Shared portal context session

US 9,225,515 B2
Filed: 09/13/2013
Issued: 12/29/2015
Est. Priority Date: 09/13/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method executed by one or more processors, the method comprising:

setting a shared session cookie for use in a portal environment, the shared session cookie encrypted with a corresponding session-specific key, the portal environment executing a plurality of portal page components within the portal environment, the shared session cookie storing at least a portion of a session state associated with a current portal session;

providing the encrypted shared session cookie for storage at the client associated with the portal session of the portal environment;

initiating execution of a first portal application associated with a first portal page component provided within the portal environment, wherein the first portal application is provided with a copy of the encrypted shared session cookie;

providing a copy of the session-specific key associated with the encrypted shared session cookie to the first portal application, wherein the provided copy of the session-specific key is used to decrypt the shared session cookie at the first portal application, and wherein the session state stored in the shared session cookie is used to set at least a portion of the session state of the first portal application;

receiving a request to update the shared session cookie from the first portal application based on at least one change to the session state, the at least one change based on a change to the session state associated with execution of the first portal application; and

updating the shared session cookie based on the at least one change to the session state; and

sending an encrypted copy of the updated shared session cookie to a second portal application associated with a second portal page component concurrently executing within the portal environment and associated with the current portal session, the second portal application associated with a different domain than the first portal application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure involves systems, software, and computer implemented methods for sharing session state between portal application portlets associated with different domains. One example method includes setting a cookie for use in a portal environment. The cookie is encrypted with a key and stores at least a portion of a session state associated with a current portal session. The encrypted cookie is provided for storage at a client associated with the portal session. Execution of a portal application is initiated within the portal environment. The portal application is provided with a copy of the encrypted cookie. A copy of the key is provided to the portal application. The provided copy of the key is used to decrypt the cookie at the portal application. The session state stored in the cookie is used to set at least a portion of the session state of the portal application.

26 Citations

View as Search Results

16 Claims

1. A computer-implemented method executed by one or more processors, the method comprising:
- setting a shared session cookie for use in a portal environment, the shared session cookie encrypted with a corresponding session-specific key, the portal environment executing a plurality of portal page components within the portal environment, the shared session cookie storing at least a portion of a session state associated with a current portal session;
  
  providing the encrypted shared session cookie for storage at the client associated with the portal session of the portal environment;
  
  initiating execution of a first portal application associated with a first portal page component provided within the portal environment, wherein the first portal application is provided with a copy of the encrypted shared session cookie;
  
  providing a copy of the session-specific key associated with the encrypted shared session cookie to the first portal application, wherein the provided copy of the session-specific key is used to decrypt the shared session cookie at the first portal application, and wherein the session state stored in the shared session cookie is used to set at least a portion of the session state of the first portal application;
  
  receiving a request to update the shared session cookie from the first portal application based on at least one change to the session state, the at least one change based on a change to the session state associated with execution of the first portal application; and
  
  updating the shared session cookie based on the at least one change to the session state; and
  
  sending an encrypted copy of the updated shared session cookie to a second portal application associated with a second portal page component concurrently executing within the portal environment and associated with the current portal session, the second portal application associated with a different domain than the first portal application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - initiating execution of the second portal application within the portal environment, wherein the second portal application is provided with a copy of the encrypted shared session cookie upon initiation; and
      
      providing a copy of the session-specific key associated with the encrypted shared session cookie to the second portal application in response to initiation of the second portal application, wherein the provided copy of the session-specific key is used to decrypt the shared session cookie at the second portal application, and wherein the session state stored in the shared session cookie is used to set at least a portion of the session state of the second portal application.
  - 3. The method of claim 1, wherein a version identifier associated with the shared session cookie is increased in response to updating the shared session cookie.
  - 4. The method of claim 1, wherein the shared session cookie includes a payload and a version identifier.
  - 5. The method of claim 4, wherein only the payload is encrypted within the encrypted shared session cookie.
  - 6. The method of claim 4, wherein the payload stores the session state data of the shared session cookie in a Javascript Object Notation (JSON) format.
  - 7. The method of claim 4, wherein the version identifier defines a version of the shared session cookie, and wherein the version identifier is used by portal applications to determine if an updated shared session state is available.
  - 8. The method of claim 1, wherein the key corresponding to the shared session cookie is associated with two or more portal sessions.
  - 9. The method of claim 1, wherein sending the encrypted copy of the updated shared session cookie to the second portal application includes:
    - in response to detecting the updated shared session cookie, sending, by the first portal application to a portal plug-in associated with the portal environment, a request to send the updated shared session cookie to the second portal application using a cross-domain message sent via an iFrame associated with the portal plug-in, wherein the encrypted copy of the updated shared session cookie is sent by the portal environment in response to receiving the cross-domain message.
  - 10. The method of claim 9, wherein sending the encrypted copy of the updated shared session cookie in response to receiving the cross-domain message includes sending, by the portal plug-in to a plug-in associated with the second portal application, a cross-domain message including the encrypted updated shared session cookie.

