JP2013242917A - Information processing system, information processing apparatus, control method thereof and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To reduce input operation of authentication information used for authentication processing in order to utilize web service, the input operation being executed after a user is authenticated at least once.SOLUTION: Authentication processing is performed in accordance with authentication information received from a client terminal. After authenticated, screen information of a frame stored in association with the authentication information is transmitted to a client terminal, the frame containing authentication information used for authentication processing in a web server and an authentication parameter, for identifying the authentication information, in a form of web service.

Description

  The present invention relates to an information processing system, an information processing apparatus, and a control method and program thereof, and particularly relates to a technique for reducing an input operation of authentication information used in authentication processing.

  In recent years, for example, services (SaaS, etc.) that use various web services on the Internet outside the company instead of building a server in-house are increasing.

  In this way, when using an external web service such as a web mail service or a schedule management service, if the web server providing the respective web service is not authenticated, the web service is used. It is often impossible to do this.

  Therefore, as many web services are used, the number of times authentication information used for the authentication is increased, and in such a case, the operation by the user may become complicated.

  In order to solve this, in Patent Document 1, a user ID and a password are stored in advance for each URL of the web service, and the user displays a web page of the web service and performs a predetermined operation with a mouse. And automatically inputting a user ID and password corresponding to the URL of the web page.

  In addition, when using various external web services at once, if the browser is started for each web service and displayed, the user's operability deteriorates and it becomes difficult to use the web service efficiently. Therefore, in order to solve this problem, an Iframe (frame) display area is provided in the display screen of the browser, and each web service screen is displayed in each frame, so that a plurality of web services can be displayed on one display screen. It is known that it can be received.

JP 2002-259341 A

  However, in the above-described conventional technology, for example, when a plurality of Iframe (eye frame) display areas are provided on one display screen and each web service screen is displayed in each Iframe display area, each Iframe display area is displayed. The user must input authentication information (user ID and password) corresponding to each web service via the displayed login screen.

  As described above, even if the mechanism of Patent Document 1 is used, the user ID and password cannot be input unless the user performs a predetermined operation for each web service displayed in each display area of the Iframe. Therefore, the operation related to the input of authentication information by the user becomes complicated.

  Even if each login screen of each web service is displayed and authentication information can be input by a predetermined operation via each login screen, the operation by the user related to the input of authentication information is still complicated, The user must be aware of the authentication process for each web service.

  Therefore, in order to reduce the user's operations related to the input of authentication information and reduce awareness about authentication processing of each web service, a mechanism for automatically performing authentication processing on the web server without displaying a login screen is required. .

  In addition, depending on the web server, there is a web server that is not authenticated unless the unique information is transmitted to the web service together with the user ID and the password input through the login screen in which unique unique information generated by the web service is embedded. Therefore, there is a need for a mechanism for automatically performing authentication processing on the web server without displaying a login screen even in such authentication processing on the web server.

  An object of the present invention is to provide a mechanism for reducing an input operation of authentication information used in an authentication process performed for using a web service, which is executed after a user is authenticated at least once.

  The present invention is a client terminal capable of communicating with a web server that provides a web service, and displays the web service screen information transmitted from the web server in a frame in a browser screen displayed on a display unit. And an information processing apparatus that transmits web service authentication information for requesting authentication to the web server to the client terminal, the client terminal being input by a user operation An authentication request transmitting means for transmitting an authentication request including the first authentication information to the information processing apparatus, and after being authenticated by an authentication process by the information processing apparatus in response to the authentication request by the authentication request transmitting means Web service authentication information for making an authentication request to the web server is sent to the information processing apparatus. The user authentication request by transmitting to the web server the receiving means for receiving and second authentication information used in the authentication process by the web server included in the web service authentication information received by the receiving means. Authentication request means for performing authentication, wherein the information processing device is associated with the first authentication information, the second authentication information of each web service provided by the web server, and the second authentication information. Authentication parameters for each of the web services, and web service information indicating web services to be displayed in a frame in the browser screen of the client terminal, associated with the first authentication information. And an authentication request for receiving an authentication request transmitted from the client terminal by the authentication request transmitting means. Authentication means for performing authentication processing in accordance with first authentication information included in the authentication request received by the authentication request receiving means, and an authentication request received by the authentication request receiving means after being authenticated by the authentication means. Web service authentication parameters indicated in the web service information stored in the storage means in association with the first authentication information included in the storage means, and stored in the storage means in association with the first authentication information. Generating means for generating web service authentication information for making an authentication request with the second authentication information to the web server, including second authentication information of the web service indicated by the web service information; Transmitting means for transmitting the web service authentication information generated by the generating means to the client terminal.

  The present invention is a client terminal capable of communicating with a web server that provides a web service, and displays the web service screen information transmitted from the web server in a frame in a browser screen displayed on a display unit. An information processing system that transmits a URL of a web service to a frame in a browser screen displayed on a display unit of the client terminal, wherein the client terminal is a user A browser screen based on the URL of the web service received by the receiving means, a transmitting means for transmitting user information for identifying the user information to the information processing apparatus, a receiving means for receiving the URL of the web service from the information processing apparatus Display means for displaying the screen of the web service in each frame of The information processing apparatus includes, for each user information, storage means for storing a URL to a web service displayed in each frame in the browser screen of the client terminal, and user information transmitted from the client terminal by the transmitting means. And a URL of the web service displayed in each frame in the browser screen of the client terminal, stored in the storage unit, based on the user information received by the receiving unit, Web service transmission means for transmitting to a terminal.

  The present invention is a client terminal capable of communicating with a web server that provides a web service, and displays the web service screen information transmitted from the web server in a frame in a browser screen displayed on a display unit. An information processing apparatus in an information processing system including: a client terminal that performs an authentication request to the web server; and an information processing apparatus that transmits web service authentication information that makes an authentication request to the client terminal. The second authentication information of each web service provided by the web server, the authentication parameter for each web service that identifies the second authentication information, and the first authentication information associated with each other Indicates an associated web service to be displayed in a frame in the browser screen of the client device Storage means for storing web service information, an authentication request receiving means for receiving an authentication request transmitted from the client terminal, and an authentication process according to first authentication information included in the authentication request received by the authentication request receiving means An authentication means for performing authentication, and after being authenticated by the authentication means, the web service information stored in the storage means in association with the first authentication information included in the authentication request received by the authentication request receiving means The web server comprising: an authentication parameter for the indicated web service; and second authentication information for the web service indicated in the web service information stored in the storage means in association with the first authentication information. Generating means for generating web service authentication information for making an authentication request based on the second authentication information; and And that a transmission unit that transmits to the client terminal the web service authentication information generated by.

  The present invention is a client terminal capable of communicating with a web server that provides a web service, and displays the web service screen information transmitted from the web server in a frame in a browser screen displayed on a display unit. An information processing apparatus control method in an information processing system, comprising: an information processing apparatus including: a client terminal that performs an authentication request to the web server; For each of the web services, the storage means of the apparatus identifies the second authentication information of each web service provided by the web server and the second authentication information associated with the first authentication information. In the browser screen of the client terminal associated with the first authentication information and the first authentication information Web service information indicating a web service to be displayed in a frame; a storage step for storing; an authentication request receiving unit for receiving an authentication request transmitted from the client terminal by an authentication request receiving unit of the information processing device; An authentication process in which an authentication unit of the information processing apparatus performs an authentication process according to first authentication information included in the authentication request received in the authentication request reception process, and a generation unit of the information processing apparatus is authenticated in the authentication process. Thereafter, an authentication parameter of the web service indicated in the web service information stored in the storing step in association with the first authentication information included in the authentication request received in the authentication request receiving step, and the first Of the web service indicated in the web service information stored in the storing step in association with the authentication information of A generating step for generating web service authentication information for requesting the web server to authenticate with the second authentication information, and a transmission unit of the information processing device generated by the generating step. And a transmitting step of transmitting the web service authentication information thus made to the client terminal.

  The present invention is a client terminal capable of communicating with a web server that provides a web service, and displays the web service screen information transmitted from the web server in a frame in a browser screen displayed on a display unit. A program that can be read and executed by an information processing apparatus in an information processing system, including: a client terminal that performs an authentication request to the web server; and an information processing apparatus that transmits web service authentication information to the client terminal. Each web service that identifies the information processing apparatus as second authentication information associated with first authentication information and second authentication information of each web service provided by the web server and the second authentication information And the client terminal browser associated with the first authentication information. Storage means for storing web service information indicating a web service to be displayed in a frame within the screen, an authentication request receiving means for receiving an authentication request transmitted from the client terminal, and received by the authentication request receiving means An authentication unit that performs an authentication process in accordance with first authentication information included in the authentication request; and after being authenticated by the authentication unit, associated with the first authentication information included in the authentication request received by the authentication request receiving unit. Web service authentication parameters indicated in the web service information stored in the storage means and web services indicated in the web service information stored in the storage means in association with the first authentication information And a second authentication information including a second authentication information to the web server for making an authentication request with the second authentication information. A generating means for generating service credentials, characterized in that to function as transmission means for transmitting the web service authentication information generated by the generating means to the client terminal.

  ADVANTAGE OF THE INVENTION According to this invention, the input operation of the authentication information used in the authentication process performed in order to utilize a web service performed after a user is authenticated at least once can be reduced.

1 is a block diagram schematically showing a system configuration of an information processing system according to an embodiment of the present invention. 1 schematically shows the hardware configuration of the server 100, the administrator terminal 101, the client terminal 112 (102, 103), the client terminal 113 (104, 105), and the external service server 112 (106, 107, 108) in FIG. FIG. It is a flowchart which shows the 1st control processing procedure which the information processing system in FIG. 1 performs. It is a flowchart which shows the 2nd control processing procedure which the information processing system in FIG. 1 performs. 6 is a flowchart showing a third control processing procedure executed by the information processing system in FIG. 1. It is a flowchart which shows the 4th control processing procedure which the information processing system in FIG. 1 performs. It is a flowchart which shows the 5th control processing procedure which the information processing system in FIG. 1 performs. 5 is a diagram illustrating an example of a layout table 800. FIG. 5 is a diagram illustrating an example of a layout page information table 900. FIG. It is a figure which shows an example of the window mapping table. 5 is a diagram showing an example of an external service table 1100. FIG. 5 is a diagram showing an example of an external service parameter table 1200. FIG. It is a figure which shows an example of the external service server parameter table 1300. FIG. 5 is a diagram illustrating an example of a portal screen 1400. FIG. It is a figure which shows an example of the screen 1500 of an external cooperation page. It is a figure which shows an example of the screen 1600 of an external cooperation page. 5 is a diagram showing an example of an external service screen 1700. FIG. 5 is a diagram showing an example of an interactive site table 1800. FIG. It is a figure which shows an example of HTML1900 containing the login instruction information (1901, 1902) transmitted to an external service server from a client terminal. 5 is a diagram illustrating an example of an external service registration screen 2000. FIG. 5 is a diagram showing an example of a layout / parameter registration screen 2100. FIG. It is a figure which shows an example of the interactive site registration screen 2200. FIG. 5 is a diagram illustrating an example of an arrangement position table 2300. FIG. It is a flowchart which shows an example of the process sequence which registers an external service table (FIG. 11) and an external service parameter (FIG. 12). It is a flowchart which shows an example of the process sequence of the registration process of an interactive site table (FIG. 18). It is a flowchart which shows an example of a process sequence for registering a layout page information table (FIG. 9), a window mapping table (FIG. 10), and an external service user parameter table (FIG. 13).

