Multiple Identity Management in an Electronic Commerce Site
First Claim
1. A method for managing multiple user identities for a user of an electronic commerce (e-commerce) site, the method comprising:
- defining the e-commerce site as a plurality of security domains; and
in response to a user'"'"'s request to invoke an operation of the e-commerce site;
identifying a type of user identity being used by the user, wherein types of user identities comprise a guest identity and a registered identity, wherein the guest identity is an unique temporary user identity assigned to a user for the life of the user'"'"'s session within the security domain, and wherein the registered identity is an unique identity that is reusable across sessions within the security domain;
determining if the type of user identity is appropriate to invoke the operation;
responsive to the type of user identity being appropriate to invoke the operation, determining a security domain of the plurality of security domains to which the operation relates;
selecting a session from a plurality of sessions based on the determined security domain; and
reusing the selected session for the user automatically in accordance with the determined security domain, the selected session being associated with a user identity and a role, the user identity and the role together indicating privileges for invoking operations of the e-commerce site in the determined security domain.
0 Assignments
0 Petitions
Accused Products
Abstract
In electronic commerce (e-commerce) sites that are executed on a single e-commerce application, a user'"'"'s session is only associated with a single user identity for e-commerce site domain. Acting under a single identity across the site may not be desired. There may be requirements to associate an individual user with one or more separate identities within parts of the site. Aspects of the invention provide a method, system and computer program product for managing multiple user identities for a user of an electronic commerce (e-commerce) site. The method comprises defining the e-commerce site as one or more security domains; and in response to a user'"'"'s request to invoke an operation of the e-commerce site: determining a one of the one or more security domains to which the operation relates; performing one of a) creating a session and b) reusing a session for the user automatically in accordance with the determined security domain, said session associated with a user identity and a role indicating privileges for invoking operations of the e-commerce site in at least the determined security domain; and persisting said session for reuse. The user'"'"'s request may be received in association with one or more sessions persisted for the user and a one of the sessions selected in accordance with the determined security domain. In response, either a session may be created or reused. Persisting may comprise providing one or more cookies defining the session to the user for associating with a subsequent request. In accordance with a feature of this aspect, the e-commerce site may define each of the one or more security domains as a hierarchy of organizations and assets owned by the organizations and the determining a one of the one or more security domains to which the operation relates may comprise evaluating the user'"'"'s request in accordance with the hierarchy.
-
Citations
30 Claims
-
1. A method for managing multiple user identities for a user of an electronic commerce (e-commerce) site, the method comprising:
-
defining the e-commerce site as a plurality of security domains; and in response to a user'"'"'s request to invoke an operation of the e-commerce site; identifying a type of user identity being used by the user, wherein types of user identities comprise a guest identity and a registered identity, wherein the guest identity is an unique temporary user identity assigned to a user for the life of the user'"'"'s session within the security domain, and wherein the registered identity is an unique identity that is reusable across sessions within the security domain; determining if the type of user identity is appropriate to invoke the operation; responsive to the type of user identity being appropriate to invoke the operation, determining a security domain of the plurality of security domains to which the operation relates; selecting a session from a plurality of sessions based on the determined security domain; and reusing the selected session for the user automatically in accordance with the determined security domain, the selected session being associated with a user identity and a role, the user identity and the role together indicating privileges for invoking operations of the e-commerce site in the determined security domain. - View Dependent Claims (2, 3, 4, 6, 9, 28)
-
-
5. (canceled)
-
7-8. -8. (canceled)
-
10. A computer readable medium tangibly embodying computer executable code for managing multiple user identities for a user of an electronic commerce (e-commerce) site defined using a plurality of security domains, wherein the computer executable code, when executed on a computing device, causes the computing device to:
in response to a user'"'"'s request to invoke an operation of the e-commerce site; identify a type of user identity being used by the user, wherein types of user identities comprise a guest identity and a registered identity, wherein the guest identity is an unique temporary user identity assigned to a user for the life of the user'"'"'s session within the security domain, and wherein the registered identity is an unique identity that is reusable across sessions within the security domain; determine if the type of user identity is appropriate to invoke the operation; responsive to the type of user identity being appropriate to invoke the operation, determine a security domain of the plurality of security domains to which the operation relates; select a session from a plurality of sessions based on the determined security domain; and reuse the selected session for the user automatically in accordance with the determined security domain, the selected session being associated with a user identity and a role, the user identity and the role together indicating privileges for invoking operations of the e-commerce site in the determined security domain. - View Dependent Claims (11, 12, 13, 15, 18, 29)
-
14. (canceled)
-
16-17. -17. (canceled)
-
19. A system for managing multiple user identities for a user of an electronic commerce (e-commerce) site defined using a plurality of security domains, the system comprising:
an identity manager component configured to, in response to a user'"'"'s request to invoke an operation of the e-commerce site; identify a type of user identity being used by the user, wherein types of user identities comprise a guest identity and a registered identity, wherein the guest identity is an unique temporary user identity assigned to a user for the life of the user'"'"'s session within the security domain, and wherein the registered identity is an unique identity that is reusable across sessions within the security domain; determine if the type of user identity is appropriate to invoke the operation; responsive to the type of user identity being appropriate to invoke the operation, determine a security domain of the plurality of security domains to which the operation relates; select a session from a plurality of sessions based on the determined security domain; and reuse the selected session for the user automatically in accordance with the determined security domain, the selected session being associated with a user identity and a role, the user identity and the role together indicating privileges for invoking operations of the e-commerce site in the determined security domain. - View Dependent Claims (20, 21, 22, 24, 30)
-
23. (canceled)
-
25-27. -27. (canceled)
Specification