SINGLE AUTHENTICATION TO A MULTI-TENANCY SINGLE-PAGE CLOUD APPLICATION

US 20180219854A1
Filed: 05/08/2017
Published: 08/02/2018
Est. Priority Date: 01/31/2017
Status: Active Grant

First Claim

Patent Images

1. A method for single authentication to a multi-tenancy single-page application hosted in a plurality of different datacenters, comprising:

receiving, from a client device, a login request to access the single-page application;

receiving an access token in response to an authentication of a user of the client device, wherein the access token designates at least tenant identification data;

determining a datacenter of the plurality of different datacenters executing an instance of the single-page application supporting a tenant of the authenticated user;

retrieving, from the determined datacenter, a single web page of the single-page application, wherein the retrieved single web page includes at least references to resources pointing to a location of the determined datacenter; and

serving the single web page to the client device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for single authentication to a multi-tenancy single-page application hosted in a plurality of different datacenters. The method comprises: receiving, from a client device, a login request to access the single-page application; receiving an access token in response to an authentication of a user of the client device, wherein the access token designates at least tenant identification data; determining a datacenter of the plurality of different datacenters executing an instance of the single-page application supporting a tenant of the authenticated user; retrieving, from the determined datacenter, a single web page of the single-page application, wherein the retrieved signal web page includes at least references to resources pointing to a location of the determined datacenter; and serving the web single page to the client device.

24 Citations

View as Search Results

21 Claims

1. A method for single authentication to a multi-tenancy single-page application hosted in a plurality of different datacenters, comprising:
- receiving, from a client device, a login request to access the single-page application;
  
  receiving an access token in response to an authentication of a user of the client device, wherein the access token designates at least tenant identification data;
  
  determining a datacenter of the plurality of different datacenters executing an instance of the single-page application supporting a tenant of the authenticated user;
  
  retrieving, from the determined datacenter, a single web page of the single-page application, wherein the retrieved single web page includes at least references to resources pointing to a location of the determined datacenter; and
  
  serving the single web page to the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - causing a single-sign-on (SSO) server to authenticate the user; and
      
      receiving, from the SSO server, the access token.
  - 3. The method of claim 1, wherein the tenant identification data includes at least any one of:
    - a tenant identifier (ID) and a user name.
  - 4. The method of claim 1, wherein determining the datacenter executing the instance of the single-page application further comprising:
    - querying, using the designated tenant identification data, a table mapping between tenant identification data and datacenters.
  - 5. The method of claim 4, further comprising:
    - frequently pulling mapping information maintained by the table from the plurality of different datacenters.
  - 6. The method of claim 4, further comprising:
    - learning mapping information maintained by the table over time.
  - 7. The method of claim 1, wherein the resources include at least one HTML element.
  - 8. The method of claim 1, wherein serving the single web page to the client device further comprises:
    - causing the client device to directly communicate with the determined datacenter.
  - 9. The method of claim 1, wherein the method is performed by an authentication gateway communicatively connected between the client device and the plurality of different datacenters.
  - 10. The method of claim 9, wherein the single-page application provides functionality of any one of:
    - a cloud application and a web application.

11. A non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute a process, the process comprising:
- receiving, from a client device, a login request to access the single-page application;
  
  receiving an access token in response to an authentication of a user of the client device, wherein the access token designates at least tenant identification data;
  
  determining a datacenter of the plurality of different datacenters executing an instance of the single-page application supporting a tenant of the authenticated user;
  
  retrieving, from the determined datacenter, a single web page of the single-page application, wherein the retrieved single web page includes at least references to resources pointing to a location of the determined datacenter; and
  
  serving the single web page to the client device.

12. A system for single authentication to a multi-tenancy single-page application hosted in a plurality of different datacenters, comprising:
- a processing circuitry; and
  
  a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to;
  
  receive, from a client device, a login request to access the single-page application;
  
  receive an access token in response to an authentication of a user of the client device, wherein the access token designates at least tenant identification data;
  
  determine a datacenter of the plurality of different datacenters executing an instance of the single-page application supporting a tenant of the authenticated user;
  
  retrieve, from the determined datacenter, a single web page of the single-page application, wherein the retrieved single web page includes at least references to resources pointing to a location of the determined datacenter; and
  
  serve the single web page to the client device.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system of claim 12, wherein the system is further configured to:
    - cause a single-sign-on (SSO) server to authenticate the user; and
      
      receive, from the SSO server, the access token.
  - 14. The system of claim 12, wherein the tenant identification data includes at least any one of:
    - a tenant identifier (ID) and a user name.
  - 15. The system of claim 12, wherein the system is further configured to:
    - query, using the designated tenant identification data, a table mapping between tenant identification data and datacenters.
  - 16. The system of claim 15, wherein the system is further configured to:
    - frequently pull mapping information maintained by the table from the plurality of different datacenters.
  - 17. The system of claim 15, wherein the system is further configured to:
    - learn mapping information maintained by the table over time.
  - 18. The system of claim 12, wherein the resources include at least one HTML element.
  - 19. The system of claim 12, wherein the system is further configured to:
    - cause the client device to directly communicate with the determined datacenter.
  - 20. The system of claim 12, wherein the method is performed by an authentication gateway communicatively connected between the client device and the plurality of different datacenters.
  - 21. The system of claim 20, wherein the single-page application provides functionality of any one of:
    - a cloud application and a web application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
MIRAN, Yarin, MARDIKS, Nir

Granted Patent

US 10,536,446 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0815   providing single-sign-on or...

H04L 63/168   above the transport layer

H04L 67/567   Integrating service provisi...

SINGLE AUTHENTICATION TO A MULTI-TENANCY SINGLE-PAGE CLOUD APPLICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

24 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

SINGLE AUTHENTICATION TO A MULTI-TENANCY SINGLE-PAGE CLOUD APPLICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links