Method and system for providing login as a service

US 9,830,435 B2
Filed: 10/02/2012
Issued: 11/28/2017
Est. Priority Date: 10/04/2011
Status: Active Grant

First Claim

Patent Images

1. An apparatus for providing login as a service, the apparatus comprising:

a processor; and

one or more stored sequences of instructions which, when executed by the processor, cause the processor to perform operations of;

receiving, by a login server, a login request redirected from a customer server, the redirected login request being received when a user computer requests to login directly to a customer application provided by the customer server, the customer application being a desktop application;

outputting, by the login server, a login form to the user computer within the customer application;

receiving, by the login server, a modified login form from the user computer via the customer application, the modified log in form creating a proposed login protocol for logging into the customer application;

determining, by the login server, whether the received modified login form enables the user computer to login to the customer application by verifying, by the login server, that the proposed login protocol is acceptable based on a customer specified login protocol associated with the customer server; and

notifying, by the login server, the customer server that the modified login form enables the user computer to login to the customer application in response to a determination that the modified login form enables the user computer to login to the customer application.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for providing login as a service. A system receives, via a customer server, a request from a user computer to login to a customer application provided by the customer server. The system outputs a login form to the user computer, receives a modified login form from the user computer, and determines whether the modified login form enables the user computer to login to the customer application. If the modified login form enables the user computer to login to the customer application, the system notifies the customer server that the modified login form enables the user computer to login to the customer application.

Citations

19 Claims

1. An apparatus for providing login as a service, the apparatus comprising:
- a processor; and
  
  one or more stored sequences of instructions which, when executed by the processor, cause the processor to perform operations of;
  
  receiving, by a login server, a login request redirected from a customer server, the redirected login request being received when a user computer requests to login directly to a customer application provided by the customer server, the customer application being a desktop application;
  
  outputting, by the login server, a login form to the user computer within the customer application;
  
  receiving, by the login server, a modified login form from the user computer via the customer application, the modified log in form creating a proposed login protocol for logging into the customer application;
  
  determining, by the login server, whether the received modified login form enables the user computer to login to the customer application by verifying, by the login server, that the proposed login protocol is acceptable based on a customer specified login protocol associated with the customer server; and
  
  notifying, by the login server, the customer server that the modified login form enables the user computer to login to the customer application in response to a determination that the modified login form enables the user computer to login to the customer application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The apparatus of claim 1, wherein the login form comprises password rules for at least one of password length, password composition, password complexity, password reuse, and password similarity to at least one of a username and a user email address.
  - 3. The apparatus of claim 1, wherein the modified login form requires at least one of a user email address, a username, and a user created password.
  - 4. The apparatus of claim 1, wherein notifying the customer server that the modified login form enables the user computer to login to the customer application comprises outputting a user internet protocol address to the customer server.
  - 5. The apparatus of claim 1, further comprising the operation of notifying, by the login server, at least one of the customer server and the user computer that the modified login form does not enable the user computer to login to the customer application in response to a determination that the modified login form does not enable the user computer to login to the customer application.
  - 6. The apparatus of claim 1, further comprising the operations of:
    - outputting, by the login server, an email comprising a verification link to the user computer; and
      
      enabling, by the login server, the creation of a password to replace a temporary password in response to activation of the verification link.
  - 7. The apparatus of claim 1, further comprising the operations of:
    - receiving, by the login server, a session identifier from the customer server;
      
      redirecting, by the login server, the session identifier to the user computer;
      
      receiving, by the login server, a login request from the customer server to identify a user based on the session identifier; and
      
      outputting, by the login server, an identification of the user based on the session identifier to the customer server.
  - 8. The apparatus of claim 1, further comprising the operations of:
    - generating, by the login server, user records, wherein the user records comprise at least one of user identifiers, login records, failed logins, suspicious user records, upcoming login expirations; and
      
      outputting, by the login server, the user records to the customer server, wherein the user records are sorted by at least one of a user name, a user email address, a login creation date, a most recent login date, and a login renewal date.
  - 9. The apparatus of claim 1, further comprising the operations of:
    - receiving, by the login server, a lost password notice from user computer; and
      
      outputting, by the login server, a password reset form to the user computer.

