-
公开(公告)号:US20230017382A1
公开(公告)日:2023-01-19
申请号:US17377294
申请日:2021-07-15
Applicant: Cisco Technology, Inc.
Inventor: Danxiang Li , Vincent Parla , Andrzej Kielbasinski , Dany Jacques Rochefort
Abstract: Systems and methods are provided for receiving information associated with a final single sign-on page from a native browser, extracting a public key from the information associated with the final single sign-on page, generating a single sign-on token to bind a browser session and a native application session, associating the single sign-on token with the public key extracted from the information associated with the final single sign-on page, and encrypting the single sign-on token with the public key to bind the browser session and the native application session.
-
公开(公告)号:US09294462B2
公开(公告)日:2016-03-22
申请号:US14155865
申请日:2014-01-15
Applicant: Cisco Technology, Inc.
Inventor: Vincent E. Parla , David McGrew , Andrzej Kielbasinski
CPC classification number: H04L63/0815 , H04L63/04 , H04L63/08 , H04L63/0884
Abstract: An authentication request is generated when a user of a client device attempts to initiate a user session with an application managed by a service provider. An authentication response is generated based on credentials received from the user. The authentication response includes an assertion on behalf of the user. A delivery resource locator for the assertion is rewritten to a resource locator of a proxy in order to redirect the assertion to the proxy. The authentication response is sent to the client device together with the resource locator of the proxy in order to cause the client device to send the assertion to the proxy that decodes the re-written resource locator and sends the assertion to the service provider.
Abstract translation: 当客户机设备的用户尝试发起与由服务提供商管理的应用的用户会话时,生成认证请求。 基于从用户接收的凭证生成认证响应。 认证响应包括代表用户的断言。 用于断言的传送资源定位符被重写到代理的资源定位符,以便将断言重定向到代理。 认证响应与代理的资源定位器一起被发送到客户机设备,以便使客户端设备将该断言发送到对重写的资源定位符进行解码的代理,并将该断言发送给服务提供商。
-
公开(公告)号:US09894055B2
公开(公告)日:2018-02-13
申请号:US15010003
申请日:2016-01-29
Applicant: Cisco Technology, Inc.
Inventor: Vincent E. Parla , David McGrew , Andrzej Kielbasinski
CPC classification number: H04L63/0815 , H04L63/04 , H04L63/08 , H04L63/0884
Abstract: An authentication request is generated when a user of a client device attempts to initiate a user session with an application managed by a service provider. An authentication response is generated based on credentials received from the user. The authentication response includes an assertion on behalf of the user. A delivery resource locator for the assertion is rewritten to a resource locator of a proxy in order to redirect the assertion to the proxy. The authentication response is sent to the client device together with the resource locator of the proxy in order to cause the client device to send the assertion to the proxy that decodes the re-written resource locator and sends the assertion to the service provider.
-
公开(公告)号:US20160149898A1
公开(公告)日:2016-05-26
申请号:US15010003
申请日:2016-01-29
Applicant: Cisco Technology, Inc.
Inventor: Vincent E. Parla , David McGrew , Andrzej Kielbasinski
IPC: H04L29/06
CPC classification number: H04L63/0815 , H04L63/04 , H04L63/08 , H04L63/0884
Abstract: An authentication request is generated when a user of a client device attempts to initiate a user session with an application managed by a service provider. An authentication response is generated based on credentials received from the user. The authentication response includes an assertion on behalf of the user. A delivery resource locator for the assertion is rewritten to a resource locator of a proxy in order to redirect the assertion to the proxy. The authentication response is sent to the client device together with the resource locator of the proxy in order to cause the client device to send the assertion to the proxy that decodes the re-written resource locator and sends the assertion to the service provider.
Abstract translation: 当客户机设备的用户尝试发起与由服务提供商管理的应用的用户会话时,生成认证请求。 基于从用户接收的凭证生成认证响应。 认证响应包括代表用户的断言。 用于断言的传送资源定位符被重写到代理的资源定位符,以便将断言重定向到代理。 认证响应与代理的资源定位器一起被发送到客户机设备,以便使客户端设备将该断言发送到对重写的资源定位符进行解码的代理,并将该断言发送给服务提供商。
-
Patent Agency Ranking
公开(公告)号:US20250039164A1
公开(公告)日:2025-01-30
申请号:US18918809
申请日:2024-10-17
Applicant: Cisco Technology, Inc.
