Systems and methods for logging into an application on a second domain from a first domain in a multi-tenant database system environment
First Claim
Patent Images
1. A method for logging into an application across separate domains, comprising:
- sending, by an administrative device, a request by an administrative user to log in to a server associated with a first domain in a database system environment;
receiving, by the administrative device, a session identification allowing the administrative user to log into the server associated with the first domain in the database system environment;
sending, by the administrative device, a substitute user request to the server associated with the first domain in the database system environment, the substitute user request including a request for the administrative user of the administrative device to become associated with another user'"'"'s profile on a second domain in the database system environment, wherein the other user'"'"'s profile on the second domain is a non-administrative user on the second domain;
receiving, by the administrative device, prepared data allowing the user of the administrative device to directly login to an application of the database system environment on the second domain as if the administrative user was the non-administrative user, the prepared data including an encrypted version of the IP address of the administrative device;
sending, by the administrative device, the prepared data to a second server associated with the second domain with an IP address of the administrative device;
receiving, from the second server, a session ID allowing the user of the administrative device to directly login to the application on the second domain as the non-administrative user when the second server determines that the encrypted version of the IP address of the administrative device included within the prepared data matches the IP address sent with the prepared data;
sending, by the administrative device, a request to log out of the application to the second server, the second server clearing the session ID upon receipt of the request to log out of the application; and
receiving, by the administrative device from the second server, a previous session identification to the user of the first domain redirecting the user of the first domain back to the first domain.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for logging into an application across separate domains in a multi-tenant database environment is provided. The method may include receiving, by a server associated with a first domain, a substitute user request from a user of the first domain, the substitute user request including a request for the user of the first domain to become a user on a second domain, posting, to a server associated with the second domain, the substitute user request, and posting, by the server associated with the second domain, a new session identification allowing the user of the first domain to login to an application on the second domain.
-
Citations
12 Claims
-
1. A method for logging into an application across separate domains, comprising:
-
sending, by an administrative device, a request by an administrative user to log in to a server associated with a first domain in a database system environment; receiving, by the administrative device, a session identification allowing the administrative user to log into the server associated with the first domain in the database system environment; sending, by the administrative device, a substitute user request to the server associated with the first domain in the database system environment, the substitute user request including a request for the administrative user of the administrative device to become associated with another user'"'"'s profile on a second domain in the database system environment, wherein the other user'"'"'s profile on the second domain is a non-administrative user on the second domain; receiving, by the administrative device, prepared data allowing the user of the administrative device to directly login to an application of the database system environment on the second domain as if the administrative user was the non-administrative user, the prepared data including an encrypted version of the IP address of the administrative device; sending, by the administrative device, the prepared data to a second server associated with the second domain with an IP address of the administrative device; receiving, from the second server, a session ID allowing the user of the administrative device to directly login to the application on the second domain as the non-administrative user when the second server determines that the encrypted version of the IP address of the administrative device included within the prepared data matches the IP address sent with the prepared data; sending, by the administrative device, a request to log out of the application to the second server, the second server clearing the session ID upon receipt of the request to log out of the application; and receiving, by the administrative device from the second server, a previous session identification to the user of the first domain redirecting the user of the first domain back to the first domain. - View Dependent Claims (2, 3)
-
-
4. A system for logging into an application across separate domains in database system environment, comprising:
-
a first server having a first processor and a first memory, associated with a first domain; and a second server having a second processor and a second memory, associated with a second domain, the second server hosting an application on the second domain, wherein the first server is configured to; receive a substitute user request from an administrative device associated with a administrative user of the first domain, the substitute user request including a request for the administrative user of the first domain to become associated with another user'"'"'s profile on a second domain; prepare data allowing the administrative user of the first domain to login to the application on the second domain as if the administrative user is the user associated with the other user'"'"'s profile, the prepared data including an encrypted version of the IP address of the administrative device; send the prepared data to the administrative device associated with the administrative user of the first domain; and redirect the administrative device to a second server associated with the second domain allowing the administrative device associated with the administrative user of the first domain to post the prepared data along with the IP address of the administrative device to the second domain and allowing the administrative user to access the second domain as if the administrative user is the user associated with the other user'"'"'s profile when the second server determines that the encrypted version of the IP address of the administrative device included within the prepared data matches the IP address posted with the prepared data; wherein second server is further configured to; receive the prepared data from the user of the first domain; validate the received prepared data; send, if the prepared date is validated, a new session identification to the user of the first domain allowing the user of the first domain to login to the application on the second domain; receive a request to log out of the application from a user of the first domain; clear the new session ID identification upon receiving the request to log out of the application; and send, after receiving the request to log out of the application, a previous session identification to the user of the first domain redirecting the user of the first domain back to the first domain. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A method for logging into a second domain of a database system from a first domain of the database system, comprising:
-
receiving, by a server associated with the first domain of the database system, a request from an administrative user of a first device to log onto the second domain as if the administrative user was associated with another user'"'"'s profile on the second domain; preparing, by the server associated with the first domain of the database system, data allowing the administrative user of the first device to login to an application of the second domain of the database system as if the administrative user was associated with the other user'"'"'s profile on the second domain the prepared data including an encrypted version of the IP address of the first device; and sending, by the server associated with the first domain in the database system, the prepared data to the first device associated with the administrative user of the first domain in the database system and redirecting the administrative device to a second server associated with the second domain in the database system to thereby allow the administrative user of the first domain to post the prepared data along with the IP address of the first device to the second domain and allowing the administrative user to access the second domain as if the administrative user was associated with another user'"'"'s profile on the second domain when the second server determines that the encrypted version of the IP address of the administrative device included within the prepared data matches the IP address sent with the prepared data; receiving, by a server associated with the second domain, the prepared data from the user of the first domain; validating, by a server associated with the second domain, the received prepared data; and sending, by a server associated with the second domain, a new session identification, if the prepared date is validated, to the user of the first domain allowing the user of the first domain to login to the application on the second domain; sending, by the administrative device, a request to log out of the application of the second domain to the second server, the second server clearing the new session identification upon receipt of the request to log out of the application; and receiving, by the administrative device from the second server, a previous session identification to the user of the first domain redirecting the user of the first domain back to the first domain. - View Dependent Claims (10, 11, 12)
-
Specification