| 发明名称 | Secure identity federation for non-federated systems | ||
| 摘要 | Methods and apparatus, including computer program products, implementing and using techniques for providing user credentials over a network to a remote computer application. User credentials for the remote computer application are stored in a central repository that is accessible through the network. A request is sent to a service to perform, on behalf of a user, a particular task involving the remote computer application. It is determined whether the service has been granted permission to act on behalf of the user with respect to the remote computer application. When the service has permission to act on behalf of the user, the service is used to retrieve the user's credentials for the remote computer application from the central repository and to supply the retrieved user credentials to the remote computer application. | ||
| 申请公布号 | US9450946(B2) | 申请公布日期 | 2016.09.20 |
| 申请号 | US201514754653 | 申请日期 | 2015.06.29 |
| 申请人 | salesforce.com, inc. | 发明人 | Boulos Thomas Nabiel;Behera Prasanta Kumar |
| 分类号 | H04L29/06;G06F21/33;G06F21/30;H04L29/08;G06F21/41 | 主分类号 | H04L29/06 |
| 代理机构 | Haynes Beffel & Wolfeld LLP | 代理人 | Haynes Beffel & Wolfeld LLP ;Beffel, Jr. Ernest J. |
| 主权项 | 1. A method of providing a unified access to non-federated systems, the method including: storing a plurality of sets of user credentials for a plurality of remote computer applications in a central repository accessible via an interoperability network, wherein the plurality of remote computer applications are non-federated entities that do not share a common federated identity verification protocol; receiving an interoperability network credential that authorizes a user to use the plurality of remote computer applications and access the stored plurality of sets of the user credentials; wherein an intermediary service coupled to the interoperability network receives a request to perform, on behalf of the user, a particular task that requires access to and task performance by a particular remote computer application from the plurality of remote computer applications; verifying that the intermediary service has authorization to act on behalf of the user in obtaining authorized access to and task performance by the particular remote computer application; and upon verification of authorization, automatically supplying the intermediary service particular user credentials for the particular remote computer application from the central repository. | ||
| 地址 | San Francisco CA US | ||