Self service single sign on management system allowing user to amend user directory to include user chosen resource name and resource security data
First Claim
1. A method for directory enabled, self service, single sign on user account management, the method implemented in conjunction with a directory, the directory comprising resource directory entries and user directory entries, the method comprising the steps of:
- receiving, from a user through a browser, an SSO user ID and SSO password of the user, the SSO password being known only to the user;
retrieving from the directory, in dependence upon the SSO user ID and SSO password, a user directory entry for the user, wherein the user directory entry includes a mapped resource list comprising resource names of resources mapped to the user'"'"'s SSO user ID;
creating, in dependence upon the user directory entry, a new mapping of a resource to the SSO user ID, wherein the creating comprises the further steps of;
retrieving from the directory a full resource list comprising resource names of all resources available for SSO mappings;
deleting from the full resource list the resource names in the mapped resource list, thereby yielding an available resource list of resources presently available for mapping to the SSO user ID;
displaying to the user through the browser the available resource list;
receiving a user'"'"'s chosen resource name from the available resource list displayed to the user, including resource security data for the chose resource name;
amending the user directory entry to include the chosen resource name and the resource security data for the chosen resource name; and
storing the amended user directory entry in the directory.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for directory enabled, self service, single sign on user account management, the method implemented in conjunction with a directory, the directory comprising resource directory entries and user directory entries. Exemplary embodiments include receiving, from a user through a browser, an SSO user ID and SSO password of the user, the SSO password being known only to the user, retrieving from the directory, in dependence upon the SSO user ID and SSO password, a user directory entry for the user, and creating, in dependence upon the user directory entry, a new mapping of a resource to the SSO user ID.
-
Citations
15 Claims
-
1. A method for directory enabled, self service, single sign on user account management, the method implemented in conjunction with a directory, the directory comprising resource directory entries and user directory entries, the method comprising the steps of:
-
receiving, from a user through a browser, an SSO user ID and SSO password of the user, the SSO password being known only to the user; retrieving from the directory, in dependence upon the SSO user ID and SSO password, a user directory entry for the user, wherein the user directory entry includes a mapped resource list comprising resource names of resources mapped to the user'"'"'s SSO user ID; creating, in dependence upon the user directory entry, a new mapping of a resource to the SSO user ID, wherein the creating comprises the further steps of; retrieving from the directory a full resource list comprising resource names of all resources available for SSO mappings; deleting from the full resource list the resource names in the mapped resource list, thereby yielding an available resource list of resources presently available for mapping to the SSO user ID; displaying to the user through the browser the available resource list; receiving a user'"'"'s chosen resource name from the available resource list displayed to the user, including resource security data for the chose resource name; amending the user directory entry to include the chosen resource name and the resource security data for the chosen resource name; and storing the amended user directory entry in the directory. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for directory enabled, self service, single sign on user account management, the system implemented in conjunction with a directory, the directory comprising resource directory entries and user directory entries, the system comprising:
-
means for receiving, from a user through a browser, an SSO user ID and SSO password of the user, the SSO password being known only to the user; means for retrieving from the directory, in dependence upon the SSO user ID and SSO password, a user directory entry for the user, wherein the user directory entry includes a mapped resource list comprising resource names of resources mapped to the user'"'"'s SSO user ID; means for creating, in dependence upon the user directory entry, a new mapping of a resource to the SSO user ID, wherein the means for creating comprises; means for retrieving from the directory a full resource list comprising resource names of all resources available for SSO mappings; means for deleting from the full resource list the resource names in the mapped resource list, thereby yielding an available resource list of resources presently available for mapping to the SSO user ID; means for displaying to the user through the browser the available resource list; means for receiving a user'"'"'s chosen resource name from the available resource list displayed to the user, including resource security data for the chose resource name; means for amending the user directory entry to include the chosen resource name and the resource security data for the chosen resource name; and means for storing the amended user directory entry in the directory. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer program product containing computer readable medium encoded with instructions for directory enabled, self service, single sign on user account management, the computer program product implemented in conjunction with a directory, the directory comprising resource directory entries and user directory entries, the computer program product comprising:
-
a recording medium; means, recorded on the recording medium, for receiving, from a user through a browser, an SSO user ID and SSO password of the user, the SSO password being known only to the user; means, recorded on the recording medium, for retrieving from the directory, in dependence upon the SSO user ID and SSO password, a user directory entry for the user, wherein the user directory entry includes a mapped resource list comprising resource names of resources mapped to the user'"'"'s SSO user ID; means, recorded on the recording medium, for creating, in dependence upon the user directory entry, a new mapping of a resource to the SSO user ID, wherein the means, recorded on the recording medium, for creating comprises; means, recorded on the recording medium, for retrieving from the directory a full resource list comprising resource names of all resources available for SSO mappings; means, recorded on the recording medium, for deleting from the full resource list the resource names in the mapped resource list, thereby yielding an available resource list of resources presently available for mapping to the SSO user ID; means, recorded on the recording medium, for displaying to the user through the browser the available resource list; means, recorded on the recording medium, for receiving a user'"'"'s chosen resource name from the available resource list displayed to the user, including resource security data for the chose resource name; means for amending the user directory entry to include the chosen resource name and the resource security data for the chosen resource name; and means, recorded on the recording medium, for storing the amended user directory entry in the directory. - View Dependent Claims (12, 13, 14, 15)
-
Specification