Method and apparatus to auto-login to a browser application launched from an authenticated client application

US 8,863,248 B2
Filed: 04/07/2011
Issued: 10/14/2014
Est. Priority Date: 04/07/2011
Status: Active Grant

First Claim

Patent Images

1. A method to facilitate access to a target resource from a non-browser based client application having an associated server application, wherein a credential is associated with the non-browser based client application, comprising:

receiving a first request, the request including the credential;

caching the credential at a location identified by a one-time-use key;

returning a response to the first request that includes a data string that includes the one-time-use key;

receiving a second request directed to the target resource, the second request having been generated by a browser launched by the non-browser based client application, the browser being co-located with the non-browser based client application;

retrieving the credential from the location identified by the one-time-use key; and

setting the retrieved credential in a cookie and returning to the browser a response to the second request that includes the cookie and a redirect to the target resource;

wherein the credential is automatically passed from the non-browser based client application to the browser and without requiring an additional browser-based login to the target resource.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique for automated login to a browser application from a non-browser based client application begins upon the end user taking an action to access a target resource. A credential is associated with the client application as a result of a prior login operation. The technique is implemented in a server application associated with the client application. It enables automatic and secure passing of the client application credential to the counterpart browser application that is launched by the client application.

15 Citations

View as Search Results

26 Claims

1. A method to facilitate access to a target resource from a non-browser based client application having an associated server application, wherein a credential is associated with the non-browser based client application, comprising:
- receiving a first request, the request including the credential;
  
  caching the credential at a location identified by a one-time-use key;
  
  returning a response to the first request that includes a data string that includes the one-time-use key;
  
  receiving a second request directed to the target resource, the second request having been generated by a browser launched by the non-browser based client application, the browser being co-located with the non-browser based client application;
  
  retrieving the credential from the location identified by the one-time-use key; and
  
  setting the retrieved credential in a cookie and returning to the browser a response to the second request that includes the cookie and a redirect to the target resource;
  
  wherein the credential is automatically passed from the non-browser based client application to the browser and without requiring an additional browser-based login to the target resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method as described in claim 1 wherein the first request is a request for a one-time-use URL.
  - 3. The method as described in claim 1 wherein the one-time-use key is generated as a function of the credential and an address associated with the client application.
  - 4. The method as described in claim 1 wherein the data string is a URL-template.
  - 5. The method as described in claim 1 further including using information in the second request to re-generate the one-time-use key.
  - 6. The method as described in claim 1 wherein the response to the second request is an HTML snippet that includes an HTTP 302 as the redirect.
  - 7. The method as described in claim 1 further including removing the credential from the location identified by the one-time-use key following the step of retrieving the credential.
  - 8. The method as described in claim 1 further including invalidating the one-time-use key if the second request is not received within a specific time period, or upon receiving a third request prior to the setting step, the third request including the credential and seeking access to another target resource.

9. Apparatus to facilitate access to a target resource from a non-browser based client application having an associated server application, wherein a credential is associated with the non-browser based client application, comprising:
- a processor;
  
  computer memory holding computer program instructions that when executed by the processor perform a method comprising;
  
  receiving a first request, the request including the credential;
  
  caching the credential at a location identified by a one-time-use key;
  
  returning a response to the first request that includes a data string that includes the one-time-use key;
  
  receiving a second request directed to the target resource, the second request having been generated by a browser launched by the non-browser based client application, the browser being co-located with the non-browser based client application;
  
  retrieving the credential from the location identified by the one-time-use key; and
  
  setting the retrieved credential in a cookie and returning to the browser a response to the second request that includes the cookie and a redirect to the target resource;
  
