Method and apparatus for integrating distributed shared services system

US 7,865,613 B2
Filed: 12/18/2008
Issued: 01/04/2011
Est. Priority Date: 02/01/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method of providing a distributed application services integration system, the method comprising the steps of:

providing a configuration file which resides in a central server, the configuration file containing a list of cookie fields that may be read, or written to, by a first application or a second application;

receiving a first indication of a user pointing a browser to the first application residing in the central server, the browser residing in a client terminal;

receiving a cookie file of the browser corresponding to the user;

providing the first application with read and write access to the cookie file as determined by the list of cookie fields;

receiving a second indication of the user pointing the browser to the second application residing in the same domain as the central server; and

providing the second application with read and write access to the cookie file as determined by the list of cookie fields.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method and apparatus for integrating distributed shared services system which integrates web based applications with each other and with other centralized application to provide a single sign-on approach for authentication and authorization services for distributed web sites requiring no access time back to the authentication/authorization server is provided.

Citations

12 Claims

1. A method of providing a distributed application services integration system, the method comprising the steps of:
- providing a configuration file which resides in a central server, the configuration file containing a list of cookie fields that may be read, or written to, by a first application or a second application;
  
  receiving a first indication of a user pointing a browser to the first application residing in the central server, the browser residing in a client terminal;
  
  receiving a cookie file of the browser corresponding to the user;
  
  providing the first application with read and write access to the cookie file as determined by the list of cookie fields;
  
  receiving a second indication of the user pointing the browser to the second application residing in the same domain as the central server; and
  
  providing the second application with read and write access to the cookie file as determined by the list of cookie fields.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the first and second applications each includes one or more predetermined resources.
  - 3. The method of claim 1, wherein the predetermined resources include one or more of a web page, a CGI script and a java servlet.
  - 4. The method of claim 1, further comprising:
    - comparing the cookie file to one or more of predetermined parameters, wherein the predetermined parameters include a user identification information, a user event access history information, and a user access level information; and
      
      updating the cookie file based on the comparing step.

5. A method of providing a distributed application services integration system, the method comprising the steps of:
- receiving a first indication of a user pointing a browser to a first application residing in a central server, the browser residing in a client terminal;
  
  receiving a cookie file of the browser corresponding to the user;
  
  providing the first application with read and write access to the cookie file;
  
  receiving a second indication of the user pointing the browser to a second application residing in the same domain as the central server;
  
  providing the second application with read and write access to the cookie file; and
  
  providing a configuration file which resides in the central server, the configuration file containinga list of cookie fields that may be read, or written to, by a particular application, anda list of user events that take place for which the cookie file needs to be updated;
  
  wherein the providing the first application with read and write access to the cookie file comprises providing the first application with access to a first set of cookie fields of the cookie file as determined by the list of cookie fields, andwherein the providing the second application with read and write access to the cookie file comprises providing the second application with access to a second set of cookie fields of the cookie file as determined by the list of cookie fields.

6. A method of providing a distributed application services integration system, the method comprising the steps of:
- receiving a first indication of a user pointing a browser to a first application residing in a central server, the browser residing in a client terminal;
  
  receiving a cookie file of the browser corresponding to the user;
  
  providing the first application with read and write access to the cookie file;
  
  receiving a second indication of the userpointing the browser to a second application residing in the same domain as the central server;
  
  providing the second application with read and write access to the cookie file;
  
  providing a configuration file which resides in the central server, the configuration file containinga list of cookie fields that may be read, or written to, by a particular application, anda list of user events that take place for which the cookie file needs to be updated;
  
  wherein the providing the first application with read and write access to the cookie file comprises providing the first application with access to a first set of cookie fields of the cookie file as determined by the list of cookie fields, andwherein the providing the second application with read and write access to the cookie file comprises providing the second application with access to a second set of cookie fields of the cookie file as determined by the list of cookie fields,wherein the cookie file is encrypted, the method further comprisingpushing to the configuration file a list of key IDs;
  
  receiving a first key ID along with the cookie file;
  
  looking up the first key ID in the configuration file;
  
  decrypting the cookie file using the first key ID; and
  
  purging expired key IDs from the list of Key IDs.
- View Dependent Claims (7)
- - 7. The method of claim 6, further comprising verifying that the first key ID has been successfully uploaded.

8. A method of providing a distributed application services integration system, the method comprising the steps of:
- providing, to a central server, an application which transmits user event data to an application interface library residing in the central server;
  
  providing, to the central server, a configuration file containing a list of cookie fields that may be read, or written to, by the application,wherein the application interface library determines whether the user event data is a first type of event data which requires real time communication to other applications of the system as provided by a change to a field in a cookie file as determined by the list of cookie fields, the cookie file residing in a client terminal, and the application interface library determines whether the user event data is a second type of event data which does not require real time communication to other applications of the system;
  
  updating the field in the cookie file where the user event data is determined to be a first type of event data; and
  
  transmitting the user event data as a message where the user event data is deteimined to be a second type of event data.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of claim 8, wherein the message is transmitted through a queue of a message queuing middleware residing in the central server.
  - 10. The method of claim 9, further including:
    - encrypting the user event data where the user event data is determined to be the second type of event data, prior to transmitting the user event data as a message through the queue of the message queuing middleware.
  - 11. The method of claim 8, wherein the first type of event data includes user identification and further wherein the second type of event data includes data to be sent by e-mail.
  - 12. The method of claim 8, wherein a message broker, residing in the same domain as the central server, receives the message and determines, based on the content of the message, which other applications or data stores in the central server domain need to receive it.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Charles Schwab & Company Incorporated (Charles Schwab Corporation)
Original Assignee
Charles Schwab & Company Incorporated (Charles Schwab Corporation)
Inventors
Lerner, Jack Lawrence
Primary Examiner(s)
EL CHANTI, HUSSEIN A

Application Number

US12/338,034
Publication Number

US 20090100131A1
Time in Patent Office

747 Days
Field of Search

709/217, 709/227, 709/228, 709/238, 709/240
US Class Current

709/240
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

H04L 69/329   in the application layer [O...

Method and apparatus for integrating distributed shared services system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for integrating distributed shared services system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links