Credential Sharing Between Multiple Client Applications
First Claim
1. A method for sharing user credentials between remote access client applications, comprising:
- receiving from a user a request to launch a remote access client application;
instantiating a credential repository, wherein the repository exposes interfaces for storing and deleting the user'"'"'s authentication credentials and associates the authentication credentials with a list of resources available to the user;
validating the request to launch a remote access client application;
attaching at least one of said authentication credentials to the request and sending the request to the remote access client application, wherein the at least one authentication credential can be used to authenticate the user and allow access to a resource associated with the remote access client application; and
deleting the credential repository upon receiving a logoff indication.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are techniques for sharing user credentials between multiple client applications when connecting to a set of remote resources. The mechanism enables a single sign-on between a terminal server web access service and the remote applications, remote desktops and corresponding terminal servers accessible through the service. User credentials may be received by one of the client applications and passed to a credential store running as a local software object in association with the user'"'"'s logon session. Further requests to launch a new remote connection may then pass through the credential store. Upon successful validation of the request, the credential store may attach user credential information to the request and pass the request to the requested client. The requested client may also execute as a software object associated with the current logon session. The client may then use the supplied credential for authentication to the requested resource or application.
108 Citations
20 Claims
-
1. A method for sharing user credentials between remote access client applications, comprising:
-
receiving from a user a request to launch a remote access client application; instantiating a credential repository, wherein the repository exposes interfaces for storing and deleting the user'"'"'s authentication credentials and associates the authentication credentials with a list of resources available to the user; validating the request to launch a remote access client application; attaching at least one of said authentication credentials to the request and sending the request to the remote access client application, wherein the at least one authentication credential can be used to authenticate the user and allow access to a resource associated with the remote access client application; and deleting the credential repository upon receiving a logoff indication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system adapted to share user credentials between remote access client applications, comprising:
-
at least one processor; and at least one memory communicatively coupled to said at least one processor, the memory having stored therein computer-executable instructions for; receiving from a user via a terminal services web access web page a request to launch a remote access client application; instantiating a credential repository, wherein the credential repository comprises the user'"'"'s authentication credentials stored in encrypted form such that only applications executing on behalf of the user during a current session can decrypt the credentials in the credential repository; validating the request to launch a remote access client application; attaching at least one of said authentication credentials to the request and sending the request to a resource associated with the remote access client application; and deleting the credential repository upon receiving a logoff indication. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer readable storage medium storing thereon computer executable instructions for sharing user credentials between remote access client applications, the medium comprising instructions for:
-
receiving from a user a request to initiate a logon session and launch a first remote access client application; instantiating a credential repository for the user comprising the user'"'"'s authentication credentials; validating the request to launch the first remote access client application; attaching a first user credential to the request and sending the request to a first resource associated with the first remote access client application; redirecting a request to launch a second remote access client application to the credential repository; validating the request to launch the second remote access client application; and attaching a second user credential to the request to launch a second remote access client application and sending the request to a second resource associated with the second remote access client application. - View Dependent Claims (19, 20)
-
Specification