Dynamic creation of temporary isolated environment in an interactive communication environment
US-2024411860-A1 · Dec 12, 2024 · US
Enterprise authentication via third party authentication support
US9531714B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9531714-B2 |
| Application number | US-201414317795-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 27, 2014 |
| Priority date | Jun 27, 2014 |
| Publication date | Dec 27, 2016 |
| Grant date | Dec 27, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and systems are disclosed for providing approaches to enterprise authentication via third party authentication support. The methods and systems may include transmitting, by a computing device to an authentication device, a request to authenticate a client device application via a forms login protocol, and transmitting, by the computing device to the client device application, a first credential form retrieved from an authentication device generated by an extension device. The methods and systems may also include receiving, by the computing device from the client device application, a first authentication credential, and transmitting, by the computing device to the authentication service via the extension device, the first authentication credential. The methods and systems may also include transmitting, by the computing device and in response to a successful validation of the first authentication credential, an approval of the request made by the client device application to authenticate via the forms login protocol.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: transmitting, by a computing device to an authentication device via a network, a request to authenticate a client device application via a forms login protocol; retrieving, by the computing device from the authentication device via the network, an authentication challenge and a first credential form requesting a first authentication credential, wherein the first credential form is generated, by an extension device connected to the authentication device, based on information received from an authentication service associated with the client device application, the extension device being configured with one or more authentication protocols of the authentication service associated with the client device application; transmitting, by the computing device to the client device application via the network, the first credential form and the authentication challenge; receiving, by the computing device from the client device application via the network, the first authentication credential and a response to the authentication challenge; transmitting, by the computing device to the authentication service via the extension device, the first authentication credential and the response to the authentication challenge; and transmitting, by the computing device via the network and in response to a successful validation of the first authentication credential and a successful response to the authentication challenge, an approval of the request made by the client device application to authenticate via the forms login protocol. 2. The method of claim 1 , wherein transmitting, by the computing device to the client device application, the first credential form further comprises transmitting, by the computing device to the client device application, an instruction to invoke a plug-in mechanism that obtains the first authentication credential, wherein the plug-in mechanism communicates with the authentication service associated with the client device application. 3. The method of claim 2 , wherein the plug-in mechanism displays, on a user device, a user interface requesting the first authentication credential using information retrieved from the authentication service associated with the client device application. 4. The method of claim 1 , further comprising: retrieving, by the computing device from the authentication device, a second credential form requesting a second authentication credential; transmitting, by the computing device to the client device application, the second credential form; receiving, by the computing device from the client device application, the second authentication credential; and transmitting, by the computing device to the authentication device, the second authentication credential. 5. The method of claim 4 , further comprising: retrieving, by the computing device, the first credential form associated with a first authentication service; and retrieving, by the computing device, the second credential form associated with a second authentication service. 6. The method of claim 5 , wherein transmitting the first and the second credential forms comprises: combining the first and the second credential forms into a third credential form; and transmitting, by the computing device to the client device application, the third credential form. 7. The method of claim 5 , wherein the first credential form is associated with a first authentication process and the second credential form is associated with a second authentication process, the method further comprising implementing one or more phases of the second authentication process after beginning the first authentication process and before completing the first authentication process. 8. The method of claim 1 , where the computing device comprises a gateway device, the method further comprising passing, by the gateway device to the client device application, at least one of a first session identifier associated with a gateway device authentication session and a second session identifier associated with an authentication device authentication session. 9. The method of claim 1 , further comprising: transmitting, by the computing device to the client device application and after approving the request to authenticate via the forms login protocol, session information; and receiving, by the computing device from the client device application, a confirmation of a session. 10. The method of claim 1 , further comprising: receiving, by the computing device from the client device application, a request for an indication that the computing device supports a forms login protocol; and transmitting, by the computing device to the client device application, a message indicating the computing device supports a forms login protocol. 11. The method of claim 1 , wherein the authentication device comprises the extension device. 12. The method of claim 1 , wherein the authentication device comprises the authentication service associated with the client device application and the extension device. 13. The method of claim 1 , wherein communications transmitted between the computing device and the authentication service associated with the client device application comprise data encrypted according to a first encryption, and communications transmitted between the authentication device and the computing device comprise data encrypted according to a second encryption different from the first encryption. 14. A system, comprising: at least one processor; and at least one memory storing instructions that, when executed by the at least one processor, cause the system to perform: transmitting, by a computing device to an authentication device via a network, a request to authenticate a client device application via a forms login protocol; retrieving, by the computing device from the authentication device via the network, an authentication challenge and a first credential form requesting a first authentication credential, wherein the first credential form is generated, by an extension device connected to the authentication device, based on information received from an authentication service associated with the client device application, the extension device being configured with one or more authentication protocols of the authentication service associated with the client device application; transmitting, by the computing device to the client device application via the network, the first credential form and the authentication challenge; receiving, by the computing device from the client device application, the first authentication credential and a response to the authentication challenge; transmitting, by the computing device to the authentication service via the extension device, the first authentication credential and the response to the authentication challenge; and transmitting, by the computing device via the network and in response to a successful validation of the first authentication credential and a successful response to the authentication challenge, an approval of the request made by the client device application to authenticate via the forms login protocol. 15. The system of claim 14 , wherein transmitting, by the computing device to the client device application, the first credential form further comprises transmitting, by the computing device to the client device application, an instruction to invoke a plug-in mechanism that obtains the first authentication credential, wherein the plug-in mechanism communicates with the authentication service associated with the client device application. 16. The system of
Assignees
Inventors
Classifications
using challenge-response · CPC title
involving a third party or a trusted authority · CPC title
using tickets or tokens, e.g. Kerberos (network architectures or network communication protocols for entities authentication using tickets in a packet data network H04L63/0807) · CPC title
Biological data, e.g. fingerprint, voice or retina (network architectures or network communication protocols for supporting authentication of entities using biometrical features in a packet data network H04L63/0861) · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9531714B2 cover?
- Methods and systems are disclosed for providing approaches to enterprise authentication via third party authentication support. The methods and systems may include transmitting, by a computing device to an authentication device, a request to authenticate a client device application via a forms login protocol, and transmitting, by the computing device to the client device application, a first cr…
- Who is the assignee on this patent?
- Citrix Systems Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0884. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 27 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).