Methods systems and articles of manufacture for implementing user access to remote resources
First Claim
1. A computer implemented method for implementing user access to a remote resource, comprising:
- receiving, at a first computer, a request from a user computing device through a first network to access the remote resource, wherein the remote resource resides on a second computer accessible by the first computer through a second network;
performing, at the first computer;
identification of stored user credentials by identifying and retrieving the stored user credentials from a central store remote from the user computing device;
automatic logon for the user using at least a thin-client architecture to transmit, to the second computer, stored user credentials that are used to authenticate or authorize the user to access the remote resource on the second computer, wherein the stored user credentials are centrally stored in the central store, and the user computing device is authenticated or authorized to access the remote resource on the second computer without transmitting the stored user credentials from the user computing device;
initiation or identification of a new session between the first computer and the second computer through the second network without using a single-sign-on mechanism in which one or more tickets are passed between the first computer and the second computer to service the remote resource to the user, andauthentication of the user on the first computer grants the user access to the remote resource on the second computer; and
enabling, by the first computer, the user to access the remote resource by using the new session.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems, and articles of manufacture for implementing user access to remote resources residing on an external domain. Various implementations include authenticating and authorizing a user on a first system and receiving user request to access remote resources. The first system invokes processes or modules to initiate a new session to perform auto logon on behalf of the user on a second system by using stored user'"'"'s credentials and subdomain delegation techniques without user intervention. The second system authenticates and authorizes this new session to allow user access to remote resources residing thereupon. The first system further prepares the user'"'"'s system to take over the new session by setting cookie(s) and also by redirecting the URL so the user may continue to use the new session to access the desired remote resources residing on the second system.
16 Citations
32 Claims
-
1. A computer implemented method for implementing user access to a remote resource, comprising:
-
receiving, at a first computer, a request from a user computing device through a first network to access the remote resource, wherein the remote resource resides on a second computer accessible by the first computer through a second network; performing, at the first computer; identification of stored user credentials by identifying and retrieving the stored user credentials from a central store remote from the user computing device; automatic logon for the user using at least a thin-client architecture to transmit, to the second computer, stored user credentials that are used to authenticate or authorize the user to access the remote resource on the second computer, wherein the stored user credentials are centrally stored in the central store, and the user computing device is authenticated or authorized to access the remote resource on the second computer without transmitting the stored user credentials from the user computing device; initiation or identification of a new session between the first computer and the second computer through the second network without using a single-sign-on mechanism in which one or more tickets are passed between the first computer and the second computer to service the remote resource to the user, and authentication of the user on the first computer grants the user access to the remote resource on the second computer; and enabling, by the first computer, the user to access the remote resource by using the new session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
- 22. A system for implementing user access to a remote resource, comprising a first computer that communicates with a user through a first network and is configured to at least receive at the first computer, a request from the user through the first network to access the remote resource, wherein the remote resource resides on a second computer accessible by the first computer through a second network, perform, at the first computer, identification of stored user credentials by identifying and retrieving the stored user credentials from a central store remote from the user computing device, automatic logon for the user using at least a thin-client architecture to transmit, to the second computer, stored user credentials, which are used to authenticate or authorize the user to access the remote resource on the second computer, wherein the stored user credentials are centrally stored in the central store, and the user computing device is authenticated or authorized to access the remote resource on the second computer without transmitting the stored user credentials from the user computing device, and initiation or identification of a new session between the first computer and the second computer through the second network without using a single-sign-on mechanism in which one or more tickets are passed between the first computer and the second computer to service the remote resource to the user, and authentication of the user on the first computer grants the user access to the remote resource on the second computer, and enable, by the first computer, the user to access the remote resource by using the new session.
-
27. An article of manufacture comprising a non-transitory computer accessible storage medium having one or more instructions which, when executed by at least one processor, cause the at least one processor to perform a process for implementing user access to a remote resource, the process comprising:
- receiving, at a first computer, a request from a user through a first network to access the remote resource, wherein the remote resource resides on a second computer accessible by the first computer through a second network, performing, at the first computer, identification of stored user credentials by identifying and retrieving the stored user credentials from a central store remote from the user computing device, automatic logon for the user using at least a thin-client architecture to transmit, to the second computer, stored user credentials, which are used to authenticate or authorize the user to access the remote resource on the second computer, wherein the stored user credentials are centrally stored in the central store, and the user computing device is authenticated or authorized to access the remote resource on the second computer without transmitting the stored user credentials from the user computing device, and initiation or identification of a new session between the first computer and the second computer through the second network without using a single-sign-on mechanism in which one or more tickets are passed between the first computer and the second computer to service the remote resource to the user, and authentication of the user on the first computer grants the user access to the remote resource on the second computer, and enabling, by the first computer, the user to access the remote resource by using the new session.
- View Dependent Claims (28, 29, 30, 31)
-
32. A computer implemented method for implementing user access to a remote resource, comprising:
-
receiving, at a first computer, a request from a user computing device through a first network to access the remote resource residing on a second computer accessible by the first computer through a second network; performing, at the first computer; identification of stored user credentials by utilizing an aggregation mechanism to identify and retrieve user credentials stored in a central store accessible by the first computer and remote from the user computing device; automatic logon for the user using at least a thin-client architecture to transmit, from the central store rather than from the user computing device to the second computer, the stored user credentials for authenticating or authorizing the user to access the remote resource on the second computer, without using a single-sign-on mechanism in which one or more tickets are passed between the first computer and the second computer to service the remote resource to the user; initiation or identification of a new session between the first computer and the second computer through the second network, and authentication of the user on the first computer grants the user access to the remote resource on the second computer; and enabling, by the first computer, the user to access the remote resource by using the new session.
-
Specification