Web-based single sign-on with form-fill proxy application
First Claim
1. A method comprising:
- receiving, at a server, a request from a client device to access a web application;
passing the request to the web application;
receiving a response from the web application;
augmenting the response with policy data and a single sign-on application to create an augmented response; and
returning the augmented response to the client device;
wherein the single sign-on application is configured to;
identify a platform associated with the client device; and
execute one or more operations that are specific to the associated platform;
wherein the single sign-on application executes in a client browser and is further configured to;
request a policy associated with the web application;
match a page received from the web application to the policy;
request, from the server, credentials associated with a user to access the web application;
receive one or more credentials from the server and inject the received credentials into one or more fields on the page based on the policy; and
submit the received credentials to the web application; and
wherein the single sign-on application is further configured to invoke an automated logon chooser process that submits the received credentials to the single sign-on application such that, upon the single sign-on application detecting a successful logon with one of the received credentials, the single sign-on application sends an update request to the server to update the credentials associated with the user for the web application using the received credentials associated with the successful logon.
2 Assignments
0 Petitions
Accused Products
Abstract
Web-based single sign-on can enable a user to log in to a single interface (such as through a web browser or thin client) and then provide SSO services to the user for one or more web applications. The web-based SSO system can be extended to support one or more different access control methods, such as form-fill, Federated (OIF), SSO Protected (OAM), and other policies. The web-based SSO system can include a user interface through which the user can access different web applications, systems, etc. and manage their credentials. Each SSO service can be associated with a web interface allowing the SSO services to be accessed over the web. The web interfaces can provide CRUD (create, read, update, delete) functionality for each SSO service. To support different access policy types, the web-based SSO system can include an extensible data manager that can manage data access to different types of repositories transparently.
-
Citations
14 Claims
-
1. A method comprising:
-
receiving, at a server, a request from a client device to access a web application; passing the request to the web application; receiving a response from the web application; augmenting the response with policy data and a single sign-on application to create an augmented response; and returning the augmented response to the client device; wherein the single sign-on application is configured to; identify a platform associated with the client device; and execute one or more operations that are specific to the associated platform; wherein the single sign-on application executes in a client browser and is further configured to; request a policy associated with the web application; match a page received from the web application to the policy; request, from the server, credentials associated with a user to access the web application; receive one or more credentials from the server and inject the received credentials into one or more fields on the page based on the policy; and submit the received credentials to the web application; and wherein the single sign-on application is further configured to invoke an automated logon chooser process that submits the received credentials to the single sign-on application such that, upon the single sign-on application detecting a successful logon with one of the received credentials, the single sign-on application sends an update request to the server to update the credentials associated with the user for the web application using the received credentials associated with the successful logon. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer readable storage medium including instructions stored thereon which when executed by a processor cause the processor to perform the steps of:
-
receiving a request to access a web application; passing the request to the web application; receiving a response from the web application; augmenting the response with policy data and a single sign-on application to create an augmented response; and returning the augmented response; wherein the single sign-on application is configured to; identify a platform associated with a client device; and execute one or more operations that are specific to the associated platform; wherein the single sign-on application executes in a client browser and is further configured to; request a policy associated with the web application; match a page received from the web application to the policy; request, from the server, credentials associated with a user to access the web application; receive one or more credentials from the server and inject the received credentials into one or more fields on the page based on the policy; and submit the received credentials to the web application; and wherein the single sign-on application is further configured to invoke an automated logon chooser process that submits the received credentials to the single sign-on application such that, upon the single sign-on application detecting a successful logon with one of the received credentials, the single sign-on application sends an update request to the server to update the credentials associated with the user for the web application using the received credentials associated with the successful logon. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A system comprising:
-
a computer, including a computer readable storage medium and processor; and a single sign-on proxy, executing on the computer, wherein the single sign-on proxy is configured to receive requests for web applications from clients and return augmented responses from the web applications to the clients; wherein when a request to access a web application is received from a client, the single sign-on proxy is configured to pass the request to the web application; receive a response from the web application; augment the response with policy data and a single sign-on application to create an augmented response; and return the augmented response; wherein the single sign-on application is configured to; identify a platform associated with the client device; and execute one or more operations that are specific to the associated platform; wherein the single sign-on application executes in a client browser and is further configured to; request a policy associated with the web application; match a page received from the web application to the policy; request, from a server, credentials associated with a user to access the web application; receive one or more credentials from the server and inject the received credentials into one or more fields on the page based on the policy; and submit the received credentials to the web application; and wherein the single sign-on application is further configured to invoke an automated logon chooser process that submits the received credentials to the single sign-on application such that, upon the single sign-on application detecting a successful logon with one of the received credentials, the single sign-on application sends an update request to the server to update the credentials associated with the user for the web application using the received credentials associated with the successful logon. - View Dependent Claims (12, 13, 14)
-
Specification