US 7,631,346 B2
Method and system for a runtime user account creation operation within a single-sign-on process in a federated computing environmentGeneral
US 7,631,346 B2
Method and system for a runtime user account creation operation within a single-sign-on process in a federated computing environment
Tech Center:
2400 Networking, Multiplexing, Cable, and Security
Examiner:
Kambiz Zand
Art Unit:
2434 Cryptography and Security
Inventors:
Heather Maria Hinton; Ivan Matthew Milman; Venkat Raghavan; Shane Bradley Weeden
Priority:
04/01/05
Filed:
04/01/05
Granted:
12/08/09
Expiration:
07/31/28
Abstract
A method, system, apparatus, and computer program product are presented to support computing systems of different enterprises that interact within a federated computing environment. Federated single-sign-on operations can be initiated at the computing systems of federation partners on behalf of a user even though the user has not established a user account at a federation partner prior to the initiation of the single-sign-on operation. For example, an identity provider can initiate a single-sign-on operation at a service provider while attempting to obtain access to a controlled resource on behalf of a user. When the service provider recognizes that it does not have a linked user account for the user that allows for a single-sign-on operation with the identity provider, the service provider creates a local user account. The service provider can also pull user attributes from the identity provider as necessary to perform the user account creation operation.
Cooperative Patent Classification (CPC)
G06G06F21/41G06FH04L63/0815H04L