Session activity tracking for session adoption across multiple data centers
First Claim
1. A method comprising:
- receiving, by a first computer system, a request to authenticate a user for a first session previously established at the first computer system, wherein the first session is inactive;
determining, by the first computer system, based on session adoption data, that a second session hosted on a second computer system is associated with the first session;
determining, by the first computer system, based on second session activity data of the second session obtained by the first computer system from the second computer system using the session adoption data, that the second session is active; and
based on determining that the second session is active, authenticating, by the first computer system, the user for the first session without requesting any credentials from the user.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are disclosed for managing session activity of SSO access across multiple data centers. Session activity of SSO access is managed across multiple geographically disperse computing systems clustered together to form a multi-data center (MDC) system. A first data center in the MDC system may implement session adoption to manage an SSO session of the user in the MDC system. Information about subsequent sessions established by other data centers may be adopted by the first data center. The first data center may obtain session activity data from each session that is adopted for the user. The session activity may be used to determine whether SSO session is active for the user across data centers in the MDC system. Authorization to access a resource at any data center in the MDC system may be granted based on the status of the SSO session using session adoption among the data centers.
160 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a first computer system, a request to authenticate a user for a first session previously established at the first computer system, wherein the first session is inactive; determining, by the first computer system, based on session adoption data, that a second session hosted on a second computer system is associated with the first session; determining, by the first computer system, based on second session activity data of the second session obtained by the first computer system from the second computer system using the session adoption data, that the second session is active; and based on determining that the second session is active, authenticating, by the first computer system, the user for the first session without requesting any credentials from the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
one or more processors; and a memory accessible to the one or more processors, the memory storing a set of instructions which, when executed by the one or more processors, causes the one or more processors to perform; receiving a request to authenticate a user for a first session previously established at a first computer system, wherein the first session is inactive; determining, based on session adoption data, that a second session hosted on a second computer system is associated with the first session; determining, by the first computer system, based on second session activity data of the second session obtained by the first computer system from the second computer system using the session adoption data, that the second session is active; and based on determining that the second session is active, authenticating, by the first computer system, the user for the first session without requesting any credentials from the user. - View Dependent Claims (14, 15)
-
-
16. A non-transitory computer-readable medium storing a set of instructions that are executable by one or more processors to cause the one or more processors to:
-
receive a request to authenticate a user for a first session previously established at a first computer system, wherein the first session is inactive; determine, based on session adoption data, that a second session hosted on a second computer system is associated with the first session; determine, based on second session activity data of the second session obtained by the first computer system from the second computer system using the session adoption data, that the second session is active; and based on a determination that the second session is active, authenticate the user for the first session without requesting any credentials from the user. - View Dependent Claims (17, 18, 19, 20)
-
Specification