-
公开(公告)号:US20130332606A1
公开(公告)日:2013-12-12
申请号:US13596898
申请日:2012-08-28
申请人: Sarat Chandra Subramaniam , Christian Roy , Venkatesh Veeraraghavan , Nicholas Carl Sturm , Titus Constantin Miron , Matthew Taylor Cohen
发明人: Sarat Chandra Subramaniam , Christian Roy , Venkatesh Veeraraghavan , Nicholas Carl Sturm , Titus Constantin Miron , Matthew Taylor Cohen
IPC分类号: G06F15/173
CPC分类号: G06F21/41 , H04L63/0815
摘要: A method for sign-on and sign-out for a computer system includes: receiving a first sign-on request for the computer system; obtaining, from the first sign-on request, a first user identifier, the first user identifier corresponding to a first user for the computer system; obtaining, from the first sign-on request, a first uniform resource locator (URL); determining whether the first URL includes a first root name for the computer system; when a determination is made that the first URL includes the first root name for the computer system: issuing a first cookie; associating the first cookie with the first user; obtaining a first sub-domain name from the first URL; issuing a second cookie, the second cookie being different from the first cookie; associating the second cookie with the first sub-domain name; and when the first cookie and the second cookie are issued, signing-on the first user to the computer system.
摘要翻译: 一种用于计算机系统的登录和注销的方法包括:接收针对所述计算机系统的第一登录请求; 从所述第一登录请求获得第一用户标识符,所述第一用户标识符对应于所述计算机系统的第一用户; 从第一登录请求获得第一统一资源定位符(URL); 确定所述第一URL是否包括所述计算机系统的第一根名称; 当确定第一URL包括计算机系统的第一根名称时:发出第一个cookie; 将第一个cookie与第一个用户相关联; 从第一个URL获取第一个子域名; 发出第二个cookie,第二个cookie与第一个cookie不同; 将第二个cookie与第一个子域名关联起来; 并且当第一个cookie和第二个cookie被发出时,将第一个用户登录到计算机系统。
-
公开(公告)号:US20130145427A1
公开(公告)日:2013-06-06
申请号:US13308572
申请日:2011-12-01
申请人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
发明人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
CPC分类号: G06F21/62 , G06F2221/2141 , H04L63/10
摘要: An application submits a permission request to a resource server. In response to receiving the request, the resource server generates a user interface that asks the user to grant or deny the requested permissions. If the permissions are granted, data is stored indicating that the application has the requested permissions. When a runtime request for a resource is received, the resource server determines whether the request has been made by a user, by an application, or by an application on behalf of a user. If the request is made by an application only, the request is granted only if the application has permission to access the resource by way of a direct call not on behalf of a user. If the request is made by an application on behalf of a user, the request is granted only if both the user and the application have sufficient permission.
摘要翻译: 应用程序向资源服务器提交权限请求。 响应于接收到请求,资源服务器生成用户界面,要求用户授予或拒绝所请求的权限。 如果授予权限,则存储指示应用程序具有请求的权限的数据。 当接收到对资源的运行时请求时,资源服务器确定请求是由用户,应用程序还是由应用程序代表用户进行的。 如果请求仅由应用程序进行,则仅当应用程序具有通过不代表用户的直接呼叫访问资源的权限时,才会授予该请求。 如果请求是由应用程序代表用户进行的,则仅当用户和应用程序都有足够的权限时才会授予该请求。
-
公开(公告)号:US09268931B2
公开(公告)日:2016-02-23
申请号:US13596898
申请日:2012-08-28
申请人: Sarat Chandra Subramaniam , Christian Roy , Venkatesh Veeraraghavan , Nicholas Carl Sturm , Titus Constantin Miron , Matthew Taylor Cohen
发明人: Sarat Chandra Subramaniam , Christian Roy , Venkatesh Veeraraghavan , Nicholas Carl Sturm , Titus Constantin Miron , Matthew Taylor Cohen
IPC分类号: G06F15/173 , G06F21/41 , H04L29/06
CPC分类号: G06F21/41 , H04L63/0815
摘要: A method for sign-on and sign-out for a computer system. The method includes receiving a first sign-on request for the computer system and obtaining, from the first sign-on request, a first user identifier where the first user identifier corresponds to a first user for the computer system. The method then includes obtaining, from the first sign-on request, a first uniform resource locator (URL) and determining whether the first URL includes a first root name for the computer system. When a determination is made that the first URL includes the first root name for the computer system a first cookie associated with the first user is issued and a first sub-domain name is obtained from the first URL. Also, a second cookie may be issued associated with the first sub-domain name and, when the first cookie and the second cookie are issued, the first user may sign-on to the computer system. In one or more embodiments, the method may include receiving a sign-out request.
摘要翻译: 一种计算机系统的登录和注销方法。 该方法包括接收针对计算机系统的第一登录请求,并且从第一登录请求获得第一用户标识符,其中第一用户标识符对应于计算机系统的第一用户。 该方法然后包括从第一登录请求获得第一统一资源定位符(URL),以及确定第一URL是否包括计算机系统的第一根名称。 当确定第一URL包括计算机系统的第一根名称时,发出与第一用户相关联的第一cookie,并从第一URL获得第一子域名。 此外,可以发出与第一子域名相关联的第二cookie,并且当发出第一cookie和第二cookie时,第一用户可以登录到计算机系统。 在一个或多个实施例中,该方法可以包括接收注销请求。
-
公开(公告)号:US09015807B2
公开(公告)日:2015-04-21
申请号:US13308572
申请日:2011-12-01
申请人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
发明人: Robert McKee Howard , Titus Constantin Miron , William David Taylor , Shaofeng Zhu , Eray Aydin , Venkatesh Veeraraghavan
CPC分类号: G06F21/62 , G06F2221/2141 , H04L63/10
摘要: An application submits a permission request to a resource server. In response to receiving the request, the resource server generates a user interface that asks the user to grant or deny the requested permissions. If the permissions are granted, data is stored indicating that the application has the requested permissions. When a runtime request for a resource is received, the resource server determines whether the request has been made by a user, by an application, or by an application on behalf of a user. If the request is made by an application only, the request is granted only if the application has permission to access the resource by way of a direct call not on behalf of a user. If the request is made by an application on behalf of a user, the request is granted only if both the user and the application have sufficient permission.
摘要翻译: 应用程序向资源服务器提交权限请求。 响应于接收到请求,资源服务器生成用户界面,要求用户授予或拒绝所请求的权限。 如果授予权限,则存储指示应用程序具有请求的权限的数据。 当接收到对资源的运行时请求时,资源服务器确定请求是由用户,应用程序还是由应用程序代表用户进行的。 如果请求仅由应用程序进行,则仅当应用程序具有通过不代表用户的直接呼叫访问资源的权限时,才会授予该请求。 如果请求是由应用程序代表用户进行的,则仅当用户和应用程序都有足够的权限时才会授予该请求。
-
-
-