  wherein the credential is automatically passed from the non-browser based client application to the browser and without requiring an additional browser-based login to the target resource.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The apparatus as described in claim 9 wherein the first request is a request for a one-time-use URL.
  - 11. The apparatus as described in claim 9 wherein the one-time-use key is generated as a function of the credential and an address associated with the client application.
  - 12. The apparatus as described in claim 9 wherein the data string is a URL-template.
  - 13. The apparatus as described in claim 9 wherein the method further includes using information in the second request to re-generate the one-time-use key.
  - 14. The apparatus as described in claim 9 wherein the response to the second request is an HTML snippet that includes an HTTP 302 as the redirect.
  - 15. The apparatus as described in claim 9 wherein the method further includes removing the credential from the location identified by the one-time-use key following the step of retrieving the credential.
  - 16. The apparatus as described in claim 9 wherein the method further includes invalidating the one-time-use key if the second request is not received within a specific time period, or upon receiving a third request prior to the setting step, the third request including the credential and seeking access to another target resource.

17. A computer program product in a non-transitory computer readable medium for use in a data processing system to facilitate access to a target resource from a non-browser based client application having an associated server application, wherein a credential is associated with the non-browser based client application, the computer program product holding computer program instructions which, when executed by the data processing system, perform a method comprising:
- receiving a first request, the request including the credential;
  
  caching the credential at a location identified by a one-time-use key;
  
  returning a response to the first request that includes a data string that includes the one-time-use key;
  
  receiving a second request directed to the target resource, the second request having been generated by a browser launched by the non-browser based client application, the browser being co-located with the non-browser based client application;
  
  retrieving the credential from the location identified by the one-time-use key; and
  
  setting the retrieved credential in a cookie and returning to the browser a response to the second request that includes the cookie and a redirect to the target resource;
  
  wherein the credential is automatically passed from the non-browser based client application to the browser and without requiring an additional browser-based login to the target resource.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The computer program product as described in claim 17 wherein the first request is a request for a one-time-use URL.
  - 19. The computer program product as described in claim 17 wherein the one-time-use key is generated as a function of the credential and an address associated with the client application.
  - 20. The computer program product as described in claim 17 wherein the data string is a URL-template.
  - 21. The computer program product as described in claim 17 wherein the method further includes using information in the second request to re-generate the one-time-use key.
  - 22. The computer program product as described in claim 17 wherein the response to the second request is an HTML snippet that includes an HTTP 302 as the redirect.
  - 23. The computer program product as described in claim 17 wherein the method further includes removing the credential from the location identified by the one-time-use key following the step of retrieving the credential.
  - 24. The computer program product as described in claim 17 wherein the method further includes invalidating the one-time-use key if the second request is not received within a specific time period, or upon receiving a third request prior to the setting step, the third request including the credential and seeking access to another target resource.

25. A method to facilitate access to a target resource from a non-browser based client application having an associated server application, wherein a credential is associated with the non-browser based client application, comprising:
- generating a first request for a one-time-use URL;
  
  forwarding the first request, together with the credential, to the server application;
  
  upon receipt from the server application of a data string that includes a one-time-use key, launching a browser, the browser being co-located with the non-browser based client application;
  
  directing a second request from the browser to the server application, the second request including data from which the one-time-use key can be re-generated; and
  
  upon receipt by the browser from the server application of a response to the second request, setting a cookie that includes the credential and redirecting the browser to the target resource;
  
  wherein the credential is automatically passed from the non-browser based client application to the browser and without requiring an additional browser-based login to the target resource.
- View Dependent Claims (26)
- - 26. The method as described in claim 25 wherein the second request includes the credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Wendt, David Mark, Kubik, Joseph
Primary Examiner(s)
Kim, Jung
Assistant Examiner(s)
Jamshidi, Ghodrat

Application Number

US13/081,562
Publication Number

US 20120260321A1
Time in Patent Office

1,286 Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/0838   using one-time-passwords

H04L 63/168   above the transport layer

H04L 67/02   based on web technology, e....

H04L 9/0863   involving passwords or one-...

Method and apparatus to auto-login to a browser application launched from an authenticated client application

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus to auto-login to a browser application launched from an authenticated client application

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links