System, method and computer program product for enabling access to a resource of a multi-tenant on-demand database service utilizing a token
First Claim
Patent Images
1. A method, comprising:
- receiving, at a first domain of a first system, a first request from a device of a user to make a resource accessible;
in response to the first request, generating, by the first system, a token that includes a time-to-live;
storing, in memory of the first system, the token;
storing, in association with the token in the memory of the first system, an identifier of the user and information to be utilized for accessing the resource;
in response to the first request, sending by the first system to the device of the user the token and an instruction to transmit the token to a second domain of a second system;
in response to the second system receiving the token through the second domain from the device of the user;
performing a look-up of the token,through the performance of the look-up, verifying that the token is stored and the token has not expired,in response to the verifying, providing, to the second system, the information to be utilized for accessing the resource that is stored in association with the token, andpermitting access to the resource via the second domain, wherein the access is permitted through use by the second system of the information.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with embodiments, there are provided mechanisms and methods for enabling access to a resource of a multi-tenant on-demand database service utilizing a token. These mechanisms and methods for enabling access to a resource of a multi-tenant on-demand database service utilizing a token can be utilized to prevent identification of a user attempting to access the resource, and thus unwanted use of the user'"'"'s identity.
-
Citations
11 Claims
-
1. A method, comprising:
-
receiving, at a first domain of a first system, a first request from a device of a user to make a resource accessible; in response to the first request, generating, by the first system, a token that includes a time-to-live; storing, in memory of the first system, the token; storing, in association with the token in the memory of the first system, an identifier of the user and information to be utilized for accessing the resource; in response to the first request, sending by the first system to the device of the user the token and an instruction to transmit the token to a second domain of a second system; in response to the second system receiving the token through the second domain from the device of the user; performing a look-up of the token, through the performance of the look-up, verifying that the token is stored and the token has not expired, in response to the verifying, providing, to the second system, the information to be utilized for accessing the resource that is stored in association with the token, and permitting access to the resource via the second domain, wherein the access is permitted through use by the second system of the information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product, comprising a non-transitory computer usable medium having a computer readable program code embodied therein, the computer readable program code adapted to be executed to cause a computer to implement a method, the method comprising:
-
receiving, at a first domain of a first system, a first request from a device of a user to make a resource accessible; in response to the first request, generating, by the first system, a token that includes a time-to-live; storing, in memory of the first system, the token; storing, in association with the token in the memory of the first system, an identifier of the user and information to be utilized for accessing the resource; in response to the first request, sending by the first system to the device of the user the token and an instruction to transmit the token to a second domain of a second system; in response to the second system receiving the token through the second domain from the device of the user; performing a look-up of the token, through the performance of the look-up, verifying that the token is stored and the token has not expired, in response to the verifying, providing, to the second system, the information to be utilized for accessing the resource that is stored in association with the token, and permitting access to the resource via the second domain, wherein the access is permitted through use by the second system of the information.
-
-
11. An apparatus, comprising:
-
a first processor of a first system for; receiving, at a first domain of the first system, a first request from a device of a user to make a resource accessible; in response to the first request, generating, by the first system, a token that includes a time-to-live; storing, in memory of the first system, the token; storing, in association with the token in the memory of the first system, an identifier of the user and information to be utilized for accessing the resource; in response to the first request, sending by the first system to the device of the user the token and an instruction to transmit the token to a second domain of a second system; in response to the second system receiving the token through the second domain from the device of the user; performing a look-up of the token, through the performance of the look-up, verifying that the token is stored and the token has not expired, in response to the verifying, providing, to the second system, the information to be utilized for accessing the resource that is stored in association with the token, and permitting access to the resource via the second domain, wherein the access is permitted through use by the second system of the information.
-
Specification