SINGLE SIGN ON WITH MULTIPLE AUTHENTICATION FACTORS

摘要

The authentication of a client to multiple server resources with a single sign-on procedure using multiple factors is disclosed. One contemplated embodiment is a method in which a login session is initiated with the authentication system of a primary one of the multiple server resources. A first set of login credentials is transmitted thereto, and validated. A token is stored on the client indicating that the initial authentication was successful, which is then used to transition to a secondary one of the multiple resources. A second set of login credentials is also transmitted, and access to the secondary one of the multiple resources is granted on the basis of a validated token and second set of login credentials.

主权项

1. A method for authenticating a client to multiple server resources each with a standalone authentication system, the method comprising:
initiating a login session with the authentication system of a primary one of the multiple server resources; transmitting a first set of login credentials from the client to the authentication system of the primary one of the multiple server resources; validating the client to the primary one of the multiple server resources based upon the first set of login credentials; storing on the client a token received from the authentication system of the primary one of the multiple resources; transmitting the token and a second set of login credentials different from the first set of login credentials to a secondary one of the multiple server resources, the second set of login credentials being retrieved from the client; and validating the client to the authentication system of the secondary one of the multiple server resources based upon the transmitted token and the second set of login credentials.