| 发明名称 | Tunneling session detection to provide single-sign on (SSO) functionality for a VPN gateway | ||
| 摘要 | A VPN gateway is described that provides single sign-on (SSO) functionality with respect to remote users who have established tunneling sessions with the VPN gateway and who attempt to access a protected resource. The VPN gateway may receive, from a client device, a security assertion request that includes a request for a security assertion to be made by the VPN gateway with respect to a user of a private network associated with the VPN gateway, determine whether the security assertion request was received via a tunneling session established for the user between the client device and the VPN gateway, and issue a security assertion for the user in response to determining that the security assertion request was received via the tunneling session. In this way, a VPN gateway may act as an SSO identity provider for users that have an established tunneling session with the gateway. | ||
| 申请公布号 | US8776209(B1) | 申请公布日期 | 2014.07.08 |
| 申请号 | US201213416786 | 申请日期 | 2012.03.09 |
| 申请人 | Juniper Networks, Inc. | 发明人 | Kumar Kartik;Agrawal Ankur;Chickering Roger A.;Wood James;Anne Vamsi K. |
| 分类号 | H04L29/06;G06F21/00 | 主分类号 | H04L29/06 |
| 代理机构 | Shumaker & Sieffert, P.A. | 代理人 | Shumaker & Sieffert, P.A. |
| 主权项 | 1. A method comprising: presenting a user interface configured to receive user input specifying whether tunneling session detection should be used to provide security assertions without requiring a user to re-authenticate with a VPN gateway device; establishing, with the VPN gateway device, a tunneling session for a user of a private network associated with the VPN gateway device, the tunneling session being established between a client device and the VPN gateway device; receiving, with the VPN gateway device, a security assertion request from the client device, the security assertion request including a request for a security assertion to be made by the VPN gateway device with respect to the user of the private network associated with the VPN gateway device; determining, with the VPN gateway device, whether the security assertion request was received via the tunneling session established for the user between the client device and the VPN gateway device; and issuing, with the VPN gateway device, a security assertion for the user in response to determining that the security assertion request was received via the tunneling session. | ||
| 地址 | Sunnyvale CA US | ||