Inventor: Danxiang Li , Vincent Parla , Andrzej Kielbasinski , Dany Jacques Rochefort
Abstract: Systems and methods are provided for receiving information associated with a final single sign-on page from a native browser, extracting a public key from the information associated with the final single sign-on page, generating a single sign-on token to bind a browser session and a native application session, associating the single sign-on token with the public key extracted from the information associated with the final single sign-on page, and encrypting the single sign-on token with the public key to bind the browser session and the native application session.
-
公开(公告)号:US12199970B2
公开(公告)日:2025-01-14
申请号:US17377294
申请日:2021-07-15
Applicant: Cisco Technology, Inc.
Inventor: Danxiang Li , Vincent Parla , Andrzej Kielbasinski , Dany Jacques Rochefort
Abstract: Systems and methods are provided for receiving information associated with a final single sign-on page from a native browser, extracting a public key from the information associated with the final single sign-on page, generating a single sign-on token to bind a browser session and a native application session, associating the single sign-on token with the public key extracted from the information associated with the final single sign-on page, and encrypting the single sign-on token with the public key to bind the browser session and the native application session.
-
公开(公告)号:US09992187B2
公开(公告)日:2018-06-05
申请号:US14977569
申请日:2015-12-21
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Jiajun Lu , Songling Han , Andrzej Kielbasinski , Peter Davis
IPC: H04L29/06
CPC classification number: H04L63/0815 , H04L63/0272 , H04L63/061 , H04L63/0876 , H04L63/168 , H04L67/02 , H04L67/146
Abstract: In one embodiment, a method includes initiating at a client application at a client device, a single sign-on authentication with a security device, receiving at the client application, a session identifier and location of a web portal for the single sign-on authentication from the security device, and passing the session identifier and location of the web portal from the client application to a browser installed at the client device, for use by the browser in performing the single sign-on authentication at the client device. An apparatus and logic are also disclosed herein.
-
公开(公告)号:US20170180351A1
公开(公告)日:2017-06-22
申请号:US14977569
申请日:2015-12-21
Applicant: CISCO TECHNOLOGY, INC.
Inventor: Jiajun Lu , Songling Han , Andrzej Kielbasinski , Peter Davis
IPC: H04L29/06
CPC classification number: H04L63/0815 , H04L63/0272 , H04L63/061 , H04L63/0876 , H04L63/168 , H04L67/02 , H04L67/146
Abstract: In one embodiment, a method includes initiating at a client application at a client device, a single sign-on authentication with a security device, receiving at the client application, a session identifier and location of a web portal for the single sign-on authentication from the security device, and passing the session identifier and location of the web portal from the client application to a browser installed at the client device, for use by the browser in performing the single sign-on authentication at the client device. An apparatus and logic are also disclosed herein.
-
公开(公告)号:US20150200924A1
公开(公告)日:2015-07-16
申请号:US14155865
申请日:2014-01-15
Applicant: Cisco Technology, Inc.
Inventor: Vincent E. Parla , David McGrew , Andrzej Kielbasinski
IPC: H04L29/06
CPC classification number: H04L63/0815 , H04L63/04 , H04L63/08 , H04L63/0884
Abstract: An authentication request is generated when a user of a client device attempts to initiate a user session with an application managed by a service provider. An authentication response is generated based on credentials received from the user. The authentication response includes an assertion on behalf of the user. A delivery resource locator for the assertion is rewritten to a resource locator of a proxy in order to redirect the assertion to the proxy. The authentication response is sent to the client device together with the resource locator of the proxy in order to cause the client device to send the assertion to the proxy that decodes the re-written resource locator and sends the assertion to the service provider.
Abstract translation: 当客户机设备的用户尝试发起与由服务提供商管理的应用的用户会话时,生成认证请求。 基于从用户接收的凭证生成认证响应。 认证响应包括代表用户的断言。 用于断言的传送资源定位符被重写到代理的资源定位符,以便将断言重定向到代理。 认证响应与代理的资源定位器一起被发送到客户机设备,以便使客户端设备将该断言发送到对重写的资源定位符进行解码的代理,并将该断言发送给服务提供商。
-
-
-
-
-
-
-
-
Search Results
9
records
(took 0.014 seconds)
