Single sign-on method for web-based applications

1. A method for single-sign on, consisting of:

• (a) accessing an access server from a browser on a client machine;
  
  after (a), (b) entering into said browser on said client machine user-specific access server logon credentials for logon and access to said access server and logging on to said access server;
  
  after (b), (c) said access server presenting to said browser on said client machine a user-specific linkpage of links to each target application of a list of previously registered target applications residing on one or more target application servers, said user-specific target application logon credentials having been previously stored in a registration database residing on a first additional server to which said access server has access, and if a target application residing on said one or more target application servers to which access is wanted exists in said list of target applications then selecting a corresponding link on said linkpage and proceeding to step (i) otherwise proceeding to step (d);
  
  after (c), (d) navigating to a setup screen of said access server and selecting said target application from a list of enabled target application enabled on said access server and presented on said setup screen;
  
  after (d), (e) said access server starting a network traffic recorder;
  
  after (e), (f) while logged onto said access server, entering user-specific target application logon credentials for logon and access to said target application on an application server of said two or more application servers, said traffic recorder recording said user-specific target application credentials;
  
  after (f), (g) said access server matching said user-specific target application credentials against predefined sets of known logon sequence types stored on a single-sign-on data base residing on a second additional server to which said access server has access and generating logon code for said target application based on network traffic recorded by said network traffic recorder and a matching logon sequence type stored in second additional server;
  
  after (g), (h) storing said logon code and said user-specific target application logon credentials for said target application in a database of said access server and adding said target application to said list of target applications and a link to said target application to said linkpage of said access server;
  
  after (h), (i) presenting to said target application by said access server said stored user-specific target application logon credentials for logon and access to said target application in a form and according to a protocol recognizable by said target application in order to log onto said target application and establish a target application session between said access server and said target application;
  
  (j) if after (i) said access server is able to log onto said target application then proceeding to step (k), otherwise;
  
  said access server requesting new user-specific target application logon credentials for said target application through said browser of said client machine;
  
  replacing said user-specific target application logon credentials for logon and access to said target application stored on said first additional server with and storing said new user-specific target application logon credentials for logon and access to said target application on said first additional server; and
  
  repeating step (h) using said new user-specific target application logon credentials instead of said user-specific target application logon credentials; and
  
  after (i) or (j), (k) establishing a target application session, bypassing said access server, between said browser of said client machine and said target application on said application server of said one more application servers.