PROXY AUTHENTICATION FOR SINGLE SIGN-ON
First Claim
1. A computing apparatus for providing a network gateway, comprising:
- a first data connection operable to communicatively couple the gateway to a network service;
a second data connection operable to communicatively couplet the gateway to a client device; and
one or more logic elements comprising an authentication proxy engine operable for;
receiving a request from the client device via the second data connection; and
providing authentication data to the network service via the first data connection.
9 Assignments
0 Petitions
Accused Products
Abstract
In an example, a web gateway is described, including an authentication proxy engine (PAE). The PAE authenticates a user device via, for example, a username and password, biometric data, or two-factor authentication. The web gateway then provides seamless and transparent single sign-on (SSO) for one or more web services. When the user requests a web page from the web service, the PAE inserts custom code that detects a login action. When the user logs in, a one-time token may be provided to auto-fill the username and password field. When the user submits the form, the PAE provides the actual credentials to the web service. The PAE may also provide authentication via authentication headers.
21 Citations
25 Claims
-
1. A computing apparatus for providing a network gateway, comprising:
-
a first data connection operable to communicatively couple the gateway to a network service; a second data connection operable to communicatively couplet the gateway to a client device; and one or more logic elements comprising an authentication proxy engine operable for; receiving a request from the client device via the second data connection; and providing authentication data to the network service via the first data connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. One or more computer-readable mediums having stored thereon executable instructions for providing a proxy engine operable for:
-
receiving a request for a network service from a client device via a second data connection; providing authentication data to the network service via a first data connection; receiving an authentication validation from a network service via a first data connection; and providing the authentication validation to the client device via a second data connection. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A method of providing a proxy engine, comprising:
-
communicatively coupling to a network service via a first data connection; authenticating a client device via a second data connection; receiving a login request from the client device via the second data connection; and providing authentication data to the network service via the first data connection. - View Dependent Claims (25)
-
Specification