System and method for third party authentication of web-based print-on-demand requests
First Claim
1. A method for allowing users of third party vendors to access print shop applications without separate authentication, comprising the steps of:
- a. a third party vendor server, in response to a user'"'"'s access to a third party vendor'"'"'s server or web-site, creating a query-string including a first part containing identification information of the third party vendor encrypted with a master key shared by all third party vendors and a second part containing authentication information of the user of the third party vendor encrypted with a private key assigned only to the third party vendor, the query-string being contained in an inline frame;
b. a print shop server, upon receiving the encrypted query-string sent from a server of the third party vendor server to the print shop server, decrypting the first part of the query-string with the masker key to ascertain the identification information of the third party vendor;
c. the print shop server, based on identification of the third party vendor obtained from decrypting the first part of the query-string, identifying the private key assigned to the third party vendor, and retrieving the private key assigned to the third party vendor;
d. the print shop server decrypting the second part of the query-string with the private key assigned to the third party vendor to ascertain the authentication information of the user of the third party vendor;
e. the print shop server, based on identification of the user obtained from decrypting the second part of the query-string, determining whether the user has an existing account on the print shop server; and
f. the print shop server automatically logging the user into the print shop server after it is determined that the user has an existing account so that the user may access and use any print-on-demand applications on the print shop server without manually inputting user authentication information on the print shop server.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and program implement a process for allowing users of third party vendors to access print shop applications without separate authentication. The process includes the steps of creating a query-string having identification information of a third party vendor and authentication information of a user of the third party vendor. The query-string is created in response to the user'"'"'s access to the third party vendor'"'"'s web-site, and is contained in an inline frame and encrypted. Upon receiving the encrypted query-string sent from a third party vendor server to a print shop server, the query-string is decrypted. It is then determined whether the user has an existing account on the print shop server. If the user has an existing account, the user is automatically logged into the print shop server so that the user may access and use any print-on-demand applications on the print shop server without manually inputting user authentication information on the print shop server.
-
Citations
23 Claims
-
1. A method for allowing users of third party vendors to access print shop applications without separate authentication, comprising the steps of:
-
a. a third party vendor server, in response to a user'"'"'s access to a third party vendor'"'"'s server or web-site, creating a query-string including a first part containing identification information of the third party vendor encrypted with a master key shared by all third party vendors and a second part containing authentication information of the user of the third party vendor encrypted with a private key assigned only to the third party vendor, the query-string being contained in an inline frame; b. a print shop server, upon receiving the encrypted query-string sent from a server of the third party vendor server to the print shop server, decrypting the first part of the query-string with the masker key to ascertain the identification information of the third party vendor; c. the print shop server, based on identification of the third party vendor obtained from decrypting the first part of the query-string, identifying the private key assigned to the third party vendor, and retrieving the private key assigned to the third party vendor; d. the print shop server decrypting the second part of the query-string with the private key assigned to the third party vendor to ascertain the authentication information of the user of the third party vendor; e. the print shop server, based on identification of the user obtained from decrypting the second part of the query-string, determining whether the user has an existing account on the print shop server; and f. the print shop server automatically logging the user into the print shop server after it is determined that the user has an existing account so that the user may access and use any print-on-demand applications on the print shop server without manually inputting user authentication information on the print shop server. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for allowing users of third party vendors to access print-on-demand applications without separate authentication comprising at least one data processing apparatus having a non-transitory memory storing a computer software program and a processor executing the computer software program, wherein the computer software program includes program code configured to cause the at least one data processing apparatus to execute a process which comprises the steps of:
-
a. a third party vendor server, in response to a user'"'"'s access to a third party vendor'"'"'s server or web-site, creating a query-string including a first part containing identification information of the third party vendor encrypted with a master key shared by all third party vendors and a second part containing authentication information of the user of the third party vendor encrypted with a private key assigned only to the third party vendor, the query-string being contained in an inline frame; b. a print shop server, upon receiving the encrypted query-string sent from the third party vendor server to the print shop server, decrypting the first part of the query-string with the master key to ascertain the identification information of the third party vendor; c. the print shop server, based on identification of the third party vendor obtained from decrypting the first part of the query-string, identifying the private key assigned to the third party vendor, and retrieving the private key assigned to the third party vendor; d. the print shop server decrypting the second part of the query-string with the private key assigned to the third party vendor to ascertain the authentication information of the user of the third party vendor; e. the print shop server, based on identification of the user obtained from decrypting the second part of the query-string, determining whether the user has an existing account on the print shop server; and f. the print shop server automatically logging the user into the print shop server after it is determined that the user has an existing account so that the user may access and use any print-on-demand applications on the print shop server without manually inputting user authentication information on the print shop server. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer software program product having a computer readable program code embedded in a computer usable non-transitory storage medium for controlling at least one data processing apparatus, the computer readable program code configured to cause the at least one data processing apparatus to execute a process which comprises the steps of:
-
a. a third party server, in response to a user'"'"'s access to a third party vendor'"'"'s server or web-site, creating a query-string including a first part containing identification information of the third party vendor encrypted with a master key shared by all third party vendors and a second part containing authentication information of the user of the third party vendor encrypted with a private key assigned to the third party vendor, the query-string being contained in an inline frame; b. a print shop server, upon receiving the encrypted query-string sent from the third party vendor server to the print shop server, decrypting the first part of the query-string with the master key to ascertain the identification information of the third party vendor; c. the print shop server, based on identification of the third party vendor obtained from decrypting the first part of the query-string, identifying the private key assigned to the third party vendor, and retrieving the private key assigned to the third party vendor; d. the print shop server decrypting the second part of the query-string with the private key assigned to the third party vendor to ascertain the authentication information of the user of the third party vendor; e. the print shop server, based on identification of the user obtained from decrypting the second part of the query-string, determining whether the user has an existing account on the print shop server; and f. the print shop server automatically logging the user into the print shop server after it is determined that the user has an existing account so that the user may access and use any print-on-demand applications on the print shop server without manually inputting user authentication information on the print shop server. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
Specification