Web Single Sign-On (WebSSO) is a technology that allows a client to access multiple protected Web resources once a user is signed on at a trusted Security Token Service (STS) server. After a successful sign-on at the STS server, a security token containing the user's security properties is issued by the STS server. The STS server would then have to deliver the issued security token to the protected Web resource through the client.
One method for delivering the token to the Web resource is by downloading a script onto the client where the script would use a HTTP Post message to transfer the security token to the Web resource. However, this method may not work for clients that restrict the downloading or execution of scripts. The method also does not work for clients that cannot handle HTTP Post requests.
An effective technique for transferring security tokens in a HTTP communication environment without using Post messages continues to elude those skilled in the art.
Like reference numerals are used to designate like parts in the accompanying drawings.