US2016142400A1PendingUtilityA1

Systems and methods for system login and single sign-on

33
Assignee: OPENLANE INCPriority: Apr 28, 2010Filed: Nov 13, 2015Published: May 19, 2016
Est. expiryApr 28, 2030(~3.8 yrs left)· nominal 20-yr term from priority
G06F 21/41H04L 63/083H04L 63/0815G06F 2221/2117G06F 2221/2103
33
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

Systems and methods for system login and single sign-on are described. A first application of a first system receives a request to access a protected application of a second system. An assertion is generated in response to the request. The assertion asserts an identity in the first system of a user generating the request. The assertion is validated and first account information corresponding to the assertion is extracted. The first account information is information of a first account of the user in the first system. Second account information is determined that is information of a second account of the user in the second system. A mapping is generated between the first account and the second account using the first account information and the second account information. The mapping is used to provide access to the protected application by the requestor.

Claims

exact text as granted — not AI-modified
1 . A method comprising:
 receiving at a first application of a first system a request to access a protected application of a second system;   generating in response to the request an assertion that asserts an identity in the first system of a user generating the request;   validating the assertion and extracting first account information corresponding to the assertion, wherein the first account information is information of a first account of the user in the first system;   determining second account information that is information of a second account of the user in the second system; and   generating a mapping between the first account and the second account using the first account information and the second account information.   
     
     
         2 . The method of  claim 1 , comprising providing access to the protected application by the user via the mapping. 
     
     
         3 . The method of  claim 1 , wherein the second system is remote to the first system. 
     
     
         4 . The method of  claim 1 , wherein the generating of the assertion is performed at the first system. 
     
     
         5 . The method of  claim 1 , wherein the generating of the assertion uses security assertion markup language. 
     
     
         6 . The method of  claim 1 , comprising generating a query string parameter in response to the request, wherein the query string parameter includes the assertion. 
     
     
         7 . The method of  claim 6 , comprising generating the query string parameter to include a uniform resource locator corresponding to an electronic location of the protected application. 
     
     
         8 . The method of  claim 7 , comprising, following the mapping, redirecting the user to the protected application using the uniform resource locator. 
     
     
         9 . The method of  claim 6 , comprising generating the query string parameter at the first system and propagating the query string parameter to the second system. 
     
     
         10 . The method of  claim 1 , wherein the validating is performed at the second system using a key provided by the first system. 
     
     
         11 . The method of  claim 1 , wherein the determining the second account information comprises, in response to the first account information, generating a prompt for the second account information. 
     
     
         12 . The method of  claim 1 , wherein the generating the mapping comprises generating the mapping in response to receipt of the second account information. 
     
     
         13 . The method of  claim 1 , comprising authenticating the second account information prior to the generating of the mapping. 
     
     
         14 . The method of  claim 13 , comprising determining that the second account information is associated with a plurality of organizations and prompting the user to select an organization of the plurality of organizations. 
     
     
         15 . The method of  claim 14 , comprising generating the mapping to include the organization selected. 
     
     
         16 . The method of  claim 1 , wherein the mapping comprises generating a logical link between the first account information and the second account information. 
     
     
         17 . The method of  claim 1 , comprising storing the mapping in the second system. 
     
     
         18 . The method of  claim 1 , wherein the first account information comprises an account name of the first account in the first system. 
     
     
         19 . The method of  claim 1 , wherein the second account information comprises an account name of the second account in the second system. 
     
     
         20 . The method of  claim 19 , wherein the second account information comprises a password corresponding to the second account.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.