1. Field of the Invention
The present invention relates to an authentication server system that performs control relating to a notification during service use, a control method therefor, and a program therefor.
2. Description of the Related Art
In recent years, a system, which provides a function of software via the Internet, for example, called a service has been paid attention to. The service has a form called “multitenant service” that provides the same web application operating on a common server to a plurality of corporations or organizations. “Tenant” means a unit of corporations or organizations that provide the service using a conventional dedicated server.
In such a service, a service provider may transmit notification information such as system maintenance information and new function information to service users. Particularly when the service is stopped due to a system maintenance, a notification to the users becomes important. If the notification is not issued, the service looks suddenly stopped from viewpoints of the users, which may cause a problem. While a method for issuing the notification to each user by mail is also effective, that is not enough because mail addresses of some users may have not been unregistered. Therefore, a function of displaying the notification information has been required when the user logs in to the service.
As a function of displaying notification information when a user logs in to a system, which provides a service during service use, a method for managing display information in association with private information of the user has conventionally been known, as discussed in Japanese Patent Application Laid-Open No. 2003-256382. In this method, the notification information can be displayed on a screen when the user logs in by setting information of which a service provider desires to notify the user as forced display information for the user. A conventional technique relating to the notification information has been described above.
A conventional technique for authentication processing during mash-up of a service will be described below. A plurality of services, which cooperate with one another by the mash-up, is respectively separate services, so that their respective service providing systems need to be logged into. However, when the plurality of services cooperates with one another, a login screen is displayed every time each of the service providing systems is accessed. Thus, it takes much time and labor to perform a login operation. To save the time and labor, Single Sign On (SSO) based on a Security Assertion Markup Language (SAML) may be used. In a single sign on authentication system (hereinafter, referred to as an SSO), one service providing system is an Identity Provider (IdP), and another service providing system is a Service Provider (SP). A user can use another service without performing a login operation by logging into the service providing system serving as the IdP. For example, a service providing system for generating a Portable Document Format (PDF) is the IdP, and a service providing system for storing data on the Internet is the SP. When the user accesses a PDF generation service serving as the IdP, a login screen is displayed, and the user performs a login operation once. Then, when the generated PDF is stored in the service providing system serving as the SP, login to the SP is not required, and two services can seamlessly be mashed up.