×

Extending secure single sign on to legacy applications

  • US 9,118,657 B1
  • Filed: 01/22/2014
  • Issued: 08/25/2015
  • Est. Priority Date: 03/15/2011
  • Status: Active Grant
First Claim
Patent Images

1. A computer method for extending secure single sign on to a legacy web application that does not support a specific single sign on user authentication technique, the method comprising:

  • intercepting, by a single sign on proxy, a request by a client computer to access the legacy web application, wherein the legacy web application does not support the specific single sign on user authentication technique;

    forwarding the intercepted request to a single sign on identity provider, by the single sign on proxy;

    authenticating the user of client computer using the specific single sign on user authentication technique not supported by the legacy web application, by single sign on identity provider;

    providing an indication to the single sign on proxy that the authentication using the specific single sign on user authentication technique not supported by the legacy web application was successful, by the single sign on identity provider;

    obtaining a master password for the legacy web application from a key vault, by the single sign on proxy;

    obtaining an identifier of the user from the intercepted request, by the single sign on proxy;

    transmitting the identifier of the user and the master password wrapped in an HTTP request to the legacy web application, by the single sign on proxy;

    authenticating the HTTP request and creating a session, by the legacy web application;

    receiving cookies concerning management of the session from the legacy web application, by the single sign on proxy; and

    transmitting the received cookies to the client computer by the single sign on proxy, wherein the client computer utilizes the cookies to continue the session and communicate directly with the legacy web application, such that the single sign on proxy no longer intercepts additional transmissions between the client computer and the legacy application;

    wherein a secure single sign on session using the specific single sign on user authentication technique not supported by the legacy web application is established for the legacy web application, while maintaining integrity of the legacy web application and not violating a license agreement of the legacy web application.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×