TECHNIQUES TO AUTHENTICATE USER REQUESTS INVOLVING MULTIPLE APPLICATIONS

US 20150244704A1
Filed: 07/25/2014
Published: 08/27/2015
Est. Priority Date: 02/27/2014
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus, comprising:

a logic circuit; and

a user interface component operative on the logic circuit to present content associated with a primary application, receive control directives directed to the primary application, request content from a secondary application, and verify a previous authentication by the primary application to the secondary application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques to authenticate user requests involving multiple applications are described. An apparatus may comprise a logic circuit, and a user interface component operative on the logic circuit to present to a user content from a primary application, handle user commands directed to the primary application, and verify the user to a secondary application using an identifier value that is generated by the primary application for authenticating the user. In one embodiment, the user interface component submits the identifier value to the secondary application in a request for certain content. After determining whether the identifier value is valid, the secondary application provides the requested content or deny the user'"'"'s request. Other embodiments are described and claimed.

14 Citations

View as Search Results

20 Claims

1. An apparatus, comprising:
- a logic circuit; and
  
  a user interface component operative on the logic circuit to present content associated with a primary application, receive control directives directed to the primary application, request content from a secondary application, and verify a previous authentication by the primary application to the secondary application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus of claim 1, wherein the secondary application comprises a separate authentication mechanism from the primary application.
  - 3. The apparatus of claim 1, wherein the user interface component operative to process content corresponding to a session with the primary application and request content from the secondary application using a session identifier that is generated by the primary application.
  - 4. The apparatus of claim 1 further comprising the user interface component operative to load the content from the primary application into a web page and load the content from the secondary application into a portion of the web page.
  - 5. The apparatus of claim 1, wherein the user interface component operative to communicate an identifier value, generated for the user, as a request parameter to a server running the secondary application.
  - 6. The apparatus of claim 1, wherein the user interface component operative to use the content from the primary application and the content from the secondary application to populate elements of a user interface for presentation on a device.
  - 7. The apparatus of claim 1 wherein the user interface component operative to process an identifier value to represent a primary application.
  - 8. The apparatus of claim 1 wherein the user interface component operative to communicate an identifier value that is generated by the primary application after the primary application authenticates the user interface component.

9. A computer-implemented method for verifying a user identity, comprising:
- processing a request comprising an identifier value from a server, the identifier value to correspond to a device requesting content from the server,determining whether the identifier value is valid, andcommunicating to the server data to indicate whether the device engaged in a valid session.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The method of claim 9, comparing a valid session identifier for the device with the identifier value.
  - 11. The method of claim 9, comprising processing the identifier value as a hypertext transport protocol secure (HTTPS) header parameter in a HTTPS request.
  - 12. The method of claim 9, comprising determining the identifier value corresponds to a primary server authentication.
  - 13. The method of claim 9, comprising communicating the identifier value to the server via a representational state transfer (REST)-compliant interface.

14. An article of manufacture having at least one computer-readable storage medium comprising instructions that when executed, cause a system to:
- process user identity data comprised in a request to provide content;
  
  use the user identity data to request a valid session identifier for the user identity; and
  
  based upon the valid session identifier and the user identity data, determine whether to respond to the request with the content.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The article of claim 14, comprising instructions that when executed cause the system to compare the valid session identifier to an identifier value embedded in a security token.
  - 16. The article of claim 14, comprising instructions that when executed cause the system to deny the request if the valid session identifier does not match the identifier value.
  - 17. The article of claim 14, comprising instructions that when executed cause the system to communicate the user identity data as a hypertext transport protocol secure (HTTPS) header parameter in a HTTPS request to a primary application.
  - 18. The article of claim 14, comprising instructions that when executed cause the system to communicate frame content after verifying the user identity.
  - 19. The article of claim 14, comprising instructions that when executed cause the system to process a connection with a primary server through a representational state transfer (REST)-compliant protocol, and to request the valid session identifier for the user identity data.
  - 20. The article of claim 14, comprising instructions that when executed cause the system to populate elements of a user interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NetApp, Inc.
Original Assignee
NetApp, Inc.
Inventors
Morrissey, Christopher

Application Number

US14/341,014
Publication Number

US 20150244704A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0815   providing single-sign-on or...

H04L 63/0876   based on the identity of th...

H04L 67/02   based on web technology, e....

TECHNIQUES TO AUTHENTICATE USER REQUESTS INVOLVING MULTIPLE APPLICATIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNIQUES TO AUTHENTICATE USER REQUESTS INVOLVING MULTIPLE APPLICATIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links