SINGLE SIGN-ON METHODS AND APPARATUS THEREFOR
First Claim
1. A single sign-on method for enabling a user to perform authenticated sign-on to a plurality of websites associated with a plurality of web services, comprising:
- authenticating said user at a first website, said first website associated with a first web service;
communicating said authenticating from said first website to a server if said authenticating is successful; and
thereafter employing said server to authenticate said user if said user wishes to access a second website associated with a second web service different from said first web service.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention employ a KUSO (Kerio Unity Sign On) server to work with different web services (which offer online service via to users via user accounts) to offer single sign-on capability to different services. With the use of the KUSO server, a user only has to authenticate with one of the web services in order to have authenticated access to all web services. After the first successful authentication at one of the web services, the web server that successfully authenticates the user communicates the successful authentication with the KUSO server using a special channel and a special token. Subsequently authentication verification is performed transparently by the KUSO server if the user wishes to access any of the other web services. Safeguards for various edge conditions during sign-on and sign-offs are provided to improve security.
-
Citations
2 Claims
-
1. A single sign-on method for enabling a user to perform authenticated sign-on to a plurality of websites associated with a plurality of web services, comprising:
-
authenticating said user at a first website, said first website associated with a first web service; communicating said authenticating from said first website to a server if said authenticating is successful; and thereafter employing said server to authenticate said user if said user wishes to access a second website associated with a second web service different from said first web service.
-
-
2. An arrangement for facilitating single sign-on by a user to a plurality of websites associated with a plurality of web services, comprising:
-
a first web server, said first web server associated with a first website; a single sign-on server, said single sign-on server communicating with said first web server if said first web server successfully authenticates said user; and a second web server associated with a second website, said second web server communicating with said single sign-on server, responsive to said user wishing to access said second website, to ascertain that said user has previously been successfully authenticated.
-
Specification