Methods, apparatuses and systems facilitating seamless, virtual integration of online membership models and services
First Claim
1. An apparatus facilitating integration of separate online services, comprisinga session state module operative togenerate session identifiers in response to requests for a session identifier;
- maintain session state information in association with the session identifiers, wherein the session state information comprises a user identifier;
a server module operative toreceive requests for session identifiers from a third-party site, wherein the third-party requests include user identifiers;
authenticate the requests for session identifiers;
access the session state module to obtain session identifiers for authenticated requests;
transmit the session identifiers to the third-party site in response to the requests for session identifiers;
receive requests from users, wherein the requests include session identifiers transmitted to the third-party sites;
control access to resources available to the users by validating the session identifiers in the requests from users against the session state information maintained by the session state module;
wherein the requests for a session identifier are transmitted indirectly via a host system corresponding to a user of the third-party site; and
wherein the requests for session identifiers include a digital signatures created with an encryption key associated with the third-party site; and
wherein the server module is operative to authenticate the requests for session identifiers by validating the digital signature.
6 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatuses and systems facilitating integration of the functionality associated with a first on-line service entity with the functionality associated with a second on-line service entity. Embodiments of the present invention allow a first on-line service entity having its own membership model to efficiently collaborate with a second on-line service entity to offer its users the services of the second on-line service entity in a seamless and consistently branded manner. One implementation obviates the need for synchronization of the membership models between the first and second on-line service entities. One implementation allows the second on-line service entity to provide services to the users associated with the first on-line service entity in a seamless manner without the first on-line service entity having to proxy the session between the second on-line service entity and the users.
94 Citations
15 Claims
-
1. An apparatus facilitating integration of separate online services, comprising
a session state module operative to generate session identifiers in response to requests for a session identifier; -
maintain session state information in association with the session identifiers, wherein the session state information comprises a user identifier; a server module operative to receive requests for session identifiers from a third-party site, wherein the third-party requests include user identifiers; authenticate the requests for session identifiers; access the session state module to obtain session identifiers for authenticated requests; transmit the session identifiers to the third-party site in response to the requests for session identifiers; receive requests from users, wherein the requests include session identifiers transmitted to the third-party sites; control access to resources available to the users by validating the session identifiers in the requests from users against the session state information maintained by the session state module; wherein the requests for a session identifier are transmitted indirectly via a host system corresponding to a user of the third-party site; and wherein the requests for session identifiers include a digital signatures created with an encryption key associated with the third-party site; and
wherein the server module is operative to authenticate the requests for session identifiers by validating the digital signature. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method facilitating integration of separate online services, comprising
receiving, at a server, a request for a session identifier from a third-party site, wherein the request includes a user identifier and a third-party site identifier; -
validating the request for a session identifier; if the request for a session identifier is valid, creating a session and a session identifier in a session state database; returning the session identifier to the third-party web sites; receiving a request from a host system corresponding to a user, the request including the session identifier returned to the third-party web site; verifying the session identifier against the session information maintained in the session state database; and allowing the user access to functionality available through the server, if the session identifier is valid wherein allowing the user access comprises creating a user account corresponding to the user, wherein the user account is tagged with the third party site identifier. - View Dependent Claims (11, 12, 13, 14, 15)
-
Specification