PROXY AUTHENTICATION FOR SINGLE SIGN-ON

摘要

In an example, a web gateway is described, including an authentication proxy engine (PAE). The PAE authenticates a user device via, for example, a username and password, biometric data, or two-factor authentication. The web gateway then provides seamless and transparent single sign-on (SSO) for one or more web services. When the user requests a web page from the web service, the PAE inserts custom code that detects a login action. When the user logs in, a one-time token may be provided to auto-fill the username and password field. When the user submits the form, the PAE provides the actual credentials to the web service. The PAE may also provide authentication via authentication headers.

主权项

1. A computing apparatus for providing a network gateway, comprising:
a first data connection operable to communicatively couple the gateway to a network service; a second data connection operable to communicatively couplet the gateway to a client device; and one or more logic elements comprising an authentication proxy engine operable for:
receiving a request from the client device via the second data connection; andproviding authentication data to the network service via the first data connection.