Systems and methods for controlling sign-on to web applications

The invention claimed is: 1 . A system comprising at least one client device, and at least one server device executing a server-side portion of a web application, the at least one client device including a first processing system having at least one hardware processor, the first processing system being configured to execute a browser application providing a first client-side portion of the web application and a non-browser client application providing a second client-side portion of the web application, the at least one server including a second processing system having at least one hardware processor, the second processing system being configured to execute the server-side portion of the web application and to perform operations comprising: in response to a first access request received from the browser application, causing the browser application to perform generating a first session, wherein the browser application is subsequently provided access to application data using the first session, and wherein the application data is provided by the server-side portion of the web application; when a second request is received from the non-browser client application, determining, using an identifier included the second request, whether a value corresponding to the identifier is stored in a memory of the at least one server device in association with at least one of a plurality of session records; based on a result of the determining, either providing the non-browser client application with access to the application data using the first session, or causing the non-browser client application to perform a sign-on process and generating a second session, wherein the non-browser client application is provided access to the application data using the second session, wherein the first processing system is further configured to perform operations comprising: determine, by the non-browser client application, one or more candidate browser controls for use by the non-browser client application to communicate with the server-side portion of the web application, wherein each of the one or more candidate browser controls is configured to enable the non-browser client application, which is not a browser, to communicate using protocols including HTTP in accordance with a respective browser type; transmitting by the non-browser client application to the server device, a first instance of the second request, wherein the first instance corresponds to a first selected one of the one or more candidate browser controls; and based upon a response received to the transmitted first instance of the second request, determining, by the non-browser client application, whether to transmit a second instance of the second request, wherein the second instance corresponds to another one of the one or more candidate browser controls. 2 . The system according to claim 1 , wherein the determining further comprises: identifying a corresponding previously stored entitlement associated with the web application, wherein the entitlement specifies restrictions on accessing data from a service external to the server device, wherein the determining is further based upon the identified entitlement. 3 . The system according to claim 1 , wherein (a) when a browser type of the browser application is the same as a browser type of the first selected one of the one or more candidate browser controls, the response received indicates a presence of the first session, and (b) when the browser type of the browser application is different from the browser type of the first selected one of the one or more candidate browser controls, the response received represents a failure to find an existing session usable by the non-browser client application. 4 . The system according to claim 3 , the first processing system is further configured to: when the response received indicates the presence of the first session, and a browser type of a currently selected one of the one or more candidate browser controls is different from a predetermined browser type, obtain a first session identifier that is included in the response; instantiate a browser control of the predetermined browser type; and access the application data using the instantiated browser control of the predetermined browser type and using the first session identifier. 5 . The system according to claim 4 , wherein the first processing system is further configured to: after having transmitted one or more instances of the second request, in relation to a response received for an instance of the second request, performing a sign-on by the non-browser client application. 6 . The system according to claim 5 , wherein the second processing system is further configured to: in response to receiving an instance of the second request, determine whether the first session corresponds to a browser type currently associated with the second request; if the determining determines that the first session corresponds to a browser type currently associated with the second request, returning to the non-browser client application a first session identifier associated with the first session; and if the determining determines that the first session does not correspond to the browser type currently associated with the second request, returning to the non-browser client application an indication that no session usable by the non-browser client application was found. 7 . The system according to claim 1 , wherein the second processing system is further configured to, based upon the deactivating, preventing access by the browser client application and the non-browser client application to the application data. 8 . The system according to claim 1 , wherein the determining further comprises: generating, in relation to a sign-on by an instance of either the browser application or the non-browser client application executing on non-browser client device, a third session, wherein said instance is subsequently provided access to said application data using the second session; and in response to generating the third session, deactivating the first session.