×

Federated identity management within a distributed portal server

  • US 7,346,923 B2
  • Filed: 11/21/2003
  • Issued: 03/18/2008
  • Est. Priority Date: 11/21/2003
  • Status: Expired due to Fees
First Claim
Patent Images

1. A computer-implemented method of providing cross-domain authentication in a computing environment, comprising:

  • providing security credentials of an entity to an initial point of contact that provides content aggregation in the computing environment;

    passing the provided credentials from the initial point of contact to a local trust proxy in a local security domain of the initial point of contact;

    authenticating the entity with an authentication service in the local security domain, using the passed credentials, for accessing content from at least one local content service, each of the at least one local content services operable to provide its content from the local security domain for aggregation, by the initial point of contact, in an aggregated view;

    responsive to a successful outcome of the authenticating, forwarding an authentication assertion for the successful outcome to a remote trust proxy in each of at least one selected remote security domains, the authentication assertion comprising an identification of the entity;

    using the identification from the authentication assertion, by the remote trust proxy in each of the at least one selected remote security domains, to locate previously-stored security credentials usable for authenticating the entity in that remote security domain, wherein the located security credentials usable for authenticating the entity in at least one of the selected remote security domains differ from the security credentials of the entity provided to the initial point of contact; and

    authenticating the entity with an authentication service in each of the at least one selected remote security domains, using the located security credentials usable for authenticating the entity in that remote security domain, for accessing other content from at least one remote content service that is operable in that remote security domain to provide its content from that remote security domain for aggregation, by the initial point of contact, in the aggregated view.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×