Computer users are demanding flexible and sophisticated techniques in hardware and software implementations. This flexibility and sophistication are readily evident in evolving systems which alleviate requiring users to log on multiple times to a system. Typically a user identifies him/herself to the system by providing his/her userID and password. User management services will check the profile of the specified user and verify that the password provided is that of the named user. If the password is correct for the user, the user is marked as logged on and may subsequently access authorized system objects. The user may subsequently have to log on again perhaps with a different userID and password to access an application, e.g., word processing program, electronic mail, etc., after the user has logged onto the system. A recent study revealed that the average user of four applications spends approximately 44.4 hours per year just logging onto those applications. If the same user had a single sign-on capability, the time required to log onto the four applications would be reduced to approximately 17 hours per year. Single sign-on denotes the process by which the user presents a userID and password only once to access multiple applications or systems.
A system with single sign-on capability has been implemented by Hewlett Packard Company with the Windows operating system (Windows is a registered trademark of the Microsoft Corporation). The single sign-on is accomplished by taking advantage of what are known as “hooks” which enable calls to be made to call back functions when specified events occur such as the activation of a window. Such a hook enables a dynamic-link library (DLL) to automatically be inserted into an executing application program. A DLL file is one that contains one or more functions that are compiled, linked and stored separately from application processes that use them. Upon a call being made to a DLL, the Windows Operating System maps the DLL data into the process's address space when the process is either starting or running. By storing the correct input sequence in the DLL for logging onto an application and associating that input sequence with the applications logon dialog box, the user is able to automatically be logged onto an application once the user has successfully logged onto the Windows Operating System.
Unfortunately the user must log onto the underlying operating system, such as Windows 2000 or Windows NT, prior to accessing an application. It would therefore be desirable to bypass the initial sign-on screen of the underlying operating system so that the user signs on directly to the application environment while maintaining a single sign-on capability. It would further be desirable to change the level of access, i.e., change the assortment and/or number of applications the user has access to utilize, while maintaining a single sign-on capability.