WEB-BASED SINGLE SIGN-ON LOGON MANAGER

US 20150089580A1
Filed: 09/22/2014
Published: 03/26/2015
Est. Priority Date: 09/20/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, through a web-based interface, a request to access an application through a logon manager interface;

identifying a policy associated with the application, wherein the policy defines access requirements associated with the application;

identifying user credentials based on the application requirements; and

automatically providing the user credentials to the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Web-based single sign-on can enable a user to log in to a single interface (such as through a web browser or thin client) and then provide SSO services to the user for one or more web applications. The web-based SSO system can be extended to support one or more different access control methods, such as form-fill, Federated (OIF), SSO Protected (OAM), and other policies. The web-based SSO system can include a user interface through which the user can access different web applications, systems, etc. and manage their credentials. Each SSO service can be associated with a web interface allowing the SSO services to be accessed over the web. The web interfaces can provide CRUD (create, read, update, delete) functionality for each SSO service. To support different access policy types, the web-based SSO system can include an extensible data manager that can manage data access to different types of repositories transparently.

31 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving, through a web-based interface, a request to access an application through a logon manager interface;
  
  identifying a policy associated with the application, wherein the policy defines access requirements associated with the application;
  
  identifying user credentials based on the application requirements; and
  
  automatically providing the user credentials to the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - receiving a request from a user to add a new application to the logon manager, wherein the request includes a policy and a credential;
      
      sending a request to a data manager to store the policy and the credential; and
      
      adding an icon corresponding to the new application to the logon manager, such that the icon is displayed in the logon manager.
  - 3. The method of claim 1, further comprising:
    - receiving a request to provision a plurality of applications for a user, wherein the request includes policies and credentials for each of the plurality of applications; and
      
      sending a request to a data manager to store the policies and the credentials; and
      
      adding icons corresponding to each of the plurality of applications to the logon manager, such that the icons are displayed when the user logs-in to the logon manager.
  - 4. The method of claim 1, wherein the logon manager interface presents a unified view of a plurality of applications associated with a plurality of different types of credentials.
  - 5. The method of claim 1, wherein identifying user credentials based on the application requirements comprises:
    - generating a policy request for the policy associated with the application, wherein the policy request is formatted according to a web-based interface;
      
      sending the policy request to a single sign-on service; and
      
      receiving a policy response including the policy associated with the application, wherein the policy response is formatted according to the web-based interface.
  - 6. The method of claim 5, wherein identifying user credentials based on the application requirements comprises:
    - generating a credential request for the user credentials, wherein the policy request is formatted according to a web-based interface;
      
      sending the credential request to a single sign-on service; and
      
      receiving a credential response including the user credential, wherein the credential response is formatted according to the web-based interface.
  - 7. The method of claim 1, wherein the policy is a form-fill policy and wherein automatically providing the user credentials to the application comprises automatically populating fields in a graphical user interface associated with the application with the user credentials and submitting the user credentials to the application through the graphical user interface.

8. A system comprising:
- a computer, including a computer readable storage medium and processor;
  
  a logon manager interface, executing on the computer, wherein the logon manager interface includes a plurality of applications associated with different access requirements;
  
  wherein the logon manager interface is configured toreceive, through a web-based interface, a request to access an application in the logon manager interface,identify a policy associated with the application, wherein the policy defines access requirements associated with the application,identify user credentials based on the application requirements, andautomatically provide the user credentials to the application.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the logon manager interface is further configured to:
    - receive a request from a user to add a new application to the logon manager, wherein the request includes a policy and a credential;
      
      send a request to a data manager to store the policy and the credential; and
      
      add an icon corresponding to the new application to the logon manager, such that the icon is displayed in the logon manager.
  - 10. The system of claim 8, wherein the logon manager interface is further configured to:
    - receive a request to provision a plurality of applications for a user, wherein the request includes policies and credentials for each of the plurality of applications; and
      
      send a request to a data manager to store the policies and the credentials; and
      
      add icons corresponding to each of the plurality of applications to the logon manager, such that the icons are displayed when the user logs-in to the logon manager.
  - 11. The system of claim 8, wherein the logon manager interface presents a unified view of a plurality of applications associated with a plurality of different types of credentials.
  - 12. The system of claim 8, wherein identifying user credentials based on the application requirements comprises:
    - generating a policy request for the policy associated with the application, wherein the policy request is formatted according to a web-based interface;
      
      sending the policy request to a single sign-on service; and
      
      receiving a policy response including the policy associated with the application, wherein the policy response is formatted according to the web-based interface.
  - 13. The system of claim 12, wherein identifying user credentials based on the application requirements comprises:
    - generating a credential request for the user credentials, wherein the policy request is formatted according to a web-based interface;
      
      sending the credential request to a single sign-on service; and
      
      receiving a credential response including the user credential, wherein the credential response is formatted according to the web-based interface.
  - 14. The system of claim 8, wherein the policy is a form-fill policy and wherein automatically providing the user credentials to the application comprises automatically populating fields in a graphical user interface associated with the application with the user credentials and submitting the user credentials to the application through the graphical user interface.

15. A non-transitory computer readable storage medium including instructions stored thereon which when executed by a processor cause the processor to perform the steps of:
- receiving, through a web-based interface, a request to access an application in a logon manager;
  
  identifying a policy associated with the application, wherein the policy defines access requirements associated with the application;
  
  identifying user credentials based on the application requirements; and
  
  automatically providing the user credentials to the application.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable storage medium of claim 15, further instructions stored thereon which when executed by a processor cause the processor to perform the steps of:
    - receiving a request from a user to add a new application to the logon manager, wherein the request includes a policy and a credential;
      
      sending a request to a data manager to store the policy and the credential; and
      
      adding an icon corresponding to the new application to the logon manager, such that the icon is displayed in the logon manager.
  - 17. The non-transitory computer readable storage medium of claim 15, further instructions stored thereon which when executed by a processor cause the processor to perform the steps of:
    - receiving a request to provision a plurality of applications for a user, wherein the request includes policies and credentials for each of the plurality of applications; and
      
      sending a request to a data manager to store the policies and the credentials; and
      
      adding icons corresponding to each of the plurality of applications to the logon manager, such that the icons are displayed when the user logs-in to the logon manager.
  - 18. The non-transitory computer readable storage medium of claim 15, wherein the logon manager interface presents a unified view of a plurality of applications associated with a plurality of different types of credentials.
  - 19. The non-transitory computer readable storage medium of claim 15, wherein identifying user credentials based on the application requirements comprises:
    - generating a policy request for the policy associated with the application, wherein the policy request is formatted according to a web-based interface;
      
      sending the policy request to a single sign-on service; and
      
      receiving a policy response including the policy associated with the application, wherein the policy response is formatted according to the web-based interface.
  - 20. The non-transitory computer readable storage medium of claim 19, wherein identifying user credentials based on the application requirements comprises:
    - generating a credential request for the user credentials, wherein the policy request is formatted according to a web-based interface;
      
      sending the credential request to a single sign-on service; and
      
      receiving a credential response including the user credential, wherein the credential response is formatted according to the web-based interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Manza, Marc B., Singh, Dharmvir, Kuppala, Siva Sundeep, Sorial, Ayman, Kolli, Ashish, Uchil, Mrudul, Brunaugh, Josh, Cornwell, Smith William, Jain, Swati, Raote, Paresh

Granted Patent

US 10,079,820 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/0815   providing single-sign-on or...

H04L 63/0838   using one-time-passwords

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

WEB-BASED SINGLE SIGN-ON LOGON MANAGER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

WEB-BASED SINGLE SIGN-ON LOGON MANAGER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links