SINGLE SIGN-ON FOR WEB APPLICATIONS
First Claim
1. A method for allowing access to a plurality of target applications after a single sign-on, the method comprising:
- detecting, after the single sign-on, a request to access a target application of the plurality of target applications, the request including a federated single sign-on (FSSO) attributes cookie;
determining user attributes from the FSSO attributes cookie;
determining, based on the FSSO attributes cookie, a configuration associated with the target application, wherein the configuration indicates a format for one or more of the user attributes, and wherein the format is associated with the target application;
creating a data structure according to the configuration, wherein the data structure includes one or more of the user attributes arranged in the format; and
providing the data structure to the target application.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for providing identity and other attributes to sign-on web applications in configurable application specific formats are described herein. In some embodiments, a method for allowing access to a plurality of target applications after single sign-on includes detecting, after the single sign-on, a request to access a target application of the plurality of target applications, the request including a federated single sign-on (FSSO) attributes cookie. The method can also comprise determining user attributes from the FSSO attributes cookie and determining a configuration associated with the target application, wherein the configuration indicates a format for one or more of the user attributes, and wherein the format is associated with the target application. The method can also include creating a data structure according to the configuration, wherein the data structure includes one or more of the user attributes arranged in the format and providing the data structure to the target application.
-
Citations
20 Claims
-
1. A method for allowing access to a plurality of target applications after a single sign-on, the method comprising:
-
detecting, after the single sign-on, a request to access a target application of the plurality of target applications, the request including a federated single sign-on (FSSO) attributes cookie; determining user attributes from the FSSO attributes cookie; determining, based on the FSSO attributes cookie, a configuration associated with the target application, wherein the configuration indicates a format for one or more of the user attributes, and wherein the format is associated with the target application; creating a data structure according to the configuration, wherein the data structure includes one or more of the user attributes arranged in the format; and providing the data structure to the target application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system configured to allow access to a plurality of target applications after a single sign-on, the apparatus comprising:
-
a service provider configured to host a plurality of target applications residing in one or more web environments; a federated single sign-on (FSSO) system configured to authenticate a user, establish the user'"'"'s credentials, and generate an FSSO attributes cookie, an FSSO adapter configured to detect, after the single sign-on, a request to access a target application of the plurality of target applications, the request including the federated single sign-on (FSSO) attributes cookie, determine user attributes for the FSSO attributes cookie, determine a configuration associated with the target application, wherein the configuration indicates a format for one or more of the user attributes, and wherein the format is associated with the target application, create a data structure according to the configuration, wherein the data structure includes one or more of the user attributes arranged in the format, and provide the data structure to the target application. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. One or more machine-readable media having stored therein a program product, which when executed, causes a set of one or more processor units to perform operations for allowing access to a plurality of target applications after a single sign-on, the operations comprising:
-
detecting, after the single sign-on, a request to access a target application of the plurality of target applications, the request including a federated single sign-on (FSSO) attributes cookie; determining user attributes from the F-SSO attributes cookie; determining a configuration associated with the target application, wherein the configuration indicates a format for one or more of the user attributes, and wherein the format is associated with the target application; creating a data structure according to the configuration, wherein the data structure includes one or more of the user attributes arranged in the format; and providing the data structure to the target application. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification