Client Device Information for Controlling Access to Web Applications
First Claim
Patent Images
1. A system comprising:
- at least one client device comprising a first processing system having at least one processor,wherein the first processing system is configured to perform operations comprising;
executing a first client application within a web browser, the first client application providing a first client-side portion of a web application;
executing a second client application providing a second client-side portion of the web application; and
executing a service application configured to determine at least one piece of client identifying information and to provide the determined at least one piece of client identifying information to the first client application and to the second client application in response to respective requests,at the first client application and the second client application, obtaining the determined at least one piece of client identifying information from the service application, andat the first client application, transmitting a first request with the obtained at least one piece of client identifying information, andat the second client application, transmitting a second request with the obtained at least one piece of client identifying information; and
at least one server device comprising a second processing system having at least one processor,wherein the second processing system is configured to execute a server-side process of the web application and to perform operations comprising;
receiving the first request from the first client application and the second request from the second client application, the first request including a first client identifying information and the second request including second client identifying information;
determining whether the second client identifying information corresponds to the first client identifying information; and
performing a first action which includes enabling the first and second client applications to share a login session if the determining determines that the second client identifying information corresponds to the first client identifying information, and performing a second action which includes disabling a login session for at least one of the first and second client applications if the determining determines that the second client identifying information does not correspond to the first client identifying information.
1 Assignment
0 Petitions
Accused Products
Abstract
The described technology provides for plural application processes including at least one application in a browser to reliably acquire device information that can be used by other processes to accurately determine whether the plural applications are running on the same client device and/or are associated with aspects of the same client device. The more reliable determination of the devices associated with respective application processes can be used for various purposes such as, for example, user access management capabilities such as improved single sign-on (SSO) capability and/or improved multiple login prevention (MLP) capability.
-
Citations
22 Claims
-
1. A system comprising:
-
at least one client device comprising a first processing system having at least one processor, wherein the first processing system is configured to perform operations comprising; executing a first client application within a web browser, the first client application providing a first client-side portion of a web application; executing a second client application providing a second client-side portion of the web application; and executing a service application configured to determine at least one piece of client identifying information and to provide the determined at least one piece of client identifying information to the first client application and to the second client application in response to respective requests, at the first client application and the second client application, obtaining the determined at least one piece of client identifying information from the service application, and at the first client application, transmitting a first request with the obtained at least one piece of client identifying information, and at the second client application, transmitting a second request with the obtained at least one piece of client identifying information; and at least one server device comprising a second processing system having at least one processor, wherein the second processing system is configured to execute a server-side process of the web application and to perform operations comprising; receiving the first request from the first client application and the second request from the second client application, the first request including a first client identifying information and the second request including second client identifying information; determining whether the second client identifying information corresponds to the first client identifying information; and performing a first action which includes enabling the first and second client applications to share a login session if the determining determines that the second client identifying information corresponds to the first client identifying information, and performing a second action which includes disabling a login session for at least one of the first and second client applications if the determining determines that the second client identifying information does not correspond to the first client identifying information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method performed by a first processing system having at least one processor, the method comprising:
-
running (A) a first client application within a web browser, the first client application providing a first client-side portion of a web application, (B) a second client application providing a second client-side portion of the web application, and (C) a service application configured to determine at least one piece of client identifying information and to provide the determined at least one piece of client identifying information to the first client application and to the second client application in response to respective requests, obtaining, by the first client application and the second client application, the determined at least one piece of client identifying information from the service application; transmitting to a server side process of the web application, by the first client application and the second client application, respective requests including the obtained at least one piece of client identifying information; and responsive to a response received from the server side process for the second request, determining further processing of at least one of the first client application or the second client application. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable storage device having stored therein instructions, that when executed by at least one processor of a first processing system, causes the first processing system to perform operations comprising:
-
running (A) a first client application within a web browser, the first client application providing a first client-side portion of a web application, (B) a second client application providing a second client-side portion of the web application, and (C) a service application configured to determine at least one piece of client identifying information and to provide the determined at least one piece of client identifying information to the first client application and to the second client application in response to respective requests, obtaining, by the first client application and the second client application, the determined at least one piece of client identifying information from the service application; transmitting to a server side process of the web application, by the first client application and the second client application, respective requests including the obtained at least one piece of client identifying information; and responsive to a response received from the server side process for the second request, determining further processing of at least one of the first client application or the second client application.
-
-
21. A method performed by a server-side process of a web application executing on at least one processor of a first processing system in a server device, the method comprising:
-
receiving, via a communication network and from at least one client device, a first request from the first client application and a second request from the second client application, the first request including a first client identifying information and the second request including second client identifying information; determining whether the second client identifying information corresponds to the first client identifying information and identifies a same client device; and performing a first action if the determining determines that the second client identifying information corresponds to the first client identifying information, and performing a second action, different from the first action, if the determining determines that the second client identifying information does not correspond to the first client identifying information. - View Dependent Claims (22)
-
Specification