Inter-application management of user credential data
First Claim
Patent Images
1. A method of providing an enhanced authorization application programming interface (API) in a secure network-based system of computing devices each having at least one memory device and one or more hardware computing devices, wherein the enhanced authorization API provides access to at least two authorization procedures one of which utilizes a cookie and one of which utilizes server side-storage, the method comprising:
- executing an authorization procedure with at least one of the computing devices, wherein when the cookie is to be used to perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory;
utilizing developer-defined user information (DDUI) within the authorization procedure when performed by at least one of the computing devices, wherein the DDUI comprises at least security credential information from at least two disparate network domains stored as digital data; and
storing the results of a successful authorization procedure in a database as a security context object.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and apparatus for enhancing the functionality and utility of an authentication process for web applications is disclosed.
-
Citations
14 Claims
-
1. A method of providing an enhanced authorization application programming interface (API) in a secure network-based system of computing devices each having at least one memory device and one or more hardware computing devices, wherein the enhanced authorization API provides access to at least two authorization procedures one of which utilizes a cookie and one of which utilizes server side-storage, the method comprising:
-
executing an authorization procedure with at least one of the computing devices, wherein when the cookie is to be used to perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory; utilizing developer-defined user information (DDUI) within the authorization procedure when performed by at least one of the computing devices, wherein the DDUI comprises at least security credential information from at least two disparate network domains stored as digital data; and storing the results of a successful authorization procedure in a database as a security context object. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
at least one memory system; one or more processors coupled with the at least one memory system, the one or more processors configurable to enable an authorization procedure with at least one of the computing devices, wherein the enhanced authorization procedure provides access to at least two authorization procedures one of which utilizes a cookie and one of which utilizes server side-storage, to execute at least one of the authorization procedures utilizing developer-defined user information (DDUI) within the authorization procedure when performed by at least one of the computing devices, wherein the DDUI comprises at least security credential information from at least two disparate network domains stored as digital data, and to store the results of a successful authorization procedure in a database in the memory system as a security context object, wherein when a cookie is to be used to perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the one or more processors are to be configured to not write locally to an application memory, but instead to access a shared session cache memory. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification