SYSTEM AND METHODS FOR USER AUTHENTICATION ACROSS MULTIPLE DOMAINS
First Claim
1. A system to support cross-domain user authentication, comprising:
- a first authentication agent associated with a first website/domain, which in operation, is configured tosend a request for additional authentication information for a user attempting to login to the first website/domain to an authentication platform;
return the additional authentication information provided to and entered by the user at the first website/domain to the authentication platform for verification;
provide a signed cookie of authentication state of the user to a second web site/domain when the user is redirected to the second website/domain;
a second authentication agent associated with said second website/domain, which in operation, is configured toparse the signed cookie for the additional authentication information and provide the additional authentication information to the authentication platform for verification;
said authentication platform running on a computing unit, which in operation, is configured tocreate and return the signed cookie to be stored at the first website/domain once the additional authentication information received from the first website/domain is verified;
verify the additional authentication information from the second website/domain and allow the user to access the second website/domain without entering any additional authentication information once verified.
1 Assignment
0 Petitions
Accused Products
Abstract
A new approach is proposed that contemplates systems and methods to support verification of a user'"'"'s authentication information across multiple websites/domains owned and/or operated by different entities, which share users during a single session. When the user attempts to login to a first website/domain, he/she is required to provide authentication information in addition to user-id/password. An authentication platform is configured to generate and communicate the additional authentication information to the user and verify the additional authentication information the user provided to the first website/domain. When the user later attempts to access a second/unrelated website/domain, the verified additional authentication information is provided by the first website/domain to the second website/domain in the form of a signed cookie. The second website/domain parses the cookie and provides the additional authentication information to the authentication platform for verification without requiring the user to input it again at the second website/domain.
28 Citations
26 Claims
-
1. A system to support cross-domain user authentication, comprising:
-
a first authentication agent associated with a first website/domain, which in operation, is configured to send a request for additional authentication information for a user attempting to login to the first website/domain to an authentication platform; return the additional authentication information provided to and entered by the user at the first website/domain to the authentication platform for verification; provide a signed cookie of authentication state of the user to a second web site/domain when the user is redirected to the second website/domain; a second authentication agent associated with said second website/domain, which in operation, is configured to parse the signed cookie for the additional authentication information and provide the additional authentication information to the authentication platform for verification; said authentication platform running on a computing unit, which in operation, is configured to create and return the signed cookie to be stored at the first website/domain once the additional authentication information received from the first website/domain is verified; verify the additional authentication information from the second website/domain and allow the user to access the second website/domain without entering any additional authentication information once verified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented method to support cross-domain user authentication, comprising:
-
sending a request for additional authentication information for a user attempting to login to a first website/domain to an authentication platform; returning the additional authentication information provided to and entered by the user at the first website/domain to the authentication platform for verification; creating and returning a signed cookie of authentication state of the user to be stored at the first website/domain once the additional authentication information received from the first website/domain is verified; providing the signed cookie to a second website/domain when the user is redirected to the second website/domain; parsing the signed cookie for the additional authentication information and providing the additional authentication information to the authentication platform for verification; verifying the additional authentication information from the second website/domain by the authentication platform and allowing the user to access the second website/domain without entering any additional authentication information once verified. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification