Trusted database authentication through an untrusted intermediary
First Claim
1. A computer-implementable method for authenticating a user to a data source, comprising:
- receiving a request to provide information on behalf of a user;
requesting the submission of user authentication credentials in a desired format;
receiving the requested user authentication credentials, the user authentication credentials generated in the desired format by a security token service;
validating the received user authentication credentials with the security token service, the validation performed by a back-end service; and
providing the requested information, the providing being based on successfully validating the received user authentication credentials; and
whereinthe receiving a request to provide information is to an intermediary;
the receiving the requested user authentication credentials is from the intermediary; and
,the providing the requested information is to the intermediary; and
whereinthe intermediary comprises a mashup, the mashup combining content in various formats and from multiple sources for presentation as a Web page.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system and computer-usable medium are disclosed for validating user credentials submitted to a data source by an untrusted intermediary. An untrusted intermediary attempts to access a data source on behalf of a user. The untrusted intermediary challenges the user to provide credentials of the type and format required to access the data provided by the data source. The user'"'"'s trust client connects to an authentication service and identification credentials of the required type and format are generated. The identification credentials are conveyed to the user'"'"'s trust client, which then provides them to the user'"'"'s client, which in turn conveys them to the untrusted intermediary. The untrusted intermediary then presents the identification credentials to an authentication plug-in of the data source. The authentication plug-in validates the authenticity of the provided credentials with their associated authentication service. Once the credentials are successfully validated, the requested data is provided to the user'"'"'s client by the untrusted intermediary.
17 Citations
14 Claims
-
1. A computer-implementable method for authenticating a user to a data source, comprising:
-
receiving a request to provide information on behalf of a user; requesting the submission of user authentication credentials in a desired format; receiving the requested user authentication credentials, the user authentication credentials generated in the desired format by a security token service; validating the received user authentication credentials with the security token service, the validation performed by a back-end service; and providing the requested information, the providing being based on successfully validating the received user authentication credentials; and
whereinthe receiving a request to provide information is to an intermediary; the receiving the requested user authentication credentials is from the intermediary; and
,the providing the requested information is to the intermediary; and
whereinthe intermediary comprises a mashup, the mashup combining content in various formats and from multiple sources for presentation as a Web page. - View Dependent Claims (2, 3, 4)
-
-
5. A system comprising:
-
a processor; a data bus coupled to the processor; and a computer-usable medium embodying computer program code, the computer-usable medium being coupled to the data bus, the computer program code operable to authenticate a user to a data source and comprising instructions executable by the processor and configured for; receiving a request to provide information on behalf of a user; requesting the submission of user authentication credentials in a desired format; receiving the requested user authentication credentials, the user authentication credentials generated in the desired format by a security token service; validating the received user authentication credentials with the security token service, the validation performed by a back-end service; and providing the requested information, the providing being based on successfully validating the received user authentication credentials; and
whereinthe receiving a request to provide information is to an intermediary; the receiving the requested user authentication credentials is from the intermediary; and
,the providing the requested information is to the intermediary; and
whereinthe intermediary comprises a mashup, the mashup combining content in various formats and from multiple sources for presentation as a Web page. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer-usable medium embodying computer program code, the computer program code comprising computer executable instructions configured for:
-
receiving a request to provide information on behalf of a user; requesting the submission of user authentication credentials in a desired format; receiving the requested user authentication credentials, the user authentication credentials generated in the desired format by a security token service; validating the received user authentication credentials with the security token service, the validation performed by a back-end service; and providing the requested information, the providing being based on successfully validating the received user authentication credentials; and
whereinthe receiving a request to provide information is to an intermediary; the receiving the requested user authentication credentials is from the intermediary; and
,the providing the requested information is to the intermediary; and
whereinthe intermediary comprises a mashup, the mashup combining content in various formats and from multiple sources for presentation as a Web page. - View Dependent Claims (10, 11, 12, 13, 14)
-
Specification