发明名称 |
System and method for single sign-on session management without central server |
摘要 |
A method and system for single-session sign-on management are provided. Multiple servers may be provided. The servers may have both log-in plug-in modules and session management plug-in modules. Providing the plug-ins on individual servers reduces network traffic generally required in order to grand a validate user credentials. Thus, a second server may validate a user credential created by a first server and may additionally create a user credential if it cannot validate the credential created by the first server. |
申请公布号 |
US8892755(B2) |
申请公布日期 |
2014.11.18 |
申请号 |
US201113082713 |
申请日期 |
2011.04.08 |
申请人 |
JPMorgan Chase Bank, N.A. |
发明人 |
Miller Lawrence R.;Skingle Bruce J. |
分类号 |
G06F15/16;H04L29/06;G06F21/41 |
主分类号 |
G06F15/16 |
代理机构 |
Goodwin Procter LLP |
代理人 |
Goodwin Procter LLP |
主权项 |
1. A computer-implemented method for single sign-on session management from a user browser over a network, the method comprising:
receiving, by each of a first server and a second server, a list of authorized users from a global repository; establishing a session credential using computer processing components at the first server, the first server having a first log-in plug-in and a first session management plug-in; validating the session credential at the first session management plug-in of the first server, the first session management plug-in establishing and validating the session credential based on the list of authorized users previously received from the global repository; granting access to the user browser to a first resource of the first server based on validation of the session credential at the first session management plug-in of the first server; receiving a request from the user browser for a second resource at the second server, the second server including a second log-in plug-in and a second session management plug-in, the request including the session credential established at the first server; checking for the validity of the session credential established at the first server at the second session management plug-in of the second server upon determining that the session credential is present, wherein the second session management plug-in checks for and verifies the validity of the session credential entirely within the second server without communicating with other servers in real time; when the session credential is not valid, then establishing a new session credential at the second server using the second log-in plug-in based on the list of authorized users previously received from the global repository and validating the new session credential at the second session management plug-in of the second server; and granting access to the second resource of the second server based on the validation at the second session management plug-in of the second server, wherein the first log-in plug-in and the second log-in plug-in are each configured to authenticate the user browser independently without redirecting it to a central sign-on server. |
地址 |
New York NY US |