Reusable authentication experience tool
First Claim
1. A method of authenticating a user to a web site, the method comprising:
- providing, by a first server, an authentication user interface as an integrated component of a web page of a second web server different from the first server;
receiving via the authentication user interface a first piece of client authentication data;
identifying an authorized user based on the received first piece of client authentication data; and
providing an updated authentication user interface comprising additional user interface data based on the received first piece of client authentication data, wherein the updated authentication user interface is provided without refreshing the web page.
1 Assignment
0 Petitions
Accused Products
Abstract
A reusable authentication component may be integrated into a web page to communicate with an authentication server and authenticate a user to the web page. The reusable authentication component may implement a complex authentication process, including multiple user interfaces to receive multiple assurances of user identity and user confirmation of previously stored mutual authentication data. The authentication process may be performed by the authentication component without refreshing or redirecting the parent web page until completion of a successful user authentication, after which the parent web page may receive authentication data and refresh to provide user specific and/or secure user data on the web page.
159 Citations
20 Claims
-
1. A method of authenticating a user to a web site, the method comprising:
-
providing, by a first server, an authentication user interface as an integrated component of a web page of a second web server different from the first server; receiving via the authentication user interface a first piece of client authentication data; identifying an authorized user based on the received first piece of client authentication data; and providing an updated authentication user interface comprising additional user interface data based on the received first piece of client authentication data, wherein the updated authentication user interface is provided without refreshing the web page. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of authenticating a user to a web site, the method comprising:
-
receiving data corresponding to web page content from a web server; receiving data corresponding to an authentication user interface from an authentication server different from the web server; displaying a web page comprising the web page content received from the web server, wherein the authentication user interface is integrated into the displayed web page; receiving client authentication data via the authentication user interface; transmitting the client authentication data to the authentication server; after transmitting the client authentication data, receiving an authentication confirmation corresponding to a valid user from the authentication server; in response to receiving the authentication confirmation, transmitting a signal to the web server to authenticate the valid user; and receiving updated web page content from the web server corresponding to a web page for the authenticated valid user. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A computing device configured to authenticate a user to a web site, the computing device comprising:
-
a processor controlling at least some operations of the computing device; and a memory storing computer executable instructions that, when executed by the processor, cause the device to perform a method comprising; providing, by the computing device, an authentication user interface as an integrated component of a web page of a web server different from the computing device; receiving via the authentication user interface a first piece of client authentication data; identifying an authorized user based on the received first piece of client authentication data; and providing an updated authentication user interface comprising additional user interface data based on the received first piece of client authentication data, wherein the updated authentication user interface is provided without refreshing the web page. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computing device configured to authenticate a user to a web site, the computing device comprising:
-
a processor controlling at least some operations of the computing device; and a memory storing computer executable instructions that, when executed by the processor, cause the device to perform a method comprising; receiving a request for an authentication component from a web page providing by a web server and loaded on a client computer; parsing a requested set of component parameters from the request; transmitting code corresponding to an authentication widget based on the requested set of component parameters; receiving via the authentication widget a first piece of client authentication data identifying a valid user; transmitting to the authentication widget a second piece of mutual authentication data; receiving via the authentication widget a password associated with the valid user; initiating an authentication session object corresponding to the valid user; providing access to the authentication session object to the client computer via the authentication widget; and transmitting to the authentication widget data prompting the client computer to request the web server to refresh the web page and provide the web server with the data corresponding to the authentication session object.
-
Specification