User authentication
First Claim
1. A method for authenticating a user for a plurality of domains in a network-based system, comprising:
- receiving at said first domain a request from said user, for a protected resource, said resource is in said first domain;
redirecting said user to a second domain for authentication; and
authenticating said user for said first domain at said second domain.
5 Assignments
0 Petitions
Accused Products
Abstract
The present invention authenticates a user for multiple resources distributed across multiple domains through the performance of a single authentication. User access requests for a protected resource in a first domain are received and redirected to a second domain. User authentication is performed at the second domain. In one embodiment, the system transmits an authentication cookie for the second domain to the user after authentication at the second domain. In another embodiment, the system further redirects subsequent resource requests for resources in the first domain or a third domain to the second domain. The second domain confirms the user'"'"'s authentication for applicable portions of the first, second, and third domains using the cookie.
-
Citations
36 Claims
-
1. A method for authenticating a user for a plurality of domains in a network-based system, comprising:
-
receiving at said first domain a request from said user, for a protected resource, said resource is in said first domain; redirecting said user to a second domain for authentication; and authenticating said user for said first domain at said second domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. One or more processor readable storage devices having processor readable code embodied on said processor readable storage devices, said processor readable code for programming one or more processors to perform a method comprising:
-
receiving a user request for a protected resource, said resource is in a first domain; redirecting said request to a second domain; and authenticating said user at said second domain, wherein said authenticating includes; receiving user data at said second domain, said user data is received at said second domain from said user, accessing user identify profile information for said user from a Directory Server, said user identity profile information including a plurality of attributes having attribute values, wherein at least one of said attribute values includes information other than an authentication certificate, and comparing said received user data with said user identity profile information, said comparing includes comparing said received user data with said information other than an authentication certificate. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification