Method and apparatus for accessing computers in a distributed computing environment

US 7,895,644 B1
Filed: 12/02/2005
Issued: 02/22/2011
Est. Priority Date: 12/02/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method for single sign-out in a distributed computing environment accessing a computer network comprising:

accessing at least one second application server through a first application server;

updating a first peer list coupled to the first application server with a second identity of the at least one second application server, wherein the first peer list comprises first information identifying a first one or more application servers (i) that a user has signed in to via the first application server and (ii) from which the user has signed in to the first application server;

updating a second peer list coupled to the at least one second application server with a first identity of the first application server, wherein the first identity of the is passed from the first application server to the at least one second application server and wherein the second peer list comprises second information identifying a second one or more application servers (iii) that the user has signed in to via the second application server and (iv) from which the user has signed in to the second application server; and

wherein the first and the second peer lists enable tracking of the first and the second one or more application servers that have been accessed in order to sign the user out of the first and the second one or more application servers during a single sign-out operation;

detecting a sign-out from any of the first or the at least one second application servers; and

signing-out from the first application server and the at least one second application server identified on any of the first peer list and the second peer list.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for single sign-out from one or more application servers in a distributed computing environment. A user accesses at least one second application server via a first application server. The user is able to sign-out from all the application servers to which he is connected via the first application server by signing out of any one of the signed in application servers. The single sign out procedure ensures the user does not inadvertently remain signed into the application servers when the user does not explicitly sign out of each signed in application server.

Citations

13 Claims

1. A method for single sign-out in a distributed computing environment accessing a computer network comprising:
- accessing at least one second application server through a first application server;
  
  updating a first peer list coupled to the first application server with a second identity of the at least one second application server, wherein the first peer list comprises first information identifying a first one or more application servers (i) that a user has signed in to via the first application server and (ii) from which the user has signed in to the first application server;
  
  updating a second peer list coupled to the at least one second application server with a first identity of the first application server, wherein the first identity of the is passed from the first application server to the at least one second application server and wherein the second peer list comprises second information identifying a second one or more application servers (iii) that the user has signed in to via the second application server and (iv) from which the user has signed in to the second application server; and
  
  wherein the first and the second peer lists enable tracking of the first and the second one or more application servers that have been accessed in order to sign the user out of the first and the second one or more application servers during a single sign-out operation;
  
  detecting a sign-out from any of the first or the at least one second application servers; and
  
  signing-out from the first application server and the at least one second application server identified on any of the first peer list and the second peer list.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 further comprising:
    - authenticating the first application server via an authentication server;
      
      obtaining a web credential from the authentication server; and
      
      using the web credential to access the second application server.
  - 3. The method of claim 1 further comprising:
    - detecting a sign-out from any of the first application server or the at least one second application server; and
      
      signing-out from the first application server and the at least one second application server identified on any of the first peer list and the second peer list.
  - 4. The method of claim 3 wherein signing-out is accomplished by at least one of a JavaScript or an in-line HTML frame.
  - 5. The method of claim 1 further comprising:
    - migrating the first peer list to the second application server;
      
      updating the second peer list with information obtained from the first peer list;
      
      migrating the updated second peer list to the first application server in the updated second peer list; and
      
      updating the first peer list with information obtained from the updated second peer list.
  - 6. The method of claim 5 wherein the second peer list further comprises information identifying a plurality of application servers, each being coupled to a corresponding peer list in a plurality of peer lists;
    - and where the updated second peer list is migrated to each of the plurality of application servers in the updated second peer list.
  - 7. The method of claim 5 wherein migrating the updated second peer list is accomplished by at least one of a JavaScript or an in-line HTML frame.
  - 8. The method of claim 1 wherein signing-out is accomplished by at least one of a JavaScript or an in-line HTML frame.

9. A method for performing single sign-out in a distributed computing environment comprising:
- authenticating a first application server via an authentication server;
  
  obtaining a web credential from the authentication server;
  
  using the web credential to access at least one second application server through the first application server;
  
  updating a first peer list coupled to the first application server with a second identity of the at least one second application server, wherein the first peer list comprises a first at least one identity of each application server (i) a user has signed-in to via the first application server and from where the user has signed-in to the first application server;
  
  updating a second peer list coupled to the at least one second application server with a first identity of the first application server, wherein the second peer list comprises a second at least one identity of each application server (iii) the user has signed-in to via the second application server and (iv) from where the user has signed-in to the second application server;
  
  migrating the first peer list to the at least one second application server;
  
  updating the second peer list with information obtained from the first peer list;
  
  migrating the updated second peer list to each application server in the updated second peer list wherein migrating is accomplished by at least one of a JavaScript and an in-line HTML frame; and
  
  updating the first peer list with information obtained from the updated second peer list;
  
  initiating a single sign-out operation;
  
  determining, from the first and the second peer lists, the first and the second at least one identitiessigning-out, via the single sign-out operation, from the each application server identified by the first and the second at least one identities, wherein signing-out is accomplished by at least one of a JavaScript or an in-line HTML frame.

10. An apparatus comprising:
- a first application server, wherein the first application server is coupled to a first peer list;
  
  at least one second application server, wherein the at least one second application server is coupled to a second peer list;
  
  means for accessing the at least one second application server through the first application server;
  
  means for updating the first peer list with a second identity of the at least one second application server;
  
  means for updating the second peer list with a first identity of the first application server, wherein the first peer list comprises first information identifying a first one or more application servers (i) that a user has signed in to via the first application server and (ii) from which the user has signed in to the first application server; and
  
  wherein the second peer list comprises second information identifying a second one or more application servers (iii) that the user has signed in to via the second application server and (iv) from which the user has signed in to the second application server; and
  
  wherein the first and the second peer lists enable tracking of the first and the second one or more application servers that have been accessed in order to sign the user out of the first and the second one or more application servers during a single sign-out operation;
  
  means for detecting a sign-out from any of the first application server or the at least one second application server; and
  
  means for signing-out from the first application server and the at least one second application server identified on any of the first peer list and the second peer list.
- View Dependent Claims (11, 12, 13)
- - 11. The apparatus of claim 10 further comprising:
    - means for authenticating the first application server via an authentication service;
      
      means for obtaining a web credential from the authentication service;
      
      and means for using the web credential to access the at least one second application server.
  - 12. The apparatus of claim 11 further comprising:
    - means for migrating the first peer list to the at least one second application server;
      
      means for updating the second peer list with information obtained from the first peer list;
      
      means for migrating the updated second peer list to each of at least one application server in the updated second peer list; and
      
      means for updating each peer list coupled to the at least one application server with information obtained from the updated second peer list.
  - 13. The apparatus of claim 12 further comprising:
    - means for detecting a sign-out from any of the first application server or the at least one second application server; and
      
      means for signing-out from the first application server and the at least one second application server identified on any of the first peer list and the second peer list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Operating Corporation (Gen Digital Inc.)
Inventors
Thakur, Parag, Tran, Hay M.
Primary Examiner(s)
GERGISO, TECHANE

Application Number

US11/293,664
Time in Patent Office

1,908 Days
Field of Search

726/5, 709/229
US Class Current

726/5
CPC Class Codes

G06F 21/41 where a single sign-on prov...

Method and apparatus for accessing computers in a distributed computing environment

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for accessing computers in a distributed computing environment

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links