SINGLE SIGN ON WITH MULTIPLE AUTHENTICATION FACTORS
First Claim
1. A method for authenticating a client to multiple server resources each with a standalone authentication system, the method comprising:
- initiating a login session with the authentication system of a primary one of the multiple server resources;
transmitting a first set of login credentials from the client to the authentication system of the primary one of the multiple server resources;
validating the client to the primary one of the multiple server resources based upon the first set of login credentials;
storing on the client a token received from the authentication system of the primary one of the multiple resources;
transmitting the token and a second set of login credentials different from the first set of login credentials to a secondary one of the multiple server resources, the second set of login credentials being retrieved from the client; and
validating the client to the authentication system of the secondary one of the multiple server resources based upon the transmitted token and the second set of login credentials.
6 Assignments
0 Petitions
Accused Products
Abstract
The authentication of a client to multiple server resources with a single sign-on procedure using multiple factors is disclosed. One contemplated embodiment is a method in which a login session is initiated with the authentication system of a primary one of the multiple server resources. A first set of login credentials is transmitted thereto, and validated. A token is stored on the client indicating that the initial authentication was successful, which is then used to transition to a secondary one of the multiple resources. A second set of login credentials is also transmitted, and access to the secondary one of the multiple resources is granted on the basis of a validated token and second set of login credentials.
109 Citations
19 Claims
-
1. A method for authenticating a client to multiple server resources each with a standalone authentication system, the method comprising:
-
initiating a login session with the authentication system of a primary one of the multiple server resources; transmitting a first set of login credentials from the client to the authentication system of the primary one of the multiple server resources; validating the client to the primary one of the multiple server resources based upon the first set of login credentials; storing on the client a token received from the authentication system of the primary one of the multiple resources; transmitting the token and a second set of login credentials different from the first set of login credentials to a secondary one of the multiple server resources, the second set of login credentials being retrieved from the client; and validating the client to the authentication system of the secondary one of the multiple server resources based upon the transmitted token and the second set of login credentials. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for authenticating a client to multiple server resources each with a standalone authentication system, comprising;
-
receiving a first set of login credentials from the client to the authentication system of a primary one of the multiple server resources; validating the client to the primary one of the multiple server resources based upon the first set of login credentials; transmitting to the client a token generated by the authentication system of the primary one of the multiple resources in response to a successful validation of the first set of login credentials; receiving on a secondary one of the multiple server resources the token and a second set of login credentials different from the first set of login credentials, the second set of login credentials being retrieved from the client; and validating the client to the authentication system of the secondary one of the multiple server resources based upon the received token and the second set of login credentials. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An article of manufacture comprising a program storage medium readable by a computer, the medium tangibly embodying one or more programs of instructions executable by the computer to perform a method for authenticating a client to multiple server resources each with a standalone authentication system, the method comprising;
-
receiving a first set of login credentials from the client to the authentication system of a primary one of the multiple server resources; validating the client to the primary one of the multiple server resources based upon the first set of login credentials; transmitting to the client a token generated by the authentication system of the primary one of the multiple resources; receiving on a secondary one of the multiple server resources the token and a second set of login credentials different from the first set of login credentials, the second set of login credentials being retrieved from the client; and validating the client to the authentication system of the secondary one of the multiple server resources based upon the received token and the second set of login credentials.
-
Specification