| 发明名称 |
TICKET GENERATOR FOR ALTERNATE AUTHENTICATION ENVIRONMENTS |
| 摘要 |
In a computer system, some resources may be protected within an SSO environment, and other resources may be protected in an alternate authentication environment. A user logged into an alternate authentication environment will again be prompted for login credentials when accessing an SSO protected resource. To avoid additional login prompts, credentials authenticated by the alternate authentication environment are used by the SSO environment to identify the user. The credentials are collected from the alternate authentication environment and provided to the SSO resource in the form of a ticket. The SSO resource forwards the ticket to an SSO provider. The SSO provider identifies the user within a user store using the credentials in the ticket. If the SSO provider identifies the user, the SSO provider generates a token and provides the token to the SSO resource. The token is authenticated by the SSO resource and access is granted to the user. |
| 申请公布号 |
US2017026362(A1) |
申请公布日期 |
2017.01.26 |
| 申请号 |
US201514806485 |
申请日期 |
2015.07.22 |
| 申请人 |
CA, Inc. |
发明人 |
O'Donnell Joseph Lawrence |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method comprising:
authenticating a first credential within a first authentication environment in accordance with a first authentication scheme; requesting access to a resource protected by a second authentication environment, wherein the second authentication environment uses a second authentication scheme; in response to requesting access to the resource, receiving within the first authentication environment a request for a second credential from the second authentication environment, wherein the first credential and the second credential correspond to a user account; generating a first data object, wherein the first data object includes the second credential; and sending the first data object to the second authentication environment. |
| 地址 |
New York NY US |
