SINGLE SIGN ON FOR NATIVE AND WRAPPED WEB RESOURCES ON MOBILE DEVICES
First Claim
1. A method, comprising:
- performing operations as follows on a processor;
associating a single sign on module with a native application residing on a mobile device;
detecting, using the single sign on module, user invocation of the native application, the native application to request access to a resource from a service provider server;
determining, using the single sign on module, whether the mobile device has a token stored thereon that indicates the user has been previously authenticated with an identity provider server;
sending, using the single sign on module, the token to the identity provider server when the token is determined to be stored on the mobile device;
receiving, at the single sign on module, an identity assertion for the user from the identity provider server responsive to sending the token to the identity provider server; and
providing, using the single sign on module, the identity assertion to the native application;
wherein the service provider server is independent of the identity provider server.
1 Assignment
0 Petitions
Accused Products
Abstract
A method includes performing operations as follows on a processor: associating a single sign on module with a native application residing on a mobile device, detecting, using the single sign on module, user invocation of the native application, the native application to request access to a resource from a service provider server, determining, using the single sign on module, whether the mobile device has a token stored thereon that indicates the user has been previously authenticated with an identity provider server, sending, using the single sign on module, the token to the identity provider server when the token is determined to be stored on the mobile device, receiving, at the single sign on module, an identity assertion for the user from the identity provider server responsive to sending the token to the identity provider server, and providing, using the single sign on module, the identity assertion to the native application. The service provider server is independent of the identity provider server.
-
Citations
20 Claims
-
1. A method, comprising:
-
performing operations as follows on a processor; associating a single sign on module with a native application residing on a mobile device; detecting, using the single sign on module, user invocation of the native application, the native application to request access to a resource from a service provider server; determining, using the single sign on module, whether the mobile device has a token stored thereon that indicates the user has been previously authenticated with an identity provider server; sending, using the single sign on module, the token to the identity provider server when the token is determined to be stored on the mobile device; receiving, at the single sign on module, an identity assertion for the user from the identity provider server responsive to sending the token to the identity provider server; and providing, using the single sign on module, the identity assertion to the native application; wherein the service provider server is independent of the identity provider server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 10, 11)
-
-
9. A method, comprising:
-
performing operations as follows on a processor; associating a single sign on module with a browser residing on a mobile device; detecting, using the single sign on module, user invocation of a Web resource via the browser; sending, using the single sign on module, a token to an identity provider server, the token indicating that the user has been previously authenticated with the identity provider server; receiving, at the single sign on module, an identity assertion for the user from the identity provider server responsive to sending the token to the identity provider server; and providing, using the single sign on module, the identity assertion to the browser; wherein the service provider server is independent of the identity provider server. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A computer program product, comprising:
-
a tangible computer readable storage medium comprising computer readable program code embodied in the medium that when executed by a processor causes the processor to perform operations comprising; associating a single sign on module with a native application residing on a mobile device; detecting, using the single sign on module, user invocation of the native application, the native application to request access to a resource from a service provider server; determining, using the single sign on module, whether the mobile device has a token stored thereon that indicates the user has been previously authenticated with an identity provider server; sending, using the single sign on module, the token to the identity provider server when the token is determined to be stored on the mobile device; receiving, at the single sign on module, an identity assertion for the user from the identity provider server responsive to sending the token to the identity provider server; and providing, using the single sign on module, the identity assertion to the native application; wherein the service provider server is independent of the identity provider server. - View Dependent Claims (18, 19, 20)
-
Specification