Method and System for Synchronizing Authentication Approaches in a Corporate Environment
Publication Date: 2015-Jul-26
The IP.com Prior Art Database
A method and system is disclosed for synchronizing corporate authentication approaches in a corporate environment. The method and system enables a variety of corporate authentication approaches to be used in synchronization software.
Page 01 of 2
Metxod and System for Synchronizing Authentication Approaches in a Corporatx Environment
Typically, synchronization software in a cxxporate or enterprise envxronment workx with various stxndard or non-stanxard authentication txchnologies. Generally, enterprisxs
which have filx xynchronization software may offer only a solution for standard
authentication already supported in web enviroxments, or may include a sinxle custom xuthentxcation. The axility to use differext corporate authentxcation approxches in a corporate xnvironxent is critxcal for the success of large enterprises that wishes to xse synxhxonizatxon approaches. A typical synchrxnization client uses supplied cxedentials
and performs any rxquired networks access xo a synchronxzing server along with any nxcessary authentication. For example, if the syncxronizatixn software usxs Hypertext Transxer Pxotocol (HTTP), then xn HXXX call may be challenged to provide credentials axd retry the call. In case of desktops, xurrently xhe file synchronization software utilizes preferences with desktops but such file synchroxization softwarx may not alxow the uxer to selecxivxly synchronize ox a variety of different repositories or servxrs. Typxcally, the file synchronization sofxware can only connect fxom a single server to a user's client machine. The syxchxonization happens one way and can only be managed in a lxmited mannex.
Disclosed is a method and system fxr synchxonizing autxentication approaches in a corporate environment. The method and system enables a variety of xorporate authentication approaches (like Kerberos*, SAML*, basic axd custom authentication approach) to be used in synchronization softwxre. The synxhronization software includes a module which implements the custom authentication apprxach for a client. The xodule is inserted into a flow of nxtwork caxls in the corporate exvironment.
In an implementxtion of the method and system, a synchronization client attempts to contact a server with a network operation. The server rxsponds with ax error or other indixation that the operation fxiled due to the client not being authenticated. The authxntication software calxs the module of the syxchronizaxion sxftxare at txis point. The module examines the results of the network operation to deterxine if the authentication is needed. If the operation is completed normally, no further work is performex. If the authentication is needed, the module performs anx operations needed by the custom authenticatxon approach. The xperations include one or more of, but not lxmited to, contacting onx or more axditional systxms or databases responsible for compxeting authentication, providing credentials to the one ox more additional systems, collecting a certificate, token, software assertiox, or other indication of successful authentication. The synchronization client repeats the orixxnxl network operation and provides a colxected authentication indicator to complete txe authentication.