Mechanism for facilitating dynamic and continuous testing of security assertion markup language credentials in an on-demand services environment
First Claim
1. A method comprising:
- receiving, by a computing device, a request, via an identity provider, to access one or more software applications hosted by a service provider in an on-demand service environment, wherein the request includes security assertions relating to at least one of an organization and a user seeking the access to the one or more software applications, wherein the user is associated with the organization;
identifying at least one of the organization and the user based on the security assertions;
dynamically and continuously performing, in runtime, testing of the security assertions at a testing cache, wherein testing includes comparing the security assertions against sample assertions relating to one or more of the organization, other organizations, and one or more access modes;
generating, based on the testing, a new code or modifying an existing code relating to the security assertions;
placing the security assertions into a testing cache prior to the testing, wherein the sample assertions include at least one of newly-received sample assertions and previously-received sample assertions relating to one or more of the organization, the other organizations, the one or more access modes; and
dynamically deploying the generated and modified codes for processing future requests for access and subsequent automatic authentications relating to one or more of the organization, the other organizations, the user, other users, and the one or more access modes.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with embodiments, there are provided mechanisms and methods for facilitating dynamic and continuous testing of security assertion markup language (SAML) credentials in an on-demand services environment. In one embodiment and by way of example, a method includes identifying, at a computing device, an organization using a SAML process in an on-demand service environment, obtaining SAML credentials relating to the identified organization, and testing the SAML credentials relating to the identified organization. The testing includes asserting a set of test credentials against the SAML credentials relating to the identified organization. The method may further include generating one or more new codes based on testing results obtained from testing.
-
Citations
11 Claims
-
1. A method comprising:
-
receiving, by a computing device, a request, via an identity provider, to access one or more software applications hosted by a service provider in an on-demand service environment, wherein the request includes security assertions relating to at least one of an organization and a user seeking the access to the one or more software applications, wherein the user is associated with the organization; identifying at least one of the organization and the user based on the security assertions; dynamically and continuously performing, in runtime, testing of the security assertions at a testing cache, wherein testing includes comparing the security assertions against sample assertions relating to one or more of the organization, other organizations, and one or more access modes; generating, based on the testing, a new code or modifying an existing code relating to the security assertions; placing the security assertions into a testing cache prior to the testing, wherein the sample assertions include at least one of newly-received sample assertions and previously-received sample assertions relating to one or more of the organization, the other organizations, the one or more access modes; and dynamically deploying the generated and modified codes for processing future requests for access and subsequent automatic authentications relating to one or more of the organization, the other organizations, the user, other users, and the one or more access modes. - View Dependent Claims (2, 3, 4)
-
-
5. A system comprising:
-
a computing device having a memory to store instructions, and a processing device, coupled with the memory, to execute the instructions, wherein the instructions cause the processing device to perform one or more operations comprising; receiving a request, via an identity provider, to access one or more software applications hosted by a service provider in an on-demand service environment, wherein the request includes security assertions relating to at least one of an organization and a user seeking the access to the one or more software applications, wherein the user is associated with the organization; identifying at least one of the organization and the user based on the security assertions; dynamically and continuously performing, in runtime, testing of the security assertions at a testing cache, wherein testing includes comparing the security assertions against sample assertions relating to one or more of organization, other organizations, and one or more access modes; generating, based on the testing, a new code or modifying an existing code relating to the security assertions; placing the security assertions into a testing cache prior to the testing, wherein the sample assertions include at least one of newly-received sample assertions and previously-received sample assertions relating to one or more of the organization, the other organizations, and the one or more access modes; and dynamically deploying the generated and modified codes for processing future requests for access and subsequent automatic authentications relating to one or more the organization, the other organizations, the user, other users and the access mode, and the one or more access modes. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory machine-readable medium having stored thereon instructions which, when executed by a machine, cause the machine to perform one or more operations comprising:
-
receiving a request, via an identity provider, to access one or more software applications hosted by a service provider in an on-demand service environment, wherein the request includes security assertions relating to at least one of an organization and a user seeking the access to the one or more software applications, wherein the user is associated with the organization; identifying at least one of the organization and the user based on the security assertions; dynamically and continuously performing, in runtime, testing of the security assertions at a testing cache, wherein testing includes comparing the security assertions against sample assertions relating to one or more of primary organization, other organizations, and one or more access modes; generating, based on the testing, a new code or modifying an existing code relating to the security assertions; placing the security assertions into a testing cache prior to the testing, wherein the sample assertions include at least one of newly-received sample assertions and previously-received sample assertions relating to one or more of the organization, the other organizations, and the one or more access modes; and dynamically deploying the generated and modified codes for processing future requests for access and subsequent automatic authentications relating to one or more the organization, the other organizations, the user, other users, and the access mode and the one or more access modes. - View Dependent Claims (10, 11)
-
Specification