System for and methods of providing single sign-on (SSO) capability in an application publishing and/or document sharing environment
First Claim
1. A method for providing a document sharing service in combination with remote access to document applications, the method comprising:
- receiving, by a gateway service, an access request from a client device;
prompting, by the gateway service, the client device, for credentials;
authenticating, by the gateway service, the client device using the credentials;
responsive to a successful authentication, initially selecting a host computer from a plurality of host computers;
encrypting, by the gateway service, the credentials using a public key associated with the selected host computer;
transmitting, by the gateway service, the encrypted credentials to the host computer;
decrypting, by the host computer, the encrypted credentials;
authenticating, by the host computer, the client device using the decrypted credentials;
responsive to a successful authentication, starting, by the host computer, a document sharing service session for the client device;
providing, by a document sharing service, access to a plurality of other host computers hosting resources capable of processing a document, wherein processing the document includes editing capabilities;
receiving, by the document sharing service, a request from the client device, to view a document, wherein the client device lacks the necessary resources to process the document;
automatically determining, by the document sharing service, which of the other host computers hosts a resource that is capable of processing the type of document received in the client device'"'"'s request based on an access control table stored in memory that maps resources hosted by each of the plurality of host computers; and
selecting, by the document sharing service, the determined other host computer to process the client device'"'"'s request;
moving the documents to the selected other host computer; and
causing the selected other host computer to process the client device'"'"'s request with the client device.
3 Assignments
0 Petitions
Accused Products
Abstract
A client-server computing system includes a computer cluster for hosting certain resources, applications, programs, processes, files, and/or data that are published to users who are accessing the computer cluster remotely. The computer cluster includes a network of one or more host computers, a gateway server, a gateway service database, a user database, and a document database. A single sign-on (SSO) method of the disclosure includes performing a computer cluster authentication process in which a user enters his/her credentials followed by a resource authentication process and/or document sharing process in which there is no need for the user to reenter his/her credentials, having entered them already in the computer cluster authentication process.
84 Citations
19 Claims
-
1. A method for providing a document sharing service in combination with remote access to document applications, the method comprising:
-
receiving, by a gateway service, an access request from a client device; prompting, by the gateway service, the client device, for credentials; authenticating, by the gateway service, the client device using the credentials; responsive to a successful authentication, initially selecting a host computer from a plurality of host computers; encrypting, by the gateway service, the credentials using a public key associated with the selected host computer; transmitting, by the gateway service, the encrypted credentials to the host computer; decrypting, by the host computer, the encrypted credentials; authenticating, by the host computer, the client device using the decrypted credentials; responsive to a successful authentication, starting, by the host computer, a document sharing service session for the client device; providing, by a document sharing service, access to a plurality of other host computers hosting resources capable of processing a document, wherein processing the document includes editing capabilities; receiving, by the document sharing service, a request from the client device, to view a document, wherein the client device lacks the necessary resources to process the document; automatically determining, by the document sharing service, which of the other host computers hosts a resource that is capable of processing the type of document received in the client device'"'"'s request based on an access control table stored in memory that maps resources hosted by each of the plurality of host computers; and selecting, by the document sharing service, the determined other host computer to process the client device'"'"'s request; moving the documents to the selected other host computer; and causing the selected other host computer to process the client device'"'"'s request with the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for providing single sign-on (SSO) capability in an application publishing environment, the system comprising:
-
one or more host computers; a gateway service that; receives an access request from a client device; prompts the client device, for credentials; authenticates the client device using the credentials; responsive to a successful authentication, initially selects a host computer; encrypts the credentials using a public key associated with the selected host computer; transmits the encrypted credentials to the host computer; wherein the host computer; decrypts the encrypted credentials; authenticates the client device using the decrypted credentials; responsive to a successful authentication, starts a document sharing service session for the client device; and a document sharing service that; provides access to a plurality of other host computers hosting resources capable of processing a document, wherein processing the document includes editing capabilities; receives a request from the client device, to view a document, wherein said client device lacks the necessary resources to process the document; automatically determines which of the other host computers hosts a resource that is capable of processing the type of document received in the client device'"'"'s request based on an access control table stored in memory that maps resources hosted by each of the plurality of host computers; and selects the determined other host computer to process the client device'"'"'s request; moves the documents to the selected other host computer; and causes the selected other host computer to process the client device'"'"'s request with the client device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable storage medium, having embodied thereon a program executable by a processor to perform a method for providing single sign-on (SSO) capability in an application publishing environment, the method comprising:
-
receiving an access request from a client device; prompting the client device, for credentials; authenticating the client device using the credentials; responsive to a successful authentication, initially selecting a host computer; encrypting the credentials using a public key associated with the selected host computer; transmitting the encrypted credentials to the host computer; decrypting the encrypted credentials; authenticating the client device using the decrypted credentials; responsive to a successful authentication, starting a document sharing service session for the client device; providing access to a plurality of other host computers hosting resources capable of processing a document, wherein processing the document includes editing capabilities; receiving a request from the client device, to view a document, wherein said client device lacks the necessary resources to process the document; automatically determining which of the other host computers hosts a resource that is capable of processing the type of document received in the client device'"'"'s request based on an access control table stored in memory that maps resources hosted by each of the plurality of host computers; and selecting the determined other host computer to process the client device'"'"'s request; moving the documents to the selected other host computer; and causing the selected other host computer to process the client device'"'"'s request with the client device.
-
Specification