Methods and systems of using single sign-on for identification for a web server not integrated with an enterprise network
First Claim
1. A method for accessing an application on a server within an enterprise network while being protected behind a firewall, comprising:
- retrieving, by an authentication system, an authentication message comprising a user name associated with a user identification for the enterprise network, the authentication message being generated by a web server sending an authentication request response comprising a randomly generated key and receiving the authentication message which comprises the user name and encrypted password with the randomly generated key to validate the authentication message, wherein the authentication message is associated with a browser that originates the authentication message subsequent to being logged into the enterprise network via the user name authorized for use on the enterprise network, and wherein the authentication system is associated with the application server having at least partial integration with the enterprise network;
based on the user name of the authentication message, determining, by the authentication system, that an application login account has not been generated for a data store of the authentication system, wherein the application login account is associated with the user identification for the enterprise network and comprises an application user name corresponding to the user name of the authentication message;
retrieving, by the authentication system from a user data store behind the firewall, an enterprise login account for the enterprise network to generate the application login account for the data store of the authentication system;
authenticating, by the authentication system, the user name with the application login account;
providing, by the authentication system, access to the application on the server within the enterprise network based on the authentication; and
generating, by the authentication system, at least one application metric based on at least one application data point that is associated with access to the application on the server, the application metric comprising at least one of a frequency that access to the application is successfully attempted, a frequency that a particular user name successfully attempts access to the application, a total number of successful access attempts to the application, or a total number of successful access attempts to the application by a particular user name.
6 Assignments
0 Petitions
Accused Products
Abstract
A method for accessing, using an authentication system, an application server within an enterprise network is disclosed. The method comprises retrieving an authentication message comprising a user name, wherein the authentication system is associated with the application server. The method comprises determining that a login account is not stored in a data store of the authentication system, wherein the login account is associated with a user identification and comprises a user name that matches the user name of the authentication message. The method comprises retrieving a login account from a user data store to generate a login account in the data store associated with the authentication system, wherein the login account is associated with the user name. The method comprises authenticating the user name with the login account. The method comprises providing to a user associated with the user name, access based on the authentication to the project server.
68 Citations
18 Claims
-
1. A method for accessing an application on a server within an enterprise network while being protected behind a firewall, comprising:
-
retrieving, by an authentication system, an authentication message comprising a user name associated with a user identification for the enterprise network, the authentication message being generated by a web server sending an authentication request response comprising a randomly generated key and receiving the authentication message which comprises the user name and encrypted password with the randomly generated key to validate the authentication message, wherein the authentication message is associated with a browser that originates the authentication message subsequent to being logged into the enterprise network via the user name authorized for use on the enterprise network, and wherein the authentication system is associated with the application server having at least partial integration with the enterprise network; based on the user name of the authentication message, determining, by the authentication system, that an application login account has not been generated for a data store of the authentication system, wherein the application login account is associated with the user identification for the enterprise network and comprises an application user name corresponding to the user name of the authentication message; retrieving, by the authentication system from a user data store behind the firewall, an enterprise login account for the enterprise network to generate the application login account for the data store of the authentication system; authenticating, by the authentication system, the user name with the application login account; providing, by the authentication system, access to the application on the server within the enterprise network based on the authentication; and generating, by the authentication system, at least one application metric based on at least one application data point that is associated with access to the application on the server, the application metric comprising at least one of a frequency that access to the application is successfully attempted, a frequency that a particular user name successfully attempts access to the application, a total number of successful access attempts to the application, or a total number of successful access attempts to the application by a particular user name. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for accessing a server within an enterprise network is protected behind a firewall, the system comprising:
-
a user data store comprising a plurality of enterprise login accounts that each comprise a user name and encrypted password; a server coupled to at least one processor and a non-transitory memory storing an application that configures the at least one processor upon execution, wherein the server is accessed by a terminal via the enterprise network, the terminal being associated with a browser that originates an authentication message subsequent to being logged into the enterprise network via a user name authorized for use on the enterprise network; and an authentication system comprising a data store having non-transitory memory, that is configured to store one or more application login accounts, wherein the authentication system is coupled to the server and configures the at least one processor to; retrieve the authentication message comprising the user name that is associated with a user identification for the enterprise network, wherein the authentication system is associated with the application executable on the server, the authentication message being generated by a web server sending an authentication request response comprising a randomly generated key and receiving the authentication message which comprises the user name and encrypted password with the randomly generated key to validate the authentication message, determine that an application login account is not stored in the data store of the authentication system, wherein the application login account is associated with the user identification and comprises an application user name that matches the user name of the authentication message; retrieve an enterprise login account from a user data store to generate the application login account for the data store based on the enterprise login account; authenticate the user name with the application login account; provide, to the terminal associated with the user name, access to the application on the server based on the authentication; and generate at least one application metric based on at least one application data point that is associated with access to the application on the server, the application metric comprising at least one of a frequency that access to the application is successfully attempted, a frequency that a particular user name successfully attempts access to the application, a total number of successful access attempts to the application, or a total number of successful access attempts to the application by a particular user name. - View Dependent Claims (10)
-
-
11. A method of tracking access of an application on a server from within an enterprise network behind a firewall, comprising:
-
retrieving, by an authentication system coupled to the enterprise network and the server, an authentication message that comprises a user name, wherein the authentication system is associated with the application that is among a plurality of applications coupled to the enterprise network, wherein each of the plurality of applications being associated with a different authentication system, wherein the authentication message is generated by a web server sending an authentication request response comprising a randomly generated key and receiving the authentication message which comprises the user name and encrypted password with the randomly generated key to validate the authentication message, and wherein the authentication message is associated with a browser that originates the authentication message subsequent to being logged into the enterprise network via the user name authorized for use on the enterprise network; determining, by the authentication system, that an application login account is not stored in a data store of the authentication system, wherein the application login account is associated with a user identification of the enterprise network and comprises an application user name that matches the user name of the authentication message; retrieving, by the authentication system, an enterprise network login account from a user data store to generate the application login account in the data store of the authentication system, wherein the enterprise network login account is associated with the user name of the authentication message; authenticating, by the authentication system, the user name with the application login account, wherein authenticating comprises achieving a successful access attempt to the application on the server; recording, by the authentication system, one or more application data points tare associated with each successful access attempt to the application on the server; and based on the one or more application data points, generating, by the authentication system, one or more application metrics that comprise at least one of the frequency that access to the application is successfully attempted, the frequency that a particular user name successfully attempts access to the application the total number of successful access attempts to the application, and the total number of successful access attempts to the application by a particular user name. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
Specification