SYSTEM AND METHOD FOR PROXYING FEDERATED AUTHENTICATION PROTOCOLS
First Claim
Patent Images
1. A method comprising:
- receiving a service provider identity request through a federated authentication protocol;
transmitting a proxy identity request to a configured identity provider;
receiving an identity assertion;
facilitating execution of a second layer of authentication;
determining a proxy identity assertion based on the identity assertion and the second layer of authentication; and
transmitting the proxy identity assertion to the service provider.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method that include receiving a service provider identity request through a federated authentication protocol; transmitting a proxy identity request to a configured identity provider; receiving an identity assertion; facilitating execution of a second layer of authentication; determining a proxy identity assertion based on the identity assertion and the second layer of authentication; and transmitting the proxy identity assertion to the service provider.
136 Citations
23 Claims
-
1. A method comprising:
-
receiving a service provider identity request through a federated authentication protocol; transmitting a proxy identity request to a configured identity provider; receiving an identity assertion; facilitating execution of a second layer of authentication; determining a proxy identity assertion based on the identity assertion and the second layer of authentication; and transmitting the proxy identity assertion to the service provider. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for single sign-on comprising:
-
receiving an identity assertion of an identity provider through a federated identity protocol; facilitating execution of a second layer of authentication; and transmitting a proxy identity assertion to a service provider through a second instance of a federated authentication protocol comprising emulating an identity provider in the second instance of a federated authentication protocol. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A system comprising:
a federated authentication proxy server that comprises; an identity provider interface, a service provider emulator, a second layer authentication engine, and an account system with stored configuration of at least one managing account that includes configuration of a first instance of a federated authentication protocol with the identity provider interface, a second instance of a federated authentication protocol with the service provider emulator; and
second layer of authentication settings of at least one identity associated with the managing account.- View Dependent Claims (20, 21, 22, 23)
Specification