System and method for providing access credentials
First Claim
1. A method of providing access credentials associated with a user of a first terminal to a service server comprising a service, the method comprising:
- receiving, at a proxy server, from the first terminal, a request to establish a first data connection, the request including user identification data;
identifying, at the proxy server, authentication credentials associated with the user of the first terminal;
verifying, at the proxy server, the received user identification data based on the identified authentication credentials associated with the user of the first terminal;
establishing, at the proxy server, the first data connection with the first terminal based on verifying the received user identification data;
establishing, at the proxy server, a second data connection with the service server after verifying the received user identification data;
bridging, at the proxy server, the first data connection and the second data connection in order to establish a first communications session using a first communications protocol between the first terminal and the service server;
establishing, at the proxy server, a second communications session using a second communications protocol between the proxy server and the service server;
receiving, at the proxy server from the service server, via the second communications session, a request for access credentials associated with the user, the request including information received by the service server via the first communications session, wherein the access credentials associated with the user are different from the user identification data;
identifying, at the proxy server, the access credentials associated with the user based on the information received by the service server; and
transmitting, from the proxy server to the service server, the identified access credentials via the second communications session.
6 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of the invention are concerned with providing access credentials associated with a user of a service to a server hosting the service, e.g. enabling single sign on by the user to a number of servers.
The embodiments include functionality for establishing a first data connection with a terminal associated with the user and a second data connection with the server, and bridging the first and second data connections in order to establish a first communications session, using a first communications protocol, between the terminal and the server. A second communications session, using a second communications protocol, is also established with the server, via which a request for access credentials associated with the user is received. This request includes information received by the server in the first communications session, which is used to identify access credentials of the user that are transmitted to the server via the second communications session.
22 Citations
23 Claims
-
1. A method of providing access credentials associated with a user of a first terminal to a service server comprising a service, the method comprising:
-
receiving, at a proxy server, from the first terminal, a request to establish a first data connection, the request including user identification data; identifying, at the proxy server, authentication credentials associated with the user of the first terminal; verifying, at the proxy server, the received user identification data based on the identified authentication credentials associated with the user of the first terminal; establishing, at the proxy server, the first data connection with the first terminal based on verifying the received user identification data; establishing, at the proxy server, a second data connection with the service server after verifying the received user identification data; bridging, at the proxy server, the first data connection and the second data connection in order to establish a first communications session using a first communications protocol between the first terminal and the service server; establishing, at the proxy server, a second communications session using a second communications protocol between the proxy server and the service server; receiving, at the proxy server from the service server, via the second communications session, a request for access credentials associated with the user, the request including information received by the service server via the first communications session, wherein the access credentials associated with the user are different from the user identification data; identifying, at the proxy server, the access credentials associated with the user based on the information received by the service server; and transmitting, from the proxy server to the service server, the identified access credentials via the second communications session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system comprising:
-
at least one processor; and at least one memory including computer-executable code and authentication credentials, wherein the processor is configured to execute the computer-executable code and cause the system to; receive, from a terminal, a request to establish a first data connection, the request including user identification data; identify authentication credentials associated with the user of the terminal; verify the received user identification data based on the identified authentication credentials associated with the user of the terminal; establish the first data connection with the terminal based on verifying the received user identification data; establish a second data connection with a service server after verifying the received user identification data; bridge the first data connection and the second data connection in order to establish a first communications session using a first communications protocol between the terminal and the service server; establish a second communications session using a second communications protocol with the service server; receive, from the service server, via the second communications session, a request for access credentials associated with the user, the request including information received by the service server via the first communications session, wherein the access credentials associated with the user are different from the user identification data; identify the access credentials based on the information received by the service server; and transmit to the service server the identified access credentials via the second communications session. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A proxy server for providing access credentials associated with a user of terminal to a service server, the proxy server comprising a processing system and a communications interface, wherein the proxy server is configured to:
-
receive, from a terminal, via the communications interface, a request to establish a first data connection, the request including user identification data; identify authentication credentials associated with the user of the terminal; verify the received user identification data based on the identified authentication credentials associated with the user of the terminal establish the first data connection with the terminal via the communications interface based on verifying the received user identification data; establish a second data connection with the service server via the communications interface after verifying the received user identification data; bridge the first data connection and the second data connection in order to establish a first communications session using a first communications protocol between the terminal and the service server; establish a second communications session using a second communications protocol with the service server via the communications interface; receive, from the service server, via the communications interface, via the second communications session, a request for access credentials associated with the user, the request including information received by the service server via the first communications session, wherein the access credentials associated with the user are different from the user identification data; identify the access credentials based on the information received from the service server; and transmit, to the service server via the communications interface, the identified access credentials via the second communications session.
-
-
21. A computer program product comprising a non-transitory, computer-readable storage medium having computer readable instructions stored thereon, the computer readable instructions being executable by a proxy server to cause the proxy server to perform a method of providing access to credentials associated with a user of a terminal to a service server hosting a service, the method comprising:
-
receiving, at the proxy server, from the terminal, a request to establish a first data connection, the request including user identification data; identifying, at the proxy server, authentication credentials associated with the user of the terminal; verifying, at the proxy server, the received user identification data based on the identified authentication credentials associated with the user of the terminal; establishing, at the proxy server, the first data connection with the terminal based on verifying the received user identification data; establishing, at the proxy server, a second data connection with the service server after verifying the received user identification data; bridging, at the proxy server, the first data connection and the second data connection in order to establish a first communications session using a first communications protocol between the terminal and the service server; establishing, at the proxy server, a second communications session using a second communications protocol between the proxy server and the service server; receiving, at the proxy server from the service server, via the second communications session, a request for access credentials associated with the user, the request including information received by the service server via the first communications session, wherein the access credentials associated with the user are different from the user identification data; identifying, at the proxy server, the access credentials associated with the user based on the information received by the service server; and transmitting, from the proxy server to the service server, the identified access credentials via the second communications session. - View Dependent Claims (22, 23)
-
Specification