Whitelist construction
First Claim
Patent Images
1. A method comprising:
- constructing, by an access manager of an access management system executing an access manager application, a whitelist of valid redirection addresses, wherein the whitelist is constructed based on redirection addresses that are approved by a user during a prior logout from the application or based on preapproved logout redirection addresses;
receiving, by the access manager, a request to log out the user from the application executing on a device;
determining, by the access manager, a redirection address for redirecting the user after logging out from the application, wherein the redirection address comprises a Uniform Resource Locator (URL) to which the user is redirected after log out from the application, wherein the URL comprises a logout Uniform Resource Locator (URL) and an end URL associated with the application of the access management system;
validating, by the access manager, the redirection address, wherein the validating the redirection address comprises determining whether the redirection address is on the constructed whitelist of valid redirection addresses to which the user can be redirected after logging out from the application; and
based on the validation, causing, by the access manager, the application to perform one of redirecting the user to the redirection address and determining whether to add the redirection address to the whitelist of valid redirection addresses.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques are provided for of constructing a whitelist of redirection uniform resource locators (URLs). A method can include receiving, by a computing system executing an access manager application, a request to log out a user from an application executing on a device; determining, by the access manager application, a redirection address for the application; validating, by the access manager application, the redirection address; and based on the validation, causing, by the access manager application, the application to perform one of redirecting the user to the redirection address and determining addition of the redirection address to a list of valid redirection addresses.
25 Citations
19 Claims
-
1. A method comprising:
-
constructing, by an access manager of an access management system executing an access manager application, a whitelist of valid redirection addresses, wherein the whitelist is constructed based on redirection addresses that are approved by a user during a prior logout from the application or based on preapproved logout redirection addresses; receiving, by the access manager, a request to log out the user from the application executing on a device; determining, by the access manager, a redirection address for redirecting the user after logging out from the application, wherein the redirection address comprises a Uniform Resource Locator (URL) to which the user is redirected after log out from the application, wherein the URL comprises a logout Uniform Resource Locator (URL) and an end URL associated with the application of the access management system; validating, by the access manager, the redirection address, wherein the validating the redirection address comprises determining whether the redirection address is on the constructed whitelist of valid redirection addresses to which the user can be redirected after logging out from the application; and based on the validation, causing, by the access manager, the application to perform one of redirecting the user to the redirection address and determining whether to add the redirection address to the whitelist of valid redirection addresses. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium storing a plurality of instructions executable by one or more processors to cause the one or more processors to perform operations, comprising:
-
constructing, by an access manager of an access management system executing an access manager application, a whitelist of valid redirection addresses, wherein the whitelist is constructed based on redirection addresses that are approved by a user during a prior logout from the application or based on preapproved logout redirection addresses; receiving, by the access manager, a request to log out the user from the application executing on a device; determining, by the access manager, a redirection address for redirecting the user after logging out from the application, wherein the redirection address comprises a Uniform Resource Locator (URL) to which the user is redirected after log out from the application, wherein the URL comprises a logout Uniform Resource Locator (URL) and an end URL associated with the application of the access management system; validating, by the access manager, the redirection address, wherein the validating the redirection address comprises determining whether the redirection address is on the constructed whitelist of valid redirection addresses to which the user can be redirected after logging out from the application; and based on the validation, causing, by the access manager, the application to perform one of redirecting the user to the redirection address, and determining addition of the redirection address to a list of valid redirection addresses. - View Dependent Claims (14, 15, 16)
-
-
17. An access management system comprising:
-
a memory; and one or more processors coupled to the memory and configured to; construct, by an access manager of the access management system executing an access manager application, a whitelist of valid redirection addresses, wherein the whitelist is constructed based on redirection addresses that are approved by a user during a prior logout from the application or based on preapproved logout redirection addresses; receive, by the access manager, a request to log out the user from the application executing on a device; determine, by the access manager, a redirection address for redirecting the user after logging out from the application, wherein the redirection address comprises a Uniform Resource Locator (URL) to which the user is redirected after log out from the application, wherein the URL comprises a logout Uniform Resource Locator (URL) and an end URL associated with the application of the access management system; validate, by the access manager, the redirection address, wherein the validating the redirection address comprises determining whether the redirection address is on the constructed whitelist of valid redirection addresses to which the user can be redirected after logging out from the application; and based on the validation, cause, by the access manager, the application to perform one of redirecting the user to the redirection address, and determining addition of the redirection address to the whitelist of valid redirection addresses. - View Dependent Claims (18, 19)
-
Specification