Systems and Methods for Providing Single Sign On Access to Enterprise SAAS and Cloud Hosted Applications
First Claim
1. A method for providing via an intermediary device single sign on across one or more disparately hosted applications, the method comprising:
- (a) intercepting, by a device intermediary to a plurality of clients and a plurality of servers, a first request of a client to access a login page of a third-party hosted application of a plurality of disparately hosted applications accessible via the device using a single set of authentication credentials;
(b) redirecting, by the device, the client to a single sign on system providing single sign on access to one or more third-party hosted applications of the plurality of disparately hosted applications;
(c) intercepting, by the device, a second request from the client to sign on to a fully qualified domain name corresponding to a domain of the third-party hosted application;
(d) redirecting, by the device responsive to a policy applied to content of the second request, the second request to the single sign on system; and
(e) forwarding, by the device to the domain of the third-party hosted application. the second request redirected by the single sign on system to the domain.
8 Assignments
0 Petitions
Accused Products
Abstract
The solution of the present application addresses the problem of authentication across disparately hosted systems by providing a single authentication domain across SaaS and cloud hosted applications as well as traditional enterprise hosted applications. An application delivery controller intermediary to a plurality of clients and the disparately hosted applications providing single sign on management, integration and control. A user may log in via an interface provided, controlled or managed by the ADC, which in turns, authenticates the user to the application in accordance with policy and the host of the application. As such, the user may login once to gain access to a plurality of disparately hosted applications. From the user'"'"'s perspective, the user seamlessly and transparently gains access to different hosted systems with different passwords and authentication via the remote access provided by the system of the present solution
-
Citations
20 Claims
-
1. A method for providing via an intermediary device single sign on across one or more disparately hosted applications, the method comprising:
-
(a) intercepting, by a device intermediary to a plurality of clients and a plurality of servers, a first request of a client to access a login page of a third-party hosted application of a plurality of disparately hosted applications accessible via the device using a single set of authentication credentials; (b) redirecting, by the device, the client to a single sign on system providing single sign on access to one or more third-party hosted applications of the plurality of disparately hosted applications; (c) intercepting, by the device, a second request from the client to sign on to a fully qualified domain name corresponding to a domain of the third-party hosted application; (d) redirecting, by the device responsive to a policy applied to content of the second request, the second request to the single sign on system; and (e) forwarding, by the device to the domain of the third-party hosted application. the second request redirected by the single sign on system to the domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for providing a single sign on across one or more disparately hosted applications, the method comprising:
-
a device intermediary to a plurality of clients and a plurality of servers and providing access to a plurality of disparately hosted applications using a single set of authentication credentials, the device receiving a first request of a client to access a login page of a third party hosted application of the plurality of disparately hosted applications; a responder of the device redirecting the client to a single sign on system providing single sign on access to one or more third-party hosted applications of the plurality of disparately hosted applications; a content redirection virtual server of the device intercepting a second request from the client to sign on to a fully qualified domain name corresponding to a domain of the third-party hosted application and redirecting, responsive to a policy applied to content of the second request, the second request to the single sign on system; and wherein the device forwards to the domain of the third-party hosted application. the second request redirected by the single sign on system to the domain. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification