发明名称 |
Cross instance user authentication architecture |
摘要 |
In accordance with disclosed embodiments, there are provided methods, systems, and apparatuses for implementing a cross instance user authentication architecture in an on-demand service environment including, for example, means for receiving a login request at a global Virtual Internet Protocol (VIP) address for the host organization from a client device; forwarding the login request received at the global VIP address to one of a plurality of datacenters within the host organization; determining the selected datacenter is a non-home-geo datacenter for a user associated with the login request received from the client device; establishing a back-end link from the non-home-geo datacenter to a home-geo datacenter for the user; forwarding the login request from the non-home-geo datacenter to the home-geo datacenter via the back-end link for authentication of the client device at the home-geo datacenter responsive to the login request received from the computing device; and returning a response to the client device from the non-home-geo datacenter upon successful authentication of the login request at the home-geo datacenter, wherein the response specifies a re-direct to the home-geo datacenter for the user. Other related embodiments are disclosed. |
申请公布号 |
US9032488(B2) |
申请公布日期 |
2015.05.12 |
申请号 |
US201313864549 |
申请日期 |
2013.04.17 |
申请人 |
salesforce.com, inc. |
发明人 |
Lee Jong |
分类号 |
G06F21/31;G06F21/45;H04L29/06;H04L29/08 |
主分类号 |
G06F21/31 |
代理机构 |
Blakely, Sokoloff, Taylor & Zafman |
代理人 |
Blakely, Sokoloff, Taylor & Zafman |
主权项 |
1. A method at a host organization, the method comprising:
receiving a login request at a global Virtual Internet Protocol (VIP) address for the host organization from a client device; forwarding the login request received at the global VIP address to one of a plurality of datacenters within the host organization; determining the selected datacenter is a non-home-geo datacenter for a user associated with the login request received from the client device; establishing a back-end link from the non-home-geo datacenter to a home-geo datacenter for the user; forwarding the login request from the non-home-geo datacenter to the home-geo datacenter via the back-end link for authentication of the client device at the home-geo datacenter responsive to the login request received from the computing device; and returning a response to the client device from the non-home-geo datacenter upon successful authentication of the login request at the home-geo datacenter, wherein the response specifies a re-direct to the home-geo datacenter for the user. |
地址 |
San Francisco CA US |