SECURITY SESSION AUTHENTICATION SYSTEM AND METHOD
First Claim
1. A method for facilitating the sharing of data pertinent to a user system between a first domain and a second domain, wherein said second domain is in a session with said user system, the method comprising:
- establishing a network session between said user system and said second domain, wherein said session is at least one of secure or non-secure, and wherein said second domain and said first domain are configured to interactively communicate with each other;
receiving a request from said user system to said second domain for a resource, wherein access to said resource includes authorization by said first domain;
determining the presence of at least one secure token in a cookie set by said second domain on said user system, wherein said secure token originates with said first domain and relates at least to an authorization of said user system to access said resource;
determining the validity of said secure token, if said secure token is present;
redirecting said request to said first domain, if said secure token is not present; and
if said secure token is present, and is valid, incorporating said secure token in a request to said first domain to keep the state of the session between said user system and said first domain as active.
4 Assignments
0 Petitions
Accused Products
Abstract
Sharing of data between one domain and at least one other domain over a network is facilitated by the use of tokens. A user token set in a cookie stored on the user'"'"'s system at log-on to a first domain is used to create, or is associated with, a secure token passed by a first domain to a second domain when the user, in a session with the second domain, requests resources, access to which includes authorization by a first domain. The secure token facilitates various actions pertinent to a user in a session with said second domain, including, for example, the maintenance of an active, concurrent session between a user and a first domain, and authentication and authorization without log-on at a second domain or other domains.
159 Citations
25 Claims
-
1. A method for facilitating the sharing of data pertinent to a user system between a first domain and a second domain, wherein said second domain is in a session with said user system, the method comprising:
-
establishing a network session between said user system and said second domain, wherein said session is at least one of secure or non-secure, and wherein said second domain and said first domain are configured to interactively communicate with each other;
receiving a request from said user system to said second domain for a resource, wherein access to said resource includes authorization by said first domain;
determining the presence of at least one secure token in a cookie set by said second domain on said user system, wherein said secure token originates with said first domain and relates at least to an authorization of said user system to access said resource;
determining the validity of said secure token, if said secure token is present;
redirecting said request to said first domain, if said secure token is not present; and
if said secure token is present, and is valid, incorporating said secure token in a request to said first domain to keep the state of the session between said user system and said first domain as active. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer system for facilitating the sharing of data pertinent to a user system between a first domain and a second domain, wherein said second domain is in a session with said user system, comprising:
-
a module configured to establish a network session between said user system and said second domain, wherein said session is at least one of secure or non-secure;
a module configured to establish interactive communication between said first domain and said second domain;
a module configured to receive a request made by said user system to said second domain for a resource, wherein access to said resource includes authorization by said first domain;
a module configured to substantially determine the presence of at least one secure token in a cookie set by said second domain on said user system, wherein said secure token originates with said first domain and relates at least to an authorization of said user system to access said resource;
a module configured to substantially determine the validity of said secure token, if said secure token is present;
a module configured to redirect said request to said first domain, if said secure token is not present; and
if said secure token is present, and is valid, a module configured to use said secure token in a request to said first domain to keep the state of the session between said user system and said first domain as active. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for facilitating the sharing of data pertinent to a user system between a first domain and a second domain, wherein said second domain is in a session with said user system, the method comprising:
-
establishing a network session between said user system and said second domain, wherein said session is at least one of secure or non-secure, and wherein said second domain and said first domain are configured to interactively communicate with each other;
receiving, on redirect from said second domain, a request made by said user system to said second domain for a resource, wherein access to said resource includes authorization by said first domain;
determining the presence of at least one user token in a cookie set by said first domain on said user system, wherein said user token originates with said first domain and relates at least to a log-on of said user system to said first domain;
determining the validity of said user token, if said user token is present;
if said user token is at least one of not present and not valid, said user system logging-on, and, upon valid log-on, setting a user token in a cookie on said user system, which user token relates at least to said log-on; and
if said user token is present, and said user token is valid, including a secure token in said first domain response to said redirect from said second domain, wherein said secure token relates to the authorization of said user system to request said resource. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer system for facilitating the sharing of data pertinent to a user system between a first domain and a second domain, wherein said second domain is in a session with said user system, comprising:
-
a module configured to establish a network session between said user system and said first domain, wherein said session is at least one of secure and non-secure;
a module configured to facilitate interactive communication between said first domain and said second domain;
a module configured to receive, on redirect from said second domain, a request made by said user system to said second domain for a resource, wherein access to said resource includes authorization by said first domain;
a module configured to substantially determine the presence of at least one user token in a cookie set by said first domain on said user system, wherein said user token originates with said first domain and relates at least to a log-on of said user system to said first domain;
a module configured to substantially determine the validity of said user token, if said user token is present;
if said user token is at least one of not present and not valid, said user system logging-on, and, upon valid log-on, setting a user token in a cookie on said user system, which token relates at least to said log-on; and
if said user token is present, and is valid, a module configured to include a secure token in said first domain'"'"'s response to said redirect from said second domain, wherein said secure token relates to the authorization of said user system to request said resource. - View Dependent Claims (19, 20, 21)
-
- 22. A secure token comprising computer readable program code relating at least to the authorization of a user system in a session with a second domain, which session is one of secure or non-secure, to access a resource, wherein access to said resource includes authorization by a first domain, and wherein said computer readable program code derives from a secure token included by said first domain in a response to a redirect by said second domain of a request for said resource, which secure token is included in a cookie set by the second domain on the user system, and wherein said secure token is associated with a user token in a cookie set by said first domain on said user system at log-on to said first domain.
-
25. A method for facilitating the sharing of data pertinent to a user system between a first domain and a second domain, wherein said second domain is in a session with said user system, the method comprising:
-
establishing a network session between said user system and said second domain, wherein said session is at least one of secure or non-secure, and wherein said second domain and said first domain are configured to interactively communicate with each other;
receiving a request from said user system to said second domain for a resource, wherein access to said resource includes authorization by said first domain;
requesting, by said second domain, authentication of said user session at said first domain;
determining the validity of said authentication, if said authentication is present;
redirecting said request to said first domain, if said authentication is not valid; and
if said authentication is valid, maintaining the state of the session between said user system and said first domain as active.
-
Specification