SINGLE SIGN-ON BETWEEN MULTIPLE DATA CENTERS
First Claim
1. A method for single sign-on (SSO) access among data centers, the method comprising:
- receiving, at a first data center, a single sign-on authentication cookie from a client device, the cookie including a reference to a second data center with which a user of the client device has been successfully authenticated;
building, using at least one processor operatively coupled with a memory at the first data center, a session retrieval request based on the reference included in the authentication cookie; and
sending, from the first data center, the session retrieval request to the second data center based on the reference included in the authentication cookie.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for a single sign-on (SSO) enterprise system with multiple data centers that use a lightweight cookie on a user'"'"'s client device. The lightweight cookie includes a reference to a data center in which the user is already authenticated, and a new data center contacts the old data center for creating a session for the user on the new data center. If the old data center is unavailable, then the new data center may fall back to accessing a local security store, a backup of keys, security tokens, and/or other security data, in order to create a local session for the user on the new data center.
-
Citations
20 Claims
-
1. A method for single sign-on (SSO) access among data centers, the method comprising:
-
receiving, at a first data center, a single sign-on authentication cookie from a client device, the cookie including a reference to a second data center with which a user of the client device has been successfully authenticated; building, using at least one processor operatively coupled with a memory at the first data center, a session retrieval request based on the reference included in the authentication cookie; and sending, from the first data center, the session retrieval request to the second data center based on the reference included in the authentication cookie. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system of a first data center, comprising:
-
a memory storing a plurality of instructions; and one or more processors configurable to; receive a single sign-on authentication cookie from a client device, the cookie including a reference to a second data center with which a user of the client device has been successfully authenticated; build a session retrieval request based on the reference included in the authentication cookie; and send the session retrieval request to the second data center based on the reference included in the authentication cookie. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computer-readable medium storing a plurality of instructions executable by one or more processors of a first data center, the plurality of instructions causing the one or more processors to:
-
receive a single sign-on authentication cookie from a client device, the cookie including a reference to a second data center with which a user of the client device has been successfully authenticated; build a session retrieval request based on the reference included in the authentication cookie; and send the session retrieval request to the second data center based on the reference included in the authentication cookie. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification