×

Cross-domain authentication

  • US 7,950,055 B2
  • Filed: 10/19/2009
  • Issued: 05/24/2011
  • Est. Priority Date: 03/10/2004
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for providing a first service and a second service to a user via a client being coupled to a data communication network, said first service being provided by a first network server also being coupled to the data communication network, said second service being provided by a second network server also being coupled to the data communication network, said method comprising:

  • receiving a first request from the first network server to provide the first service in a first domain to the user wherein the user is not authenticated for the first service and not authenticated for the second service when the first request is received;

    storing first data on the client in response to the received first request, said first data identifying the first service wherein the user is not authenticated for the first service and not authenticated for the second service when the first data is stored;

    allowing the user to access the first service without authenticating the user during which the user continues to be unauthenticated for the first service and unauthenticated for the second service wherein the first service does not receive an authentication ticket and profile information associated with the user and wherein the user is not authenticated for the first service;

    receiving a second request from the second network server to provide the second service, which is in a second domain which is different than the first domain, to the user wherein the second service requires authentication of the user, wherein the user is not authenticated for the first service and wherein the first service does not have an authentication ticket and profile information associated with the user;

    authenticating the user for the second service in response to the received second request;

    allowing the user access to the second service in response to authenticating the user for the second service wherein the user is not authenticated for the first service and wherein the first service does not have an authentication ticket and profile information associated with the user;

    generating, in response to authenticating the user for the second service, an authentication ticket and profile information associated with the user wherein the generated authentication ticket and profile information is communicated to the second service, wherein the user is not authenticated for the first service and wherein the first service does not have an authentication ticket and profile information associated with the user; and

    authenticating, in response to the authentication of the user for the second request, the user for the first service identified in the stored first data wherein, in response to the authentication of the user for the first service, the generated authentication ticket and profile information is communicated to the first service.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×