Abstract: Authentication based on a target uniform resource identifier (URI) via security proxies. A framework for creating, updating and deleting authentication groups according to a destination URI may be provided. Each of the authentication groups may have a corresponding adaptable authentication scheme. An access from a client to a server may be classified into an authentication group. An authentication request from the client to the server may be intercepted by an authentication scheme based on the authentication group. A session based cookie may be utilized for supporting access between the client and the server.

Abstract: Authentication based on a target uniform resource identifier (URI) via security proxies. A framework for creating, updating and deleting authentication groups according to a destination URI may be provided. Each of the authentication groups may have a corresponding adaptable authentication scheme. An access from a client to a server may be classified into an authentication group. An authentication request from the client to the server may be intercepted by an authentication scheme based on the authentication group. A session based cookie may be utilized for supporting access between the client and the server.

Abstract: Mechanisms are provided for enabling collaboration across tenants in a multi-tenant environment using single sign-on (SSO) authentication/authorization. Various examples provide for creating a user account and provisioning a subscription to a user (e.g., to enable single sign-on authentication/authorization). The user is allowed to access services (e.g., collaborative services) in a multi-tenant environment by utilizing a subscription authorization of the user without prompting the user to authenticate by logging-in again (that is, without prompting the user to log-in again after the user has already logged-in and been authenticated for a given session). Other examples provide for mapping webspaces through URL hosts where each organization (that is, tenant) has its own set of namespace(s).

Abstract: Mechanisms are provided for enabling collaboration across tenants in a multi-tenant environment using single sign-on (SSO) authentication/authorization. Various examples provide for creating a user account and provisioning a subscription to a user (e.g., to enable single sign-on authentication/authorization). The user is allowed to access services (e.g., collaborative services) in a multi-tenant environment by utilizing a subscription authorization of the user without prompting the user to authenticate by logging-in again (that is, without prompting the user to log-in again after the user has already logged-in and been authenticated for a given session). Other examples provide for mapping webspaces through URL hosts where each organization (that is, tenant) has its own set of namespace(s).

Abstract: Mechanisms are provided for enabling collaboration across tenants in a multi-tenant environment using single sign-on (SSO) authentication/authorization. Various examples provide for creating a user account and provisioning a subscription to a user (e.g., to enable single sign-on authentication/authorization). The user is allowed to access services (e.g., collaborative services) in a multi-tenant environment by utilizing a subscription authorization of the user without prompting the user to authenticate by logging-in again (that is, without prompting the user to log-in again after the user has already logged-in and been authenticated for a given session). Other examples provide for mapping webspaces through URL hosts where each organization (that is, tenant) has its own set of namespace(s).

Abstract: A unification point that federates heterogeneous directory service systems can include an identifier communion table for storing a set of records, each record indexing a unified object ID to a directory object ID and a directory ID. The directory ID can be a unique identifier of a directory service system. The directory object ID can be a unique identifier of a record maintained by the directory service system. The unification point can also include a computer program product for accepting directory service requests including a unified object ID, for using the identifier communion table to look up a corresponding directory object ID and directory ID, for generating a modified directory service requests that substitutes the directory object ID for the unified object ID, for conveying the modified directory service requests to the directory service system, for receiving a response, and for conveying the response to a request issuing entity.

Abstract: A computer-implemented method of implementing information security. The method can include receiving a user input comprising a first user identifier and at least a second user identifier, determining whether the first user identifier corresponds to at least one of a plurality of existing user profiles, and determining whether the second user identifier corresponds to at least one of the plurality of existing user profiles. When it is determined that the first user identifier does not correspond to at least one of the plurality of existing user profiles, but that the second user identifier does correspond to at least one of the plurality of existing user profiles, the method can include selecting the user profile to which the second user identifier corresponds, automatically generating a unique user identifier, and associating the unique user identifier with the selected user profile.

Abstract: A unification point that federates heterogeneous directory service systems can include an identifier communion table for storing a set of records, each record indexing a unified object ID to a directory object ID and a directory ID. The directory ID can be a unique identifier of a directory service system. The directory object ID can be a unique identifier of a record maintained by the directory service system. The unification point can also include a computer program product for accepting directory service requests including a unified object ID, for using the identifier communion table to look up a corresponding directory object ID and directory ID, for generating a modified directory service requests that substitutes the directory object ID for the unified object ID, for conveying the modified directory service requests to the directory service system, for receiving a response, and for conveying the response to a request issuing entity.

Abstract: A computer-implemented method of implementing information security. The method can include receiving a user input comprising a first user identifier and at least a second user identifier, determining whether the first user identifier corresponds to at least one of a plurality of existing user profiles, and determining whether the second user identifier corresponds to at least one of the plurality of existing user profiles. When it is determined that the first user identifier does not correspond to at least one of the plurality of existing user profiles, but that the second user identifier does correspond to at least one of the plurality of existing user profiles, the method can include selecting the user profile to which the second user identifier corresponds, automatically generating a unique user identifier, and associating the unique user identifier with the selected user profile.

Abstract: At least a first application program interface (API) may be provided to support retrieval of data from a plurality of disparate data sources. A directory from which data from at least one of the disparate data sources is exposed may be provided. Requested data may be automatically provided in response to the data being available via the directory.