Universal session sharing
First Claim
1. A method of sharing data related to a session created by a user within a domain of services, the method comprising:
- creating a first session identifier associated with a user initially accessing a first service by identifying the user;
passing the first session identifier to a second service when the user desires initial access to the second service;
by the second service, determining whether the first session identifier is from a valid service with which the second service can share sessions;
when it is determined that the first session identifier is from a valid server service with which the second service can share sessions, providing the first session identifier, received from the first service, back to the first service, along with an identifier of the second service to enable the first service to validate that the first session identifier, provided back from the second service, identifies a session associated with the first service and to validate that the service having the identifier of the second service, provided from the second service, is a service with which the first service can share sessions; and
creating a second session identifier associated with the user upon validation, by the first service, of the first session identifier and the identifier of the second service, thereby allowing the user to use the second service without requiring separate identification of the user to the second service,wherein determining that the first session identifier is from a valid service with which the second service can share sessions includes;
examining session sharing rules associated with the second service;
determining whether the second service can communicate session data with the first service; and
examining a verification routine associated with the first service.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer program products are disclosed for sharing data related to a session created by a user within a domain of sites or services. A user logs on to a site, such as a Web site or other entity, and creates a session. The session created has an identifier which can be shared with other sites or entities in the same domain or logical group. In the course of utilizing services on the site, the user attempts access to services on another site. When this attempt is made, the user'"'"'s session data is passed to the second site. The session data is analyzed on the second site by checking configuration data on the second site. If it is not found to be valid (e.g. it is created by a site outside the domain of the second site), the user is required to explicilty logon. If the configuration data indicates that it is valid, the session data is passed back to the first site using a verification routine (part of the configuration data) on the second site. If the first site authenticates the session data, the user is allowed to access services on the second site without having to explicitly logon.
320 Citations
14 Claims
-
1. A method of sharing data related to a session created by a user within a domain of services, the method comprising:
-
creating a first session identifier associated with a user initially accessing a first service by identifying the user; passing the first session identifier to a second service when the user desires initial access to the second service; by the second service, determining whether the first session identifier is from a valid service with which the second service can share sessions; when it is determined that the first session identifier is from a valid server service with which the second service can share sessions, providing the first session identifier, received from the first service, back to the first service, along with an identifier of the second service to enable the first service to validate that the first session identifier, provided back from the second service, identifies a session associated with the first service and to validate that the service having the identifier of the second service, provided from the second service, is a service with which the first service can share sessions; and creating a second session identifier associated with the user upon validation, by the first service, of the first session identifier and the identifier of the second service, thereby allowing the user to use the second service without requiring separate identification of the user to the second service, wherein determining that the first session identifier is from a valid service with which the second service can share sessions includes; examining session sharing rules associated with the second service; determining whether the second service can communicate session data with the first service; and examining a verification routine associated with the first service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification