Systems and methods for managing web user information

US 7,225,462 B2
Filed: 06/26/2002
Issued: 05/29/2007
Est. Priority Date: 06/26/2002
Status: Active Grant

First Claim

Patent Images

1. A system for managing information concerning users of a network web site, the system comprising:

a web server for providing access to various network resources, including web pages and applications;

an applications server coupled to the web server for running two or more protected applications, to which access is restricted to authorized users;

a customer profile and registration application operating in conjunction with the web server and applications server for receiving user login information and authenticating users, wherein said customer profile and registration provides single sign-on capability, such that a user can access two or more restricted applications via a single login;

a user directory server for centrally managing information concerning users, said user directory server being coupled to (i) a first database for storing user credentials for a plurality of users, and (ii) a second database for storing user profile information for a plurality of users, wherein said user profile information and said user credentials can be added, modified, deleted or retrieved by operations carried out within at least one of said applications, the user directory server storing a categoryID for at least one user, such that different categories of users are stored in different locations of a directory, with each category having a name, a storage context, and a search context, the storage context defining where entries are stored in the directory, and the search context defining a directory scope over which user IDs are unique, the user directory server maintaining a cache of inactive directory objects, and when a request is received for a directory object, the user directory server accesses the cache and reuses the directory objects, and when the cache is full and a directory object is released to the cache, the directory object is discarded; and

a functional server returning an instance of the user directory server, the functional server maintaining a pool of user directory server instances and allocating instances from the pool in a round robin fashion.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention relate to systems and methods for managing information concerning users of a network web site. The system includes a web server for providing access to various network resources, such as web pages and applications and an applications server coupled to the web server for running two or more protected applications, to which access is restricted to authorized users. The system also includes a customer profile and registration application for receiving user login information and authenticating users and providing single sign-on capability. The system further includes a user directory server for centrally managing information concerning users, a first database for storing user credentials and a second database for storing user profile information. User profile information and user credentials can be added, modified, deleted or retrieved by operations carried out within at least one of said applications.

Citations

20 Claims

1. A system for managing information concerning users of a network web site, the system comprising:
- a web server for providing access to various network resources, including web pages and applications;
  
  an applications server coupled to the web server for running two or more protected applications, to which access is restricted to authorized users;
  
  a customer profile and registration application operating in conjunction with the web server and applications server for receiving user login information and authenticating users, wherein said customer profile and registration provides single sign-on capability, such that a user can access two or more restricted applications via a single login;
  
  a user directory server for centrally managing information concerning users, said user directory server being coupled to (i) a first database for storing user credentials for a plurality of users, and (ii) a second database for storing user profile information for a plurality of users, wherein said user profile information and said user credentials can be added, modified, deleted or retrieved by operations carried out within at least one of said applications, the user directory server storing a categoryID for at least one user, such that different categories of users are stored in different locations of a directory, with each category having a name, a storage context, and a search context, the storage context defining where entries are stored in the directory, and the search context defining a directory scope over which user IDs are unique, the user directory server maintaining a cache of inactive directory objects, and when a request is received for a directory object, the user directory server accesses the cache and reuses the directory objects, and when the cache is full and a directory object is released to the cache, the directory object is discarded; and
  
  a functional server returning an instance of the user directory server, the functional server maintaining a pool of user directory server instances and allocating instances from the pool in a round robin fashion.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein said customer profile and registration application utilizes a policy server for determining what classes of users have access rights to which network resources.
  - 3. The system of claim 1, wherein at least one of said first database and said second database stores customization information for enabling the web server or applications server to customize the web pages that are viewed by a user.
  - 4. The system of claim 1, wherein said user profile information comprises personal information about the user.
  - 5. The system of claim 1, wherein said user profile information comprises user account information.
  - 6. The system of claim 1, wherein said user profile information comprises information concerning what web pages and applications the user has viewed or used in the past.
  - 7. The system of claim 1, wherein said user directory server is implemented on a Remote Method invocation server.
  - 8. The system of claim 1, wherein said first database operates in accordance with the Lightweight Directory Access Protocol.
  - 9. The system of claim 1, wherein the applications running on the applications server include one or more of a bill payment application, an application for receiving and processing customer orders, a catalog application, and a customer account application.

10. A method for managing information concerning users of a web site, the method comprising:
- establishing a communications link between a network web site and a user computer, the network web site comprising;
  
  (i) a web server for providing access to various network resources, including web pages and applications;
  
  (ii) an applications server coupled to the web server for running two or more protected applications, to which access is restricted to authorized users; and
  
  (iii) a user directory server for centrally managing information concerning users, the user directory server storing a categoryID for at least one user, such that different categories of users are stored in different locations of a directory, with each category having a name, a storage context, and a search context, the storage context defining where entries are stored in the directory, and the search context defining a directory scope over which user IDs are unique, the user directory server maintaining a cache of inactive directory objects, and when a request is received for a directory object, the user directory server accesses the cache and reuses the directory objects, and when the cache is full and a directory object is released to the cache, the directory object is discarded, and (iv) a functional server returning an instance of the user directory server, the functional server maintaining a pool of user directory server instances and allocating instances from the pool in a round robin fashion;
  
  storing user credentials for a plurality of users in a first database coupled to the user directory server;
  
  storing user profile information for a plurality of users in a second database coupled to the user directory server;
  
  receiving a user request for access to a protected application;
  
  receiving user login information and authenticating a user by comparing the user login information with user credentials stored in the first database;
  
  enabling an authenticated user to access two or more protected applications without requiring further authentication;
  
  retrieving user profile information from the second database for use in connection with operations carried out by the authenticated user within one or more applications.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprising customizing a web page that is viewed by the user by retrieving and utilizing customization information that is stored in at least one of said first database and said second database.
  - 12. The method of claim 11, wherein receiving user login information and authenticating the user is carried out by a customer profile and registration application which utilizes a policy server for determining what classes of users have access rights to which network resources.
  - 13. The method of claim 10, wherein said user profile information comprises one or more of:
    - (i) personal information about the user;
      
      (ii) user account information; and
      
      (iii) information concerning what web pages and applications the user has viewed or used in the past.
  - 14. The method of claim 10, further comprising one or more of adding, deleting, modifying, or retrieving said user credentials or user profile information by an operation carried out within at least one of said applications.
  - 15. The method of claim 10, wherein said user directory server is implemented on a Remote Method Invocation server.
  - 16. The method of claim 10, wherein said first database operates in accordance with the Lightweight Directory Access Protocol.
  - 17. The method of claim 10, wherein the applications running on the applications server include one or more of a bill payment application, an application for receiving and processing customer orders, a catalog application, and a customer account application.

18. A system for managing information concerning users of a network web site, the network web site comprising a web server for providing access to various network resources, including web pages and applications, and an applications server coupled to the web server for running two or more protected applications, the system comprising:
- a first database storing user credentials for a plurality of users;
  
  a second database storing user profile information for a plurality of users, wherein said user profile information and said user credentials may be added, modified, deleted or retrieved by operations carried out within at least one of said applications, the second database storing a categoryID for at least one of the plurality of users, such that different categories of users are stored in different locations of a directory, with each category having a name, a storage context, and a search context, the storage context defining where entries are stored in the directory, and the search context defining a directory scope over which user IDs are unique, the second database maintaining a cache of inactive directory objects, and when a request is received for a directory object, the second database accessing the cache and reusing the directory objects, and when the cache is full and a directory object is released to the cache, the directory object is discarded;
  
  means for receiving user login information and authenticating a user by comparing the user login information with user credentials stored in said first database;
  
  means for enabling an authenticated user to access two or more protected applications without requiring further authentication; and
  
  means for retrieving user profile information stored in said second database and utilizing said user profile information in connection with operations carried out by a user within an application.
- View Dependent Claims (19)
- - 19. The system of claim 18, further comprising means for customizing a web page that is viewed by the user by retrieving and utilizing customization information that is stored in at least one of said first database and said second database.

20. A computer-readable medium storing a plurality of instructions to be executed by a processor for managing information concerning users of a network web site which comprises a web server for providing access to various network resources, including web pages and applications, and an applications server coupled to the web server for running two or more protected applications, the plurality of instructions comprising instructions to:
- store user credentials for a plurality of users in a first database coupled to a user directory server, the user directory server storing a categoryID for at least one of the plurality of users, such that different categories of users are stored in different locations of a directory, with each category having a name, a storage context, and a search context, the storage context defining where entries are stored in the directory, and the search context defining a directory scope over which user IDs are unique, the user directory server maintaining a cache of inactive directory objects, and when a request is received for a directory object, the user directory server accesses the cache and reuses the directory objects, and when the cache is full and a directory object is released to the cache, the directory object is discarded;
  
  store user profile information for a plurality of users in a second database coupled to the user directory server;
  
  receive user login information and authenticate a user by comparing the user login information with user credentials stored in said first database;
  
  enable an authenticated user to access two or more protected applications without requiring further authentication; and
  
  add, modify, delete and retrieve said user credentials and user profile information pursuant in response to operations carried out within at least one of said applications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DataCloud Technologies, LLC (IP Investments Group LLC)
Original Assignee
Bellsouth Intellectual Property Corporation (AT&T, Inc.)
Inventors
Bass, Michael S., Kirpatrick, Mark A., Jarboe, Andre D., Morrow, Darin, Thobe, Steven
Primary Examiner(s)
Song, Hosuk
Assistant Examiner(s)
PATEL, NIRAV B

Application Number

US10/179,280
Publication Number

US 20050022006A1
Time in Patent Office

1,798 Days
Field of Search

713/155, 713/168, 713/182, 726 2- 8, 709/223, 709/229, 709217-219, 709224-226, 709/230, 715/744, 707 1- 3, 707/9, 707/10, 707/102
US Class Current

726/6
CPC Class Codes

H04L 63/0815 providing single-sign-on or...

H04L 63/102 Entity profiles

Systems and methods for managing web user information

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for managing web user information

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links