Inter-application management of user credential data

US 9,894,072 B2
Filed: 08/01/2016
Issued: 02/13/2018
Est. Priority Date: 04/12/2011
Status: Active Grant

First Claim

Patent Images

1. A method of providing an enhanced authorization application programming interface (API) in a secure network-based system of computing devices each having at least one memory device and one or more hardware computing devices, wherein the enhanced authorization API provides access to at least two authorization procedures one of which utilizes a cookie and one of which utilizes server side-storage, the method comprising:

executing an authorization procedure with at least one of the computing devices, wherein when the cookie is to be used to perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory;

utilizing developer-defined user information (DDUI) within the authorization procedure when performed by at least one of the computing devices, wherein the DDUI comprises at least security credential information from at least two disparate network domains stored as digital data; and

storing the results of a successful authorization procedure in a database as a security context object.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and apparatus for enhancing the functionality and utility of an authentication process for web applications is disclosed.

136 Citations

14 Claims

1. A method of providing an enhanced authorization application programming interface (API) in a secure network-based system of computing devices each having at least one memory device and one or more hardware computing devices, wherein the enhanced authorization API provides access to at least two authorization procedures one of which utilizes a cookie and one of which utilizes server side-storage, the method comprising:
- executing an authorization procedure with at least one of the computing devices, wherein when the cookie is to be used to perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the hardware computing device is caused to be configured to not write locally to an application memory, but instead to access a shared session cache memory;
  
  utilizing developer-defined user information (DDUI) within the authorization procedure when performed by at least one of the computing devices, wherein the DDUI comprises at least security credential information from at least two disparate network domains stored as digital data; and
  
  storing the results of a successful authorization procedure in a database as a security context object.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the security credential information comprises at least one security token.
  - 3. The method of claim 1, further comprising providing a resource so that the developer can choose between using a cookie, or using server-side storage, for storing the DDUI.
  - 4. The method of claim 1 further comprising providing a mashup of content from the at least two disparate network domains.
  - 5. The method of claim 1 wherein the DDUI further comprises content to be provided to a specific user.
  - 6. The method of claim 1 wherein the security context object comprises a custom database object.
  - 7. The method of claim 6 wherein the custom database object comprises a SecurityContext object.

8. A system comprising:
- at least one memory system;
  
  one or more processors coupled with the at least one memory system, the one or more processors configurable to enable an authorization procedure with at least one of the computing devices, wherein the enhanced authorization procedure provides access to at least two authorization procedures one of which utilizes a cookie and one of which utilizes server side-storage, to execute at least one of the authorization procedures utilizing developer-defined user information (DDUI) within the authorization procedure when performed by at least one of the computing devices, wherein the DDUI comprises at least security credential information from at least two disparate network domains stored as digital data, and to store the results of a successful authorization procedure in a database in the memory system as a security context object, wherein when a cookie is to be used to perform user authorizations, the cookie is sent for authentication purposes to provide re-authentication with each request each time a user makes a request, and wherein when using the server-side storage, the one or more processors are to be configured to not write locally to an application memory, but instead to access a shared session cache memory.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8 wherein the security credential information comprises at least one security token.
  - 10. The system of claim 8, the one or more processors are further configurable to provide a resource so that the developer can choose between using a cookie, or using server-side storage, for storing the DDUI.
  - 11. The system of claim 8 further comprising providing a mashup of content from the at least two disparate network domains.
  - 12. The system of claim 8 wherein the DDUI further comprises content to be provided to a specific user.
  - 13. The system of claim 8 wherein the security context object comprises a custom database object.
  - 14. The system of claim 13 wherein the custom database object comprises a SecurityContext object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Salesforce.com, Inc.
Original Assignee
Salesforce.com, Inc.
Inventors
Simone, John, Hossain, Fiaz
Primary Examiner(s)
Vaughan, Michael R

Application Number

US15/225,751
Publication Number

US 20160344719A1
Time in Patent Office

561 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 16/951   Indexing; Web crawling tech...

G06F 21/41   where a single sign-on prov...

G06F 8/20   Software design

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/105   Multiple levels of security

H04L 67/01   Protocols

Inter-application management of user credential data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

136 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Inter-application management of user credential data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

136 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links