AUTHENTICATION TICKET VALIDATION
First Claim
1. One or more computer-readable media having computer-usable instructions embodied thereon for performing a method of validating an authentication ticket to ensure authenticated communications between a client and an online service provider, the method comprising:
- at an authentication server, receiving an authentication request from a user agent associated with the client, wherein the authentication request is a request to access a service provided by the online service provider, the authentication request including a set of identification information and a set of authentication information;
determining that the set of identification information and the set of authentication information are associated with a user;
creating the authentication ticket including a user identification and an authentication, wherein the authentication ticket indicates to the online service provider that the user is authenticated to access one or more services provided by the online service provider;
at the authentication server, embedding a validation token into the authentication ticket, the validation token providing enhanced verification that the access provided by the online service provider to the one or more services is authenticated, wherein the validation token includes a return URL address associated with a target to which the user agent will forward the authentication ticket; and
encrypting the authentication ticket using a hash of at least a portion of a URL of the online service provider as an initialization vector.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication ticket is validated to ensure authenticated communications between a client and an online service provider. In an embodiment an authentication request is received from a user agent associated with the client and the authentication request includes a set of identification information and a set of authentication information. Additionally, it is determined that the set of identification information and the set of authentication information are associated with a user and an authentication ticket is created including a user identification and an authentication, indicating to the online service provider that the user is authenticated to access one or more online services. Further, a validation token is embedded into the authentication ticket that provides enhanced verification that the access provided by the online service provider is authenticated.
57 Citations
20 Claims
-
1. One or more computer-readable media having computer-usable instructions embodied thereon for performing a method of validating an authentication ticket to ensure authenticated communications between a client and an online service provider, the method comprising:
-
at an authentication server, receiving an authentication request from a user agent associated with the client, wherein the authentication request is a request to access a service provided by the online service provider, the authentication request including a set of identification information and a set of authentication information; determining that the set of identification information and the set of authentication information are associated with a user; creating the authentication ticket including a user identification and an authentication, wherein the authentication ticket indicates to the online service provider that the user is authenticated to access one or more services provided by the online service provider; at the authentication server, embedding a validation token into the authentication ticket, the validation token providing enhanced verification that the access provided by the online service provider to the one or more services is authenticated, wherein the validation token includes a return URL address associated with a target to which the user agent will forward the authentication ticket; and encrypting the authentication ticket using a hash of at least a portion of a URL of the online service provider as an initialization vector. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for validating an authentication ticket to ensure authenticated communications between a client and an online service provider, the system comprising:
-
a computing device associated with one or more processors and one or more computer-storage media; a data store coupled with the computing device, wherein the data store includes a database; a receiving component configured to receive an authentication request from a user agent associated with the client, the authentication request including a set of identification information and a set of authentication information; a determining component configured to determine that the set of identification information and the set of authentication information are associated with a user; a creating component configured to create the authentication ticket including a user identification and an authentication, wherein the authentication ticket indicates to the online service provider that the user is authenticated to access one or more services provided by the online service provider; an embedding component configured to embed a validation token into the authentication ticket, the validation token providing enhanced verification that the access provided by the online service provider to the one or more services is authenticated, wherein the validation token includes a return URL address associated with a target to which the user agent will forward the authentication ticket, wherein the authentication ticket is encrypted using a hash of at least a portion of a URL of the online service provider as an initialization vector; and the database for storing information associated with validating the authentication ticket. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method of validating an authentication ticket to ensure authenticated communications between a client and an online service provider, the method comprising:
-
at an authentication server, receiving an authentication request from a user agent associated with the client, wherein the authentication request is a request to access a service provided by the online service provider, the authentication request including a set of identification information and a set of authentication information; determining that the set of identification information and the set of authentication information are associated with a user; creating the authentication ticket including a user identification and an authentication, wherein the authentication ticket indicates to the online service provider that the user is authenticated to access one or more services provided by the online service provider; at the authentication server, embedding a validation token into the authentication ticket, the validation token providing enhanced verification that the access provided by the online service provider to the one or more services is authenticated, wherein the validation token includes a return URL address associated with a target to which the user agent will forward the authentication ticket; and encrypting the authentication ticket using a hash of at least a portion of a URL of the online service provider as an initialization vector. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification