Interoperable credential gathering and access modularity
First Claim
1. A method executed on a single local machine having a processor executing computer-executable instructions stored in a memory, the method comprising:
- initializing, by a native operating system (OS) on the local machine, a logon user interface (UI);
initializing, with the logon UI on the single local machine, a plurality of different coexisting credential provider modules, each for translating respectively different types of credentials into a common credential protocol, the common credential protocol being compatible with the native OS of the local machine, each said credential provider module logging a user on with the native OS on the local machine via the logon UI to access the local machine using one of a plurality of corresponding different input devices in communication with the local machine;
receiving a first said credential from the user at a first one of said input devices in communication with the local machine;
translating the first credential with a first one of said credential provider modules corresponding to the first input device that is in communication with the local machine;
communicating the translated first credential having the common credential protocol through a credential provider Application Program Interface (API) to the logon UI of the native OS, wherein the credential provider API is configured to interface with each of the plurality of different coexisting credential provider modules;
passing the translated first credential having the common credential protocol to an OS logon module of the native OS from the logon UI;
calling the OS logon module for the native OS to authenticate the translated credential having the common credential protocol against a credential database; and
logging the user on with the native OS to access the local machine when the authentication is successful.
2 Assignments
0 Petitions
Accused Products
Abstract
A credential is translated with one of different credential provider modules each translating a corresponding different type of credential into a common protocol. The translated credential is communicated through an API to a logon UI module to an operating system (OS) of a local machine. An OS logon module is called by the logon UI module to authenticate the translated credential against a credential database. A user identified by the translated credential is logged on to access the local machine when the authentication is successful. The credential can also be used with a selection received from the logon UI module via a corresponding one of different pre-log access provider (PLAP) modules that each communicate with the API. The API establishes a network session with an access service specified by the selected PLAP module when the credential is authenticated with the credential database.
47 Citations
16 Claims
-
1. A method executed on a single local machine having a processor executing computer-executable instructions stored in a memory, the method comprising:
-
initializing, by a native operating system (OS) on the local machine, a logon user interface (UI); initializing, with the logon UI on the single local machine, a plurality of different coexisting credential provider modules, each for translating respectively different types of credentials into a common credential protocol, the common credential protocol being compatible with the native OS of the local machine, each said credential provider module logging a user on with the native OS on the local machine via the logon UI to access the local machine using one of a plurality of corresponding different input devices in communication with the local machine; receiving a first said credential from the user at a first one of said input devices in communication with the local machine; translating the first credential with a first one of said credential provider modules corresponding to the first input device that is in communication with the local machine; communicating the translated first credential having the common credential protocol through a credential provider Application Program Interface (API) to the logon UI of the native OS, wherein the credential provider API is configured to interface with each of the plurality of different coexisting credential provider modules; passing the translated first credential having the common credential protocol to an OS logon module of the native OS from the logon UI; calling the OS logon module for the native OS to authenticate the translated credential having the common credential protocol against a credential database; and logging the user on with the native OS to access the local machine when the authentication is successful. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method executed on a single local machine having a processor executing computer-executable instructions stored in a memory. the method comprising:
-
initializing, by a native operating system (OS) on the local machine, a logon user interface (UI); initializing, with the logon UI on the single local machine, a plurality of different coexisting credential provider modules, each said credential provider module configured to perform a translation of a respectively different type of credential received at a different type of input device in communication with the local machine for translating the respectively different types of credentials into a common credential protocol, the common credential protocol being compatible with the native OS of the local machine, wherein each said credential provider module logs a user on with the native OS on the local machine via the logon UI to access the local machine using one of a plurality of corresponding different input devices communication with the local machine; receiving a first credential from the user at a first one of said input devices in communication with the local machine; translating the first credential with a first one of said credential provider modules that corresponds to the first input device; communicating the translated first credential having the common credential protocol through a credential provider interface to the logon UI of the native OS, wherein the credential provider interface is configured to interface with each of the plurality of coexisting different said credential provider modules; passing the translated first credential having the common credential protocol to a logon routine of the native OS from the logon UI; authenticating the translated first credential against a credential database with the logon routine of the native OS; and logging the user on to access the local machine with the native OS when the authentication is successful. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A computer-readable medium comprising a plurality of different coexisting credential provider modules initialized with a logon user interface (UI) by a native operating system (OS) on a single local machine, each including instructions that, when executed by the local machine, receive and translate a credential into a common credential protocol so as to be compatible for authentication by an authentication component of the native OS against a credential database for logging a user identified by the credential on with the native OS to access the local machine when the authentication is successful, wherein:
-
the translated credential is received via a credential provider Application Programming Interface (API) of the authentication component of the native OS; the credential provider API of the authentication component of the native OS is compatible for receiving each of a plurality of said credentials from a corresponding plurality of different coexisting credential provider modules; and each said different coexisting credential provider module is configured to; receive a respective different type of said credential from a respective input device, each respective input device coupling to the local machine, wherein the user selects one or more of the input devices for logging on with the native OS to access the local machine; and translate each said different type of said credential into the credential protocol so as to be compatible for authentication by the authentication component of the native OS against the credential database. - View Dependent Claims (13)
-
-
14. A method executed on a single local machine having a processor executing computer-executable instructions stored in a memory, the method comprising:
-
initializing, by a native operating system (OS) on the local machine, a logon user interface (UI); initializing, with the logon UI on the single local machine, a plurality of different coexisting credential provider modules, each said credential provider module performing a translation of a respectively different type of credential received at one of a plurality of different types of input devices in communication with the local machine for translating the respectively different types of credentials into a common credential protocol, the common credential protocol being compatible with the native OS of the local machine, wherein each said credential provider module logs a user on with the native OS on the local machine via the logon UI to access the local machine using one of the plurality of corresponding different input devices in communication with the local machine; receiving a first credential from the user at a first said input device in communication with the local machine; receiving a second credential from the user at a second said input device in communication with the local machine; translating the first credential into the common credential protocol using a first one of the credential provider modules corresponding to the first input device that is in communication with the local machine; translating the second credential into the common credential protocol using a second one of the credential provider modules corresponding to the second input device that is in communication with the local machine; using a component of the OS to authenticate the translated first credential and second credential having the common credential protocol against a credential database; and logging the user on with the OS to access the local machine when the authentication of both the first credential and the second credential is successful.
-
-
15. A method executed on a single local machine having a processor executing computer-executable instructions stored in a memory. the method comprising:
-
initializing, by a native operating system (OS) on the local machine, a logon user interface (UI); initializing with the logon UI on the single local machine a plurality of different coexisting credential provider modules, each for translating respectively different types of credentials into a common credential protocol, the common credential protocol being compatible with the native OS of the local machine, each said credential provider module logging a user on with the native OS on the local machine via the logon UI to access the local machine using one of a plurality of corresponding different input devices in communication with the local machine; initializing one or more pre-logon access provider (PLAP) modules at the local machine coexisting with said credential provider modules, each PLAP module operating with the OS of the local machine so that the user selects a logon connection type out of a plurality of logon connection types for establishing a network connection; receiving a first said credential from the user at a first one of said input devices in communication with the local machine; translating the first credential with a first one of said credential provider modules corresponding to the first input device that is in communication with the local machine; establishing, by a selected one of said PLAP modules, a network connection from the local machine to a domain using the translated first credential; communicating the translated first credential having the common credential protocol through a credential provider interface to the logon UI of the native OS, wherein the credential provider interface is configured to interface with each of the plurality of coexisting different said credential provider modules; passing the translated first credential having the common credential protocol to a logon routine of the native OS from the logon UI; authenticating the translated first credential against a credential database with the logon routine of the native OS; and logging the user on to access the local machine with the native OS when the authentication is successful.
-
-
16. A method executed on a single local machine having a processor executing computer-executable instructions stored in a memory, the method comprising:
-
initializing, by a native operating system (OS) on a local machine, a logon user interface (UI); initializing, with the logon UI on the single local machine, a plurality of different coexisting credential provider modules, each said credential provider module configured to perform a translation of a respectively different type of credential received at a different type of input device in communication with the local machine for translating the respectively different types of credentials into a common credential protocol, the common credential protocol being compatible with the native OS of the local machine, wherein each said credential provider module logs a user on with the native OS on the local machine via the logon UI to access the local machine using one of a plurality of available corresponding different input devices in communication with the local machine; choosing, by a user, one or more of said plurality of different types of input devices for logging on from among the plurality of available different input devices; receiving a first credential from the user via a chosen first one of said input devices in communication with the local machine; translating the first credential into the common credential protocol compatible with the native OS of the local machine with a first one of said credential provider modules that corresponds to the chosen first input device; communicating the translated first credential having the common credential protocol through a credential provider interface to the logon UI of the native OS, wherein the credential provider interface is configured to interface with each of the plurality of coexisting different said credential provider modules; passing the translated first credential having the common credential protocol to a logon routine of the native OS from the logon UI; authenticating the translated first credential against a credential database with the logon routine of the native OS; and logging the user on to access the local machine with the native OS when the authentication is successful.
-
Specification