WEB-BASED INTERFACE INTEGRATION FOR SINGLE SIGN-ON

US 20150089619A1
Filed: 09/22/2014
Published: 03/26/2015
Est. Priority Date: 09/20/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving a request for a single sign-on service, wherein the request is received via a web interface associated with the single sign-on service;

sending a data request to a data manager based on the request to manage a policy or credential; and

returning a response via the associated web interface.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Web-based single sign-on can enable a user to log in to a single interface (such as through a web browser or thin client) and then provide SSO services to the user for one or more web applications. The web-based SSO system can be extended to support one or more different access control methods, such as form-fill, Federated (OIF), SSO Protected (OAM), and other policies. The web-based SSO system can include a user interface through which the user can access different web applications, systems, etc. and manage their credentials. Each SSO service can be associated with a web interface allowing the SSO services to be accessed over the web. The web interfaces can provide CRUD (create, read, update, delete) functionality for each SSO service. To support different access policy types, the web-based SSO system can include an extensible data manager that can manage data access to different types of repositories transparently.

35 Citations

View as Search Results

20 Claims

1. A method comprising:
- receiving a request for a single sign-on service, wherein the request is received via a web interface associated with the single sign-on service;
  
  sending a data request to a data manager based on the request to manage a policy or credential; and
  
  returning a response via the associated web interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the request is received in a first protocol by a proxy that converts the request from the first protocol to a second protocol and forwards the converted request to the single sign-on service.
  - 3. The method of claim 2, wherein the response is received by the proxy in the second protocol and wherein the proxy converts the response from the second protocol to the first protocol and returns the converted response.
  - 4. The method of claim 1, wherein the request for a single sign-on service is a policy management request and further comprising:
    - sending the policy management request to a policy manager, wherein the policy management request includes one or more policy management operations; and
      
      generating the data request based on the one or more policy management operations.
  - 5. The method of claim 4, wherein the policy management request is formatted for a first interface and wherein the policy manager identifies a policy management plug-in associated with the policy management request and converts the policy management request to a format for a second interface based on the identified policy management plug-in.
  - 6. The method of claim 1, wherein the request for a single sign-on service is a credential management request and further comprising:
    - sending the credential management request to a credential manager, wherein the credential management request includes one or more credential management operations; and
      
      generating the data request based on the one or more credential management operations.
  - 7. The method of claim 6, wherein the credential management request is formatted for a first interface and wherein the credential manager identifies a sub-manager associated with the credential management request and converts the credential management request to a format for a second interface based on the identified sub-manager.

8. A system comprising:
- a computer, including a computer readable medium and processor;
  
  a plurality of single sign-on services, executing on the computer, wherein each single sign-on service is associated with a web interface;
  
  wherein each of the plurality of single sign-on services are configured toreceive a request, via the associated web interface, from a client to manage a policy or credential,send a data request to a data manager based on the request to manage the policy or credential, andreturn a response to the client via the associated web interface.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, further comprising:
    - a first tunnel proxy that receives the request in a first protocol and converts the request from the first protocol to a second protocol and forwards the converted request to the single sign-on service.
  - 10. The system of claim 9, further comprising:
    - a second tunnel proxy that receives the response in the second protocol and wherein the proxy converts the response from the second protocol to the first protocol and returns the converted response.
  - 11. The system of claim 8, wherein the request for a single sign-on service is a policy management request and wherein each of the plurality of single sign-on services are further configured to:
    - send the policy management request to a policy manager, wherein the policy management request includes one or more policy management operations; and
      
      generate the data request based on the one or more policy management operations.
  - 12. The system of claim 11, wherein the policy management request is formatted for a first interface and wherein the policy manager identifies a policy management plug-in associated with the policy management request and converts the policy management request to a format for a second interface based on the identified policy management plug-in.
  - 13. The system of claim 8, wherein the request for a single sign-on service is a credential management request and wherein each of the plurality of single sign-on services are further configured to:
    - send the credential management request to a credential manager, wherein the credential management request includes one or more credential management operations; and
      
      generate the data request based on the one or more credential management operations.
  - 14. The system of claim 13, wherein the credential management request is formatted for a first interface and wherein the credential manager identifies a sub-manager associated with the credential management request and converts the credential management request to a format for a second interface based on the identified sub-manager.

15. A non-transitory computer readable storage medium including instructions stored thereon which when executed by a processor cause the processor to perform the steps of:
- receiving a request for a single sign-on service, wherein the request is received via a web interface associated with the single sign-on service;
  
  sending a data request to a data manager based on the request to manage the policy or credential; and
  
  returning a response via the associated web interface.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer readable storage medium of claim 15, wherein the request is received in a first protocol by a proxy that converts the request from the first protocol to a second protocol and forwards the converted request to the single sign-on service.
  - 17. The non-transitory computer readable storage medium of claim 16, wherein the response is received by the proxy in the second protocol and wherein the proxy converts the response from the second protocol to the first protocol and returns the converted response.
  - 18. The non-transitory computer readable storage medium of claim 15, wherein the request for a single sign-on service is a policy management request and wherein each of the plurality of single sign-on services are further configured to:
    - send the policy management request to a policy manager, wherein the policy management request includes one or more policy management operations; and
      
      generate the data request based on the one or more policy management operations;
      
      wherein the policy management request is formatted for a first interface and wherein the policy manager identifies a policy management plug-in associated with the policy management request and converts the policy management request to a format for a second interface based on the identified policy management plug-in.
  - 19. The non-transitory computer readable storage medium of claim 15, wherein the request for a single sign-on service is a credential management request and wherein each of the plurality of single sign-on services are further configured to:
    - send the credential management request to a credential manager, wherein the credential management request includes one or more credential management operations; and
      
      generate the data request based on the one or more credential management operations.
  - 20. The non-transitory computer readable medium of claim 19, wherein the credential management request is formatted for a first interface and wherein the credential manager identifies a sub-manager associated with the credential management request and converts the credential management request to a format for a second interface based on the identified sub-manager.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Manza, Marc B., Sorial, Ayman, Kolli, Ashish, Uchil, Mrudul, Brunaugh, Josh, Singh, Dharmvir, Cornwell, Smith William, Kuppala, Siva Sundeep, Jain, Swati, Raote, Paresh

Granted Patent

US 10,225,244 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/8
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/0815   providing single-sign-on or...

H04L 63/0838   using one-time-passwords

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

WEB-BASED INTERFACE INTEGRATION FOR SINGLE SIGN-ON

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

35 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

WEB-BASED INTERFACE INTEGRATION FOR SINGLE SIGN-ON

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links