Information processing system, control method thereof, and storage medium thereof
First Claim
1. A second information processing system that communicates with a plurality of first information processing systems that perform user authentication using user authentication information input by a user, the second information processing system comprising:
- one or more processors; and
one or more computer-readable media storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising;
verifying, using prior information, whether authorization information issued by the plurality of first information processing systems in response to successfully authenticating a user satisfies security requirements;
providing, in a case where the authorization information is verified as satisfying the security requirements, a service without performing the user authentication; and
performing, in a case where an instruction to register a first information processing system that performs user authentication from among the plurality of first information processing systems is received from the user, after whether the prior information is shared in a plurality of groups in the first information processing system is determined, the registration of the first information processing system by a method that differs between a case in which the prior information is shared in a plurality of groups and a case in which the prior information is not shared in a plurality of groups.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for realizing Single Sign-On (SSO) includes verifying, using prior information, whether authorization information issued by a first information processing system in response to successfully authenticating a user satisfies security requirements, providing, in a case where the authorization information is verified as satisfying the security requirements, a service without performing the user authentication, and performing, if an instruction to register a first information processing system that performs user authentication is received from the user, the registration by a method different from a method according to a management method of the prior information in the first information processing system.
28 Citations
13 Claims
-
1. A second information processing system that communicates with a plurality of first information processing systems that perform user authentication using user authentication information input by a user, the second information processing system comprising:
-
one or more processors; and one or more computer-readable media storing instructions that, when executed by the one or more processors, cause the one or more processors to perform operations comprising; verifying, using prior information, whether authorization information issued by the plurality of first information processing systems in response to successfully authenticating a user satisfies security requirements; providing, in a case where the authorization information is verified as satisfying the security requirements, a service without performing the user authentication; and performing, in a case where an instruction to register a first information processing system that performs user authentication from among the plurality of first information processing systems is received from the user, after whether the prior information is shared in a plurality of groups in the first information processing system is determined, the registration of the first information processing system by a method that differs between a case in which the prior information is shared in a plurality of groups and a case in which the prior information is not shared in a plurality of groups. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for performing control in a second information processing system that communicates with a plurality of first information processing systems that perform user authentication using user authentication information input by a user, the method comprising:
-
verifying, using prior information, whether authorization information issued by the plurality of first information processing systems in response to successfully authenticating a user satisfies security requirements; providing, in a case where the authorization information is verified as satisfying the security requirements, a service without performing the user authentication; and performing, in a case where an instruction to register a first information processing system that performs user authentication from among the plurality of first information processing systems is received from the user, after whether the prior information is shared in a plurality of groups in the first information processing system is determined, the registration of the first information processing system by a method that differs between a case in which the prior information is shared in a plurality of groups and a case in which the prior information is not shared in a plurality of groups.
-
-
13. A computer-readable storage medium storing a program for causing a computer to perform a program to be executed in a second information processing system that communicates with a plurality of first information processing systems that perform user authentication using user authentication information input by a user, the program comprising:
-
verifying, using prior information, whether authorization information issued by the plurality of first information processing systems in response to successfully authenticating a user satisfies security requirements; providing, in a case where the authorization information is verified as satisfying the security requirements, a service without performing the user authentication; and performing, in a case where an instruction to register a first information processing system that performs user authentication from among the plurality of first information processing systems is received from the user, after whether the prior information is shared in a plurality of groups in the first information processing system is determined, the registration of the first information processing system by a method that differs between a case in which the prior information is shared in a plurality of groups.
-
Specification