SINGLE SIGN-ON AUTHENTICATION VIA BROWSER FOR CLIENT APPLICATION

US 20170180351A1
Filed: 12/21/2015
Published: 06/22/2017
Est. Priority Date: 12/21/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

initiating at a client application at a client device, a single sign-on authentication with a security device;

receiving at the client application, a session identifier and location of a web portal for said single sign-on authentication from the security device; and

passing the session identifier and the location of the web portal from the client application to a browser installed at the client device, for use by the browser in performing said single sign-on authentication at the client device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a method includes initiating at a client application at a client device, a single sign-on authentication with a security device, receiving at the client application, a session identifier and location of a web portal for the single sign-on authentication from the security device, and passing the session identifier and location of the web portal from the client application to a browser installed at the client device, for use by the browser in performing the single sign-on authentication at the client device. An apparatus and logic are also disclosed herein.

Citations

20 Claims

1. A method comprising:
- initiating at a client application at a client device, a single sign-on authentication with a security device;
  
  receiving at the client application, a session identifier and location of a web portal for said single sign-on authentication from the security device; and
  
  passing the session identifier and the location of the web portal from the client application to a browser installed at the client device, for use by the browser in performing said single sign-on authentication at the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising submitting login credentials via the browser.
  - 3. The method of claim 1 further comprising transmitting an HTTP (Hypertext Transfer Protocol) GET request comprising the session identifier.
  - 4. The method of claim 3 wherein the HTTP request redirects the client device to the web portal.
  - 5. The method of claim 1 wherein the web portal location comprises a URL (Uniform Resource Locator).
  - 6. The method of claim 1 further comprising receiving a timeout value with the session identifier and the web portal location.
  - 7. The method of claim 1 wherein the session identifier comprises a session key generated by the security device upon receiving a login request from the client device.
  - 8. The method of claim 1 wherein the browser comprises a web application running independently from the client application.
  - 9. The method of claim 1 wherein the session identifier identifies a client session between the client application and the security device and wherein the client session is associated with a web session generated at the security device based on communication between the browser and the security device.

10. An apparatus comprising:
- an interface for communication with a client device comprising a client application and a browser; and
  
  a processor for processing a request from the client application for a single sign-on authentication, generating a client session between the apparatus and the client application, transmitting a client session identifier and a location of a web portal for said single-sign on authentication to the client application, and processing said single sign-on authentication with the browser using the client session identifier and the web portal location received from the browser;
  
  wherein the client session is associated with a web session used to perform said single-sign on authentication with the browser.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The apparatus of claim 10 wherein processing said single sign-on authentication with the browser comprises processing an HTTP (Hypertext Transfer Protocol) GET request received from the browser and comprising the client session identifier.
  - 12. The apparatus of claim 10 wherein processing said single sign-on authentication with the browser comprises receiving user credentials from the browser.
  - 13. The apparatus of claim 10 wherein the processor is further operable to notify the client device of a successful authentication.
  - 14. The apparatus of claim 10 wherein the session identifier comprises a session key generated by the security device upon receiving said request from the client device.
  - 15. The apparatus of claim 10 wherein the browser comprises a web application running independently from the client application.

16. Logic encoded on one or more non-transitory computer readable media for execution and when executed operable to:
- initiate at a client application at a client device, a single sign-on authentication with a security device;
  
  process at the client application, a session identifier and location of a web portal for said single sign-on authentication received from the security device; and
  
  pass the session identifier and the location of the web portal from the client application to a browser installed at the client device, for use by the browser in performing said single sign-on authentication at the client device.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The logic of claim 16 wherein the session identifier comprises a session key generated by the security device upon receiving a login request from the client device.
  - 18. The logic of claim 16 wherein the browser comprises a web application running independently from the client application.
  - 19. The logic of claim 16 wherein the session identifier identifies a client session between the client application and the security device and wherein the client session is associated with a web session generated at the security device based on communication between the browser and the security device.
  - 20. The logic of claim 16 wherein the client application passes the session identifier and the web portal location in a one way communication between the client application and the browser upon launching the browser from the client application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Lu, Jiajun, Han, Songling, Kielbasinski, Andrzej, Davis, Peter

Granted Patent

US 9,992,187 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/0272   Virtual private networks

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0815   providing single-sign-on or...

H04L 63/0876   based on the identity of th...

H04L 63/168   above the transport layer

H04L 67/02   based on web technology, e....

H04L 67/146   Markers for unambiguous ide...

SINGLE SIGN-ON AUTHENTICATION VIA BROWSER FOR CLIENT APPLICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SINGLE SIGN-ON AUTHENTICATION VIA BROWSER FOR CLIENT APPLICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links