computer system, a second request to update a user credential associated with the user for the application with the credential that resulted in the successful logon.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, wherein the automated logon chooser process is further configured to:
    - display, at the device, an interface that enables selection of a credential from the plurality of credentials;
      
      submit the selected credential to the application for logon; and
      
      detect whether authentication of the user is successful.
  - 19. The method of claim 18:
    - wherein the execution of the one or more computer-executable instructions further causes the device to obtain, from the computer system, a page template and match the page template to a page received from the application; and
      
      wherein submitting the selected credential to the application for logon comprises injecting the selected credential into one or more fields on the matched page and submitting the matched page with the selected credential to the application.
  - 20. The method of claim 17, wherein execution of the one or more computer-executable instructions on the device causes the device to:
    - for each credential the automated logon chooser process submits to the application for logon;
      
      monitor a status of submitting the credential to the application for logon; and
      
      detect whether authentication of the user is successful using the credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Manza, Marc B., Sorial, Ayman, Valenti, Anthony Robert, Weiser, Yitzchak, Folkins, Andrew Bennett
Primary Examiner(s)
ZAIDI, SYED A

Application Number

US15/463,951
Publication Number

US 20170195317A1
Time in Patent Office

540 Days
Field of Search

726 1
US Class Current
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/0815   providing single-sign-on or...

H04L 63/0838   using one-time-passwords

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

Web-based single sign-on with form-fill proxy application

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

45 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Web-based single sign-on with form-fill proxy application

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others