Multiuser Web Service Sign-In Client Side Components

US 20080046983A1
Filed: 08/11/2006
Published: 02/21/2008
Est. Priority Date: 08/11/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a directive to transfer a currently authenticated user account associated with a first application executed on a client to a second application executable on the client; and

responsive to the directive;

obtaining data describing the currently authenticated user account associated with the first application; and

utilizing the obtained data to cause authentication of the user account with respect to the second application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of multi-user web service sign-in client side components are presented herein. In an implementation, the currently authenticated user account of a first application of a client is transferred to another application of a client. In another implementation, a common credential store is used to share data for a plurality of user accounts associated with a client between a plurality of applications of the client, and for the applications to output multi-user interfaces having portions corresponding to the plurality of accounts.

119 Citations

20 Claims

1. A method comprising:
- receiving a directive to transfer a currently authenticated user account associated with a first application executed on a client to a second application executable on the client; and
  
  responsive to the directive;
  
  obtaining data describing the currently authenticated user account associated with the first application; and
  
  utilizing the obtained data to cause authentication of the user account with respect to the second application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method as recited in claim 1 further comprising exposing on the client an authentication interface callable via a plurality of applications of the client to perform a transfer of the currently authenticated user account, wherein the authentication interface performs the receiving of and responding to the directive.
  - 3. A method as recited in claim 2, wherein the authentication interface is configured to:
    - communicate with an authentication service via a network for each of a plurality of applications of the client to cause authentication of user accounts with respect to the plurality of applications;
      
      responsive to the communication, receive authentication data indicative of successful authentication of a particular user account with respect to each respective application; and
      
      responsive to a directive from a respective application, export corresponding authentication data describing the currently authenticated user account to another application.
  - 4. A method as recited in claim 2, wherein:
    - the first application is configured as a web browser; and
      
      the authentication interface includes a browser add-in configured to allow web pages accessed via the web browser to communicate directives such that the directives are performed by the authentication interface.
  - 5. A method as recited in claim 2, wherein the authentication data is obtained by the authentication interface from a common credential store configured to maintain authentication data accessible by a plurality of applications of the client.
  - 6. A method as recited in claim 5, wherein the authentication interface is configured with one or more components to:
    - provide interactions between a browser application and the common credential store; and
      
      provide interactions between one or more smart client applications and the common credential store.
  - 7. A method as recited in claim 6, wherein the interactions are limited based upon a list specifying which applications and domains are permitted to interact with the common credential store.
  - 8. A method as recited in claim 6, wherein the interactions provided include one or more of:
    - adding data to the store;
      
      removing data from the store;
      
      determining the currently authenticated user of a client application;
      
      managing an user account profile;
      
      retrieving authentication data associated with an authenticated user account; and
      
      retrieving user customized data for one or more user accounts for inclusion in a user interface.
  - 9. A method as recited in claim 2, wherein the authentication interface, responsive to the directive is further configured to:
    - compare the currently authenticated user accounts associated with the first and second application; and
      
      when the authenticated user accounts differ, utilize the data describing the currently authenticated user account associated with the first application to the transfer the authenticated user account to the second application.
  - 10. A method as recited in claim 1, wherein at least one said application is a smart client application configured to provide functionality selected from the group consisting of:
    - email;
      
      instant messaging;
      
      office productivity;
      
      multimedia management;
      
      content authoring; and
      
      software development.
  - 11. A method as recited in claim 1, wherein utilizing the obtained data includes providing the data via a network to an authentication service to authenticate the user account with respect to the second application.

12. One or more computer-readable media comprising computer executable instructions that, when executed, direct a client to utilize authentication data describing a currently authenticated user account associated with a first application to transfer the user account to a second application.
- View Dependent Claims (13, 14, 15)
- - 13. One or more computer readable media comprising as recited in claim 12, wherein the transferring includes:
    - obtaining the authentication data from a common credential store; and
      
      providing the authentication data to a second application executing on the client, such that the user account is authenticated with respect to the second application.
  - 14. One or more computer readable media comprising as recited in claim 12, wherein the transferring includes:
    - obtaining the authentication data from a common credential store; and
      
      providing the authentication data to an authentication service via a network client to authenticate the user account with respect to the second application.
  - 15. One or more computer readable media as recited in claim 12, wherein:
    - the authentication data includes an authentication token issued over a network to the client by an authentication service upon successful authentication of the user account with respect to the first application; and
      
      the authentication token is utilized to cause authentication of user account with respect to the second application.

16. A method comprising:
- storing user account data corresponding to a plurality of user accounts associated with a client in a common credential store; and
  
  providing access to the common credential store by the client such that a plurality of applications accessible by the client are able to form a user interface from the user account data having representative portions for each of the plurality of accounts.
- View Dependent Claims (17, 18, 19, 20)
- - 17. A method as recited in claim 16, wherein each portion is selectable to cause authentication to the corresponding user account.
  - 18. A method as recited in claim 16, wherein at least one portion displayed in the user interface corresponds to an account which is not currently authenticated on the client.
  - 19. A method as recited in claim 16, wherein:
    - the user account data for at least one user account includes one or more customized user elements which are included in the corresponding portion displayed for the respective user account; and
      
      the customized user elements are selected from the group consisting of;
      
      a user tile, a user name, an alias, graphics, audio, animation, video, text selection, color selection, font, a color scheme, and an image.
  - 20. A method as recited in claim 16, wherein the user account data includes a listing of a plurality of user accounts used by the client which is configured to be deciphered by a client application when forming the user interface to determine.the set of user accounts to represent in the user interface;
    - andthe order in which the corresponding portions are displayed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Chow, Trevin M., Jain, Naresh, Chen, Rui, Chan, Kok Wai, Lester, Erren Dusan, Ayres, Lynn C.

Granted Patent

US 8,458,775 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/41   where a single sign-on prov...

G06F 2221/2149   Restricted operating enviro...

H04L 51/04   Real-time or near real-time...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

Multiuser Web Service Sign-In Client Side Components

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

119 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Multiuser Web Service Sign-In Client Side Components

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

119 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links