10. A non-transitory machine-readable medium carrying one or more sequences of instructions for providing login as a service, which instructions, when executed by one or more processors, cause the one or more processors to carry out the operations of:
- receiving, by a login server, a login request redirected from a customer server, the redirected login request being received when a user computer requests to login directly to a customer application provided by the customer server, the customer application being a desktop application;
  
  outputting, by the login server, a login form to the user computer within the customer application;
  
  receiving, by the login server, a modified login form from the user computer via the customer application, the modified log in form creating a proposed login protocol for logging into the customer application;
  
  determining, by the login server, whether the received modified login form enables the user computer to login to the customer application by verifying, by the login server, that the proposed login protocol is acceptable based on a customer specified login protocol associated with the customer server, the modified login form including user billing information; and
  
  notifying, by the login server, the customer server that the modified login form enables the user computer to login to the customer application in response to a determination that the modified login form enables the user computer to login to the customer application.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The machine-readable medium of claim 10, wherein the login form comprises a challenge-response test to ensure that the modified login form is generated by a person.
  - 12. The machine-readable medium of claim 10, wherein the login form comprises a security question and the modified login form comprises a security answer.
  - 13. The machine-readable medium of claim 10, wherein the user billing information comprises at least one of a billed amount, a frequency of billing, and a method of billing payment.
  - 14. The machine-readable medium of claim 10, wherein determining whether the modified login form enables the user computer to login to the customer application further comprises detecting duplicate user billing information.
  - 15. The machine-readable medium of claim 10, wherein the notification comprises expiration information for the user computer to login to the customer application.

16. A method for providing login as a service, the method comprising:
- receiving a login request, by a login server, the login request being redirected via a customer server from a user computer requesting to login directly to a customer application provided by the customer server, the customer application being a desktop application;
  
  outputting, by the login server, a login form to the user computer within the customer application;
  
  receiving, by the login server, a modified login form from the user computer via the customer application, the modified log in form creating a proposed login protocol for logging into the customer application;
  
  determining, by the login server, whether the received modified login form enables the user computer to login to the customer application by verifying, by the login server, that the proposed login protocol is acceptable based on a customer specified login protocol associated with the customer server; and
  
  notifying, by the login server, the customer server that the modified login form enables the user computer to login to the customer application in response to a determination that the modified login form enables the user computer to login to the customer application.
- View Dependent Claims (17)
- - 17. The method of claim 16, wherein the modified login form comprises user billing information.

18. A method for providing login as a service, the method comprising:
- causing a login server to execute code to receive a login request, via embedded login code in a customer webpage executed by a customer server, redirected via the customer server from a user computer requesting to login directly to a customer application provided by the customer server, the login request being made at the customer server before being redirected to the login server, the customer application being a desktop application;
  
  causing the login server to execute code to output a login form to the user computer within the customer application;
  
  causing the login server to execute code to receive a modified login form from the user computer via the customer application, the modified log in form creating a proposed login protocol for logging into the customer application;
  
  causing the login server to execute code to determine whether the received modified login form enables the user computer to login to the customer application verifying, by the login server, that the proposed login protocol is acceptable based on a customer specified login protocol associated with the customer server; and
  
  causing the login server to execute code to notify the customer server that the modified login form enables the user computer to login to the customer application in response to a determination that the modified login form enables the user computer to login to the customer application.
- View Dependent Claims (19)
- - 19. The method of claim 18, wherein the embedded login code in the customer webpage comprises code associated with an application program interface.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Haven, Richard
Primary Examiner(s)
Zecher, Dede
Assistant Examiner(s)
Savenkov, Vadim

Application Number

US13/633,407
Publication Number

US 20130086667A1
Time in Patent Office

1,883 Days
Field of Search

726 7, 726 1- 6, 726 8- 10, 726 12, 726 21
US Class Current
CPC Class Codes

G06F 21/31   User authentication

H04L 63/0815   providing single-sign-on or...

H04L 63/0892   by using authentication-aut...

Method and system for providing login as a service

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing login as a service

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links