Implementing single sign-on across a heterogeneous collection of client/server and web-based applications
First Claim
1. A method, comprising:
- establishing, based on an authentication credential provided by a user via a first client application, a first authenticated session for a computing device, the first authenticated session being associated with the first client application;
generating a master authentication token and a first authentication token corresponding to the first authentication session;
responsive to an authentication request associated with a second client application, generating, based on the master authentication token and an identification of the second client application, a second authentication token comprising a session identifier different from a session identifier of the first authentication token; and
using the second authentication token to establish a second authenticated session for the computing device, the second authenticated session being associated with the second client application.
10 Assignments
0 Petitions
Accused Products
Abstract
Leveraging an established authenticated session in obtaining authentication to a client application includes receiving a request for access to a client application requiring authentication of a requestor and determining whether there exist characteristics of leverageable authentications corresponding to established sessions having an authenticated state at a time of the determination. When the determination reveals characteristics of at least one leverageable authentication corresponding to an established session, and attempt is made to obtain access for the requestor to the client application based on the at least one leverageable authentication, and the requestor is provided with a notification related to the 1 attempt to obtain access for the requestor to the client application.
-
Citations
20 Claims
-
1. A method, comprising:
-
establishing, based on an authentication credential provided by a user via a first client application, a first authenticated session for a computing device, the first authenticated session being associated with the first client application; generating a master authentication token and a first authentication token corresponding to the first authentication session; responsive to an authentication request associated with a second client application, generating, based on the master authentication token and an identification of the second client application, a second authentication token comprising a session identifier different from a session identifier of the first authentication token; and using the second authentication token to establish a second authenticated session for the computing device, the second authenticated session being associated with the second client application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system, comprising:
-
at least one processor; and a memory storing instructions that when executed by the at least one processor cause the system to; establish, based on an authentication credential provided by a user via a first client application, a first authenticated session for a computing device, the first authenticated session being associated with the first client application; generate a master authentication token and a first authentication token corresponding to the first authentication session; responsive to an authentication request associated with a second client application, generate, based on the master authentication token and an identification of the second client application, a second authentication token comprising a session identifier different from a session identifier of the first authentication token; and use the second authentication token to establish a second authenticated session for the computing device, the second authenticated session being associated with the second client application. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. One or more non-transitory computer-readable media having instructions stored thereon that when executed by one or more computers cause the one or more computers to:
-
establish, based on an authentication credential provided by a user via a first client application, a first authenticated session for a computing device, the first authenticated session being associated with the first client application; generate a master authentication token and a first authentication token corresponding to the first authentication session; responsive to an authentication request associated with a second client application, generate, based on the master authentication token and an identification of the second client application, a second authentication token comprising a session identifier different from a session identifier of the first authentication token; and use the second authentication token to establish a second authenticated session for the computing device, the second authenticated session being associated with the second client application. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification