Multiuse web service sign-in client side components

US 8,997,189 B2
Filed: 05/31/2013
Issued: 03/31/2015
Est. Priority Date: 08/11/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

providing an authentication interface callable via a plurality of applications to transfer a currently authenticated user account from one application to another application;

receiving through the authentication interface, a directive to transfer a currently authenticated user account associated with a first application executed on a client to a second application executable on the client; and

responsive to the directive;

comparing the currently authenticated user account associated with the first application and a user account associated with the second application;

in an event that the user account associated with the first application is the same as the user account associated with the second application, switching control between the first application and the second application without transferring authentication data; and

in an event that the user account associated with the first application is different from the user account associated with the second application, transferring the currently authenticated user account associated with the first application to the second application,wherein the authentication interface is configured to;

communicate with an authentication service via a network for each of a plurality of applications of the client to cause authentication of user accounts with respect to the plurality of applications;

responsive to the communication, receive authentication data indicative of successful authentication of a particular user account with respect to each respective application; and

responsive to a directive from a respective application, export corresponding authentication data describing the currently authenticated user account to another application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of multi-user web service sign-in client side components are presented herein. In an implementation, the currently authenticated user account of a first application of a client is transferred to another application of a client. In another implementation, a common credential store is used to share data for a plurality of user accounts associated with a client between a plurality of applications of the client, and for the applications to output multi-user interfaces having portions corresponding to the plurality of accounts.

36 Citations

View as Search Results

16 Claims

1. A method comprising:
- providing an authentication interface callable via a plurality of applications to transfer a currently authenticated user account from one application to another application;
  
  receiving through the authentication interface, a directive to transfer a currently authenticated user account associated with a first application executed on a client to a second application executable on the client; and
  
  responsive to the directive;
  
  comparing the currently authenticated user account associated with the first application and a user account associated with the second application;
  
  in an event that the user account associated with the first application is the same as the user account associated with the second application, switching control between the first application and the second application without transferring authentication data; and
  
  in an event that the user account associated with the first application is different from the user account associated with the second application, transferring the currently authenticated user account associated with the first application to the second application,wherein the authentication interface is configured to;
  
  communicate with an authentication service via a network for each of a plurality of applications of the client to cause authentication of user accounts with respect to the plurality of applications;
  
  responsive to the communication, receive authentication data indicative of successful authentication of a particular user account with respect to each respective application; and
  
  responsive to a directive from a respective application, export corresponding authentication data describing the currently authenticated user account to another application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method as recited in claim 1, wherein:
    - the first application is configured as a web browser; and
      
      the authentication interface includes a browser add-in configured to allow web pages accessed via the web browser to communicate directives such that the directives are performed by the authentication interface.
  - 3. A method as recited in claim 1, wherein comparing the currently authenticated user account associated with the first application and a user account associated with the second application includes obtaining authentication data from a common credential store configured to maintain authentication data accessible by a plurality of applications of the client.
  - 4. A method as recited in claim 3, wherein the authentication interface is configured with one or more components to:
    - provide interactions between a browser application and the common credential store; and
      
      provide interactions between one or more smart client applications and the common credential store.
  - 5. A method as recited in claim 4, wherein the interactions are limited based upon a list specifying which applications and domains are permitted to interact with the common credential store.
  - 6. A method as recited in claim 4, wherein the interactions provided include one or more of:
    - adding data to the common credential store;
      
      removing data from the common credential store;
      
      determining the currently authenticated user account of a client application;
      
      managing a user account profile;
      
      retrieving authentication data associated with an authenticated user account; and
      
      retrieving user customized data for one or more user accounts for inclusion in a user interface.
  - 7. A method as recited in claim 1, wherein at least one of the plurality of applications is a smart client application configured to provide functionality selected from the group consisting of:
    - email;
      
      instant messaging;
      
      office productivity;
      
      multimedia management;
      
      content authoring; and
      
      software development.
  - 8. A method as recited in claim 1, wherein transferring the currently authenticated user account associated with the first application to the second application includes providing authentication data associated with the currently authenticated user account associated with the first application via a network to an authentication service to authenticate the user account with respect to the second application.

9. One or more computer readable memory devices storing computer executable instructions that, when executed, direct a client to perform operations comprising:
- receiving a selection from a user of a first application, the selection indicating an interest of the user to access a second application;
  
  in response to the received selection, determining that a first user account associated with the first application differs from a second user account associated with the second application, wherein the first user account and the second user account correspond to the same user;
  
  providing access to a common credential store such that an application accessible by the client forms a user interface having representative portions for each of one or more user accounts; and
  
  transferring the first user account to the second application based at least in part on authentication data from the common credential store and the determination that the first user account differs from the second user account;
  
  wherein the authentication data includes an authentication token issued over a network to the client by an authentication service upon successful authentication of the first user account with respect to the first application and the authentication token is utilized to cause authentication of the first user account with respect to the second application.
- View Dependent Claims (10, 11)
- - 10. One or more computer readable memory devices as recited in claim 9, wherein the transferring includes providing the authentication data to the second application, such that the first user account is authenticated with respect to the second application.
  - 11. One or more computer readable memory devices as recited in claim 9, wherein the transferring includes providing the authentication data to an authentication service via a network client to authenticate the user account with respect to the second application.

12. A method comprising:
- storing in a common credential store, user account data corresponding to a plurality of user accounts associated with a client, the user account data including authentication data and account profile data associated with one or more of the user accounts; and
  
  one of a plurality of applications accessible by the client accessing the common credential store to form a user interface that includes representative portions for each of the plurality of user accounts, such that a particular representative portion includes customized information associated with a particular user account based on the account profile data associated with the particular user account; and
  
  transferring a first user account to an application among the plurality of applications based, at least in part, on the authentication data from the common credential store and a determination that the first user account differs from a second user account;
  
  wherein the user account data includes a listing of a plurality of user accounts used by the client, the list being configured to be deciphered by the application when forming the user interface to determine;
  
  a set of user accounts to represent in the user interface; and
  
  an order in which to display the corresponding portions.
- View Dependent Claims (13, 14, 15, 16)
- - 13. A method as recited in claim 12, wherein each representative portion is selectable to cause authentication to the corresponding user account.
  - 14. A method as recited in claim 12, wherein at least one representative portion displayed in the user interface corresponds to a user account which is not currently authenticated on the client.
  - 15. A method as recited in claim 12, wherein the account profile data includes one or more of:
    - a user preference;
      
      an account description;
      
      ora customized user interface element.
  - 16. A method as recited in claim 12, wherein the account profile data includes one or more of:
    - a user tile;
      
      a color scheme;
      
      a start-up location;
      
      a sound;
      
      a video;
      
      an animation;
      
      a theme;
      
      ora toggle for stored data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Lester, Erren Dusan, Chan, Kok Wai, Ayres, Lynn C., Jain, Naresh, Chen, Rui, Chow, Trevin M.
Primary Examiner(s)
Rahman, Mohammad L
Assistant Examiner(s)
CHANG, KENNETH W

Application Number

US13/907,697
Publication Number

US 20130263285A1
Time in Patent Office

669 Days
Field of Search

726/5
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/41   where a single sign-on prov...

G06F 2221/2149   Restricted operating enviro...

H04L 51/04   Real-time or near real-time...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

Multiuse web service sign-in client side components

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Multiuse web service sign-in client side components

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others