11. A system comprising:
- one or more computers associated with an enterprise portal; and
  
  a computer-readable medium coupled to the one or more computers having instructions stored thereon which, when executed by the one or more computers, cause the one or more computers to perform operations comprising;
  
  setting a shared session cookie for use in a portal environment, the shared session cookie encrypted with a corresponding session-specific key, the portal environment executing a plurality of portal page components within the portal environment, the shared session cookie storing at least a portion of a session state associated with a current portal session;
  
  providing the encrypted shared session cookie for storage at the client associated with the portal session of the portal environment;
  
  initiating execution of a first portal application associated with a first portal page component provided within the portal environment, wherein the first portal application is provided with a copy of the encrypted shared session cookie;
  
  providing a copy of the session-specific key associated with the encrypted shared session cookie to the first portal application, wherein the provided copy of the session-specific key is used to decrypt the shared session cookie at the first portal application, and wherein the session state stored in the shared session cookie is used to set at least a portion of the session state of the first portal applicationreceiving a request to update the shared session cookie from the first portal application based on at least one change to the session state, the at least one change based on a change to the session state associated with execution of the first portal application;
  
  updating the shared session cookie based on the at least one change to the session state; and
  
  sending an encrypted copy of the updated shared session cookie to a second portal application associated with a second portal page component concurrently executing within the portal environment and associated with the current portal session, the second portal application associated with a different domain than the first portal application.
- View Dependent Claims (12, 13)
- - 12. The system of claim 11, the operations further comprising:
    - initiating execution of the second portal application within the portal environment, wherein the second portal application is provided with a copy of the encrypted shared session cookie upon initiation; and
      
      providing a copy of the session-specific key associated with the encrypted shared session cookie to the second portal application in response to initiation of the second portal application, wherein the provided copy of the session-specific key is used to decrypt the shared session cookie at the second portal application, and wherein the session state stored in the shared session cookie is used to set at least a portion of the session state of the second portal application.
  - 13. The system of claim 11, wherein a version identifier associated with the shared session cookie is increased in response to updating the shared session cookie.

14. A computer program product encoded on a non-transitory storage medium, the product comprising non-transitory, computer readable instructions for causing one or more processors to perform operations comprising:
- setting a shared session cookie for use in a portal environment, the shared session cookie encrypted with a corresponding session-specific key, the portal environment executing a plurality of portal page components within the portal environment, the shared session cookie storing at least a portion of a session state associated with a current portal session;
  
  providing the encrypted shared session cookie for storage at the client associated with the portal session of the portal environment;
  
  initiating execution of a first portal application associated with a first portal page component provided within the portal environment, wherein the first portal application is provided with a copy of the encrypted shared session cookie;
  
  providing a copy of the session-specific key associated with the encrypted shared session cookie to the first portal application, wherein the provided copy of the session-specific key is used to decrypt the shared session cookie at the first portal application, and wherein the session state stored in the shared session cookie is used to set at least a portion of the session state of the first portal application;
  
  receiving a request to update the shared session cookie from the first portal application based on at least one change to the session state, the at least one change based on a change to the session state associated with execution of the first portal application; and
  
  updating the shared session cookie based on the at least one change to the session state; and
  
  sending an encrypted copy of the updated shared session cookie to a second portal application associated with a second portal page component concurrently executing within the portal environment and associated with the current portal session, the second portal application associated with a different domain than the first portal application.
- View Dependent Claims (15, 16)
- - 15. The product of claim 14, the operations further comprising:
    - initiating execution of the second portal application within the portal environment, wherein the second portal application is provided with a copy of the encrypted shared session cookie upon initiation; and
      
      providing a copy of the session-specific key associated with the encrypted shared session cookie to the second portal application in response to initiation of the second portal application, wherein the provided copy of the session-specific key is used to decrypt the shared session cookie at the second portal application, and wherein the session state stored in the shared session cookie is used to set at least a portion of the session state of the second portal application.
  - 16. The product of claim 14, wherein a version identifier associated with the shared session cookie is increased in response to updating the shared session cookie.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sap Portals Israel Ltd (SAP SE)
Original Assignee
Sap Portals Israel Ltd (SAP SE)
Inventors
Volchok, Alex
Primary Examiner(s)
Le, Chau
Assistant Examiner(s)
Jamshidi, Ghodrat

Application Number

US14/026,748
Publication Number

US 20150082029A1
Time in Patent Office

837 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/00   Security arrangements for p...

H04L 63/00   Network architectures or ne...

H04L 63/0428   wherein the data content is...

H04L 63/0815   providing single-sign-on or...

H04L 67/01   Protocols

H04L 67/142   Managing session states for...

H04L 9/0819   Key transport or distributi...

Shared portal context session

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Shared portal context session

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links