Method and system for single sign-on user access to multiple web servers

Assignee

• Citicorp Development Center, Inc. · US

Inventors

• Michael Grandcolas · Santa Monica, US
• France Law · Los Angeles, US
• Ashwin Doshi · Cerritos, US
• Michael Williams · Bloomfield Hills, US
• Yeona Jang · Princeton, US
• Toni Merschen · White Plains, US
• Jack Pan · Walnut, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2149
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Methods and systems for single sign-on user access to multiple web servers are provided. A user is authenticated at a first web server (e.g., by user name and password). The first web server provides a web page to the user having a service selector (e.g., a hyperlink comprising the URL of a second web server offering the service indicated by the selector). When the user activates the service selector, the first web server constructs and transmits an encrypted authentication token (e.g., a cookie) from the first web server to a second web server via the user client. The first and second web servers share a sub-domain. The authentication token comprises an expiration time and is digitally signed by the first web server and is authenticated at the second web server. Upon authentication, the second web server allows the user to conduct a session at the second web server.