Single sign-on method for web-based applications
First Claim
1. A method for single-sign on of a user on a client machine to one or more target applications on target application servers in a computer information-processing network, comprising:
- accessing an access server from said client machine;
entering user-specific access server logon credentials for logon and access to said access server;
selecting a target application;
presenting to said target application by said access server, previously stored user-specific target application logon credentials for logon and access to said target application in a form and according to a protocol recognizable by said target application and thereby logging into said target application on behalf of the user and establishing a target application session;
sending from said access server to said client machine, information for establishing a connection from said client machine to said target application; and
establishing a target application session, bypassing said access server, between said client machine and said target application.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for single-sign on of a user on a client machine to one or more target applications on target application servers in a computer information-processing network, including: accessing an access server from the client machine; entering user-specific access server logon credentials for logon and access to the access server; selecting a target application; presenting to the target application by the access server, previously stored user-specific target application logon credentials for logon and access to the target application in a form and according to a protocol recognizable by the target application thereby logging into the target application on behalf of the user and establishing a target application session; sending from the access server to the client machine, information for establishing a connection from the client machine to the target application; and establishing a target application session, bypassing the access server, between the client machine and the target application.
159 Citations
25 Claims
-
1. A method for single-sign on of a user on a client machine to one or more target applications on target application servers in a computer information-processing network, comprising:
-
accessing an access server from said client machine;
entering user-specific access server logon credentials for logon and access to said access server;
selecting a target application;
presenting to said target application by said access server, previously stored user-specific target application logon credentials for logon and access to said target application in a form and according to a protocol recognizable by said target application and thereby logging into said target application on behalf of the user and establishing a target application session;
sending from said access server to said client machine, information for establishing a connection from said client machine to said target application; and
establishing a target application session, bypassing said access server, between said client machine and said target application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system architecture for single-sign on of a user on a client machine to one or more target applications on target application servers in a computer information-processing network, comprising:
-
means for accessing an access server from said client machine;
means for entering user-specific access server logon credentials for logon and access to said access server;
means for selecting a target application;
means for presenting to said target application by said access server, previously stored user-specific target application logon credentials for logon and access to said target application in a format and according to a protocol recognizable by said target application and thereby logging into said target application on behalf of the user and establishing a target application session;
means for sending from said access server to said client machine, information for establishing a link from said client machine to said target application; and
means for establishing a target application session, bypassing said access server, between said client machine and said target application. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A program storage device readable by machine, tangibly embodying a program of instructions executable by the machine to perform method steps for single-sign on of a user on a client machine to one or more target applications on target application servers in a computer information-processing network said method steps comprising:
-
facilitating access to an access server from said client machine;
facilitating entering of user-specific access server logon credentials for logon and access to said access server;
selecting a target application;
presenting to said target application by said access server, previously stored user-specific target application logon credentials for logon and access to said target application in form and according to a protocol recognizable by said target application and thereby logging into said target application on behalf of the user and establishing a target application session; and
establishing target application session, bypassing said access server, between said client machine and said target application.
-
-
23. An access server connectable in an information process network, comprising:
-
at least one processor;
a memory;
a computer program supported in said memory for enabling access to access to a target application on a target application server linked to said information-processing network, the computer program comprising;
means for accessing said access server from said client machine;
means for entering user-specific access server logon credentials for logon and access to said access server;
means for selecting said target application;
means for presenting to said target application by said access server, previously stored user-specific target application logon credentials for logon and access to said target application in a form and according to a protocol recognizable by said target application and thereby logging into said target application on behalf of the user and establishing a target application session; and
means for establishing a target application session, bypassing said access server, between said client machine and said target application. - View Dependent Claims (24, 25)
-
Specification