Authentication proxy agent
First Claim
Patent Images
1. A server comprising:
- an authentication engine configured to cause at least one processor of the server to receive, at the server, an authentication request and credentials from a client;
store the credentials at the server;
generate, at the server, a proxy agent;
send, from the proxy agent, the credentials to an identity provider to authenticate the client on behalf of the client, using the credentials;
receive, at the proxy agent, an assertion of authentication of the client from the identity provider;
create a session for the client, based on the assertion; and
delete the stored credentials at the server.
10 Assignments
0 Petitions
Accused Products
Abstract
An authentication engine may be configured to receive an authentication request and credentials from a client. The authentication engine may then generate a proxy agent configured to interact with an identity provider to authenticate the client on behalf of the client, using the credentials. In this way, the authentication engine may receive an assertion of authentication of the client from the identity provider, by way of the proxy agent.
64 Citations
20 Claims
-
1. A server comprising:
an authentication engine configured to cause at least one processor of the server to receive, at the server, an authentication request and credentials from a client; store the credentials at the server; generate, at the server, a proxy agent; send, from the proxy agent, the credentials to an identity provider to authenticate the client on behalf of the client, using the credentials; receive, at the proxy agent, an assertion of authentication of the client from the identity provider; create a session for the client, based on the assertion; and delete the stored credentials at the server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A method comprising:
-
receiving, at a server, an authentication request and credentials from a client; storing the credentials at the server; generating, at the server, a proxy agent; sending, from the proxy agent, the credentials to an identity provider to authenticate the client on behalf of the client, using the credentials; receiving, at the proxy agent, an assertion of authentication of the client from the identity provider; creating a session for the client, based on the assertion; and deleting the stored credentials at the server. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computer program product including instructions recorded on a non-transitory computer readable storage medium and configured to cause at least one processor to:
-
receive, at a server, an authentication request and credentials from a client; store the credentials at the server; generate, at the server, a proxy agent; send, from the proxy agent, the credentials to an identity provider to authenticate the client on behalf of the client, using the credentials; receive, at the proxy agent, an assertion of authentication of the client from the identity provider; create a session for the client, based on the assertion; and delete the stored credentials at the server. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification