USING CACHED SECURITY TOKENS IN AN ONLINE SERVICE
First Claim
1. A method for using cached security tokens in an online service, comprising:
- receiving a request over a network from a client for a resource of the online service;
wherein the request comprises an identity claim that identifies a security token that is stored in a location that is separate from the request;
using the identity claim in the request to access the security token that is stored in a memory of the online service; and
using the accessed security token to determine when to provide the resource to the client.
3 Assignments
0 Petitions
Accused Products
Abstract
A security token service generates a security token for a user that is associated with a client and stores the full security token within a memory. The security token includes an identity claim that represents the identity of the generated security token. Instead of passing the entire security token back to the client, the identity claim is returned to the client. For each request the client makes to the service, the client passes the identity claim in the request instead of the full security token having all of the claims. The identity claim is much smaller then the full security token. When a computing device receives the identity claim within the request from the user, the identity claim is used to access the full security token that is stored in memory.
39 Citations
20 Claims
-
1. A method for using cached security tokens in an online service, comprising:
-
receiving a request over a network from a client for a resource of the online service;
wherein the request comprises an identity claim that identifies a security token that is stored in a location that is separate from the request;using the identity claim in the request to access the security token that is stored in a memory of the online service; and using the accessed security token to determine when to provide the resource to the client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-readable storage medium having computer-executable instructions for using cached security tokens for users, comprising:
-
receiving a request from a client for a resource that is located within a network;
wherein the request comprises an identity claim that identifies a Security Assertion Markup Language (SAML) token that is stored in a memory that is within the network;accessing the SAML token using the identity claim that is contained within the received request; and using the accessed SAML token to determine when to provide the resource to the client. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A system for routing requests in an online service, comprising:
-
a processor and a computer-readable medium; an operating environment stored on the computer-readable medium and executing on the processor; a security token service that provides a security token service that is used to generate security tokens for users in a network, wherein the generated security tokens comprise claims, wherein at least one of the claims generated is an identity claim that is used in identifying the generated security token;
wherein the identity claim is returned to the client instead of returning the generated security token;
wherein at least some of the computing devices in the online service are configured to perform actions, comprising;receiving a request from a client for a resource that is located within the network;
wherein the request comprises an identity claim that identifies a security token that is stored in a memory that is within the network;accessing the security token within a cache within the network using the identity claim that is contained within the received request; and using the accessed security token to determine when to provide the resource to the client. - View Dependent Claims (18, 19, 20)
-
Specification