Hereinafter, the present invention will be described in detail according to preferred embodiments with reference to the accompanying drawings.
FIG. 1 is a block diagram schematically showing a system configuration of an information processing system according to an embodiment of the present invention.

As shown in FIG. 1, the server 100 (information processing apparatus) is connected to an administrator terminal 101 via a network so that they can communicate with each other. The administrator terminal 101 is a computer operated by an administrator who manages the server 100.

The server 100, the client terminals 110 (102, 103...), The client terminals 111 (104, 105...), And the external service servers 112 (106, 107,. Are connected to each other via a network 109 (wide area line).

Here, the external service server 112 has a function as a web server that provides a web service. In addition, the client terminal 110 (102, 103...) And the client terminal 111 (104, 105...) Are computers used by organizations and organizations such as corporations, and are respectively different organizations (company etc.). Indicates that the computer is used.

The client terminal 110 and the client terminal 111 have browser programs installed therein, communicate with each other with the server 100 and the external service server 112 having a web server function, and are transmitted from the server 100 and the external service server 112. It has a function to display the information.

Layout table 800 (FIG. 8), layout page information table 900 (FIG. 9), window mapping table 1000 (FIG. 10), external service table 1100 (FIG. 11), external service parameter table 1200 (FIG. 12), external service, which will be described later. The user parameter table 1300 (FIG. 13) and the interactive site table 1800 (FIG. 18) can be newly registered / changed in the server 100 from the administrator terminal 101. In addition, the table including the user ID (FIGS. 9 and 18) can be newly registered / changed from the client terminal only for the record portion of each authenticated user.

Hereinafter, the server 100, the administrator terminal 101, the client terminal 110 (102, 103), the client terminal 111 (104, 105), and the external service server 112 (106, 107, 108) shown in FIG. A hardware configuration will be described.

FIG. 2 schematically illustrates the hardware configuration of the server 100, the administrator terminal 101, the client terminal 110 (102, 103), the client terminal 111 (104, 105), and the external service server 112 (106, 107, 108) in FIG. FIG.

In FIG. 2, reference numeral 201 denotes a CPU that comprehensively controls each device and controller connected to the system bus 204. Further, the ROM 202 or the external memory 211 has a BIOS (Basic Input / Output System) or an operating system program (hereinafter referred to as OS), which is a control program of the CPU 201, and functions executed by each server or each PC (information processing apparatus). Various programs and the like to be described later necessary for the realization are stored.

A RAM 203 functions as a main memory, work area, and the like for the CPU 201. The CPU 201 implements various operations by loading a program or the like necessary for execution of processing from the ROM 202 or the external memory 211 into the RAM 203 and executing the loaded program.

An input controller 205 controls input from a keyboard (KB) 209 or a pointing device such as a mouse (not shown). A video controller 206 controls display on a display (display unit) such as a CRT display (CRT) 210. In FIG. 2, although described as CRT 210, the display device is not limited to the CRT, but may be another display device such as a liquid crystal display. These are used by the administrator as needed.

A memory controller 207 is provided in an external storage device (hard disk (HD)), flexible disk (FD), or PCMCIA card slot for storing a boot program, various applications, font data, user files, editing files, various data, and the like. Controls access to an external memory 211 such as a compact flash (registered trademark) memory connected via an adapter.

A communication I / F controller 208 connects and communicates with an external device via a network, and executes communication control processing on the network. For example, communication using TCP / IP is possible.

Note that the CPU 201 enables display on the CRT 210 by executing outline font rasterization processing on a display information area in the RAM 203, for example. In addition, the CPU 201 enables a user instruction with a mouse cursor (not shown) on the CRT 210.

Various programs to be described later for realizing the present invention are recorded in the external memory 211 and executed by the CPU 201 by being loaded into the RAM 203 as necessary. Further, files and various tables used when executing the program are also stored in the external memory 211.

The external memory 211 of the server 100 includes a layout table 800 (FIG. 8), a layout page information table 900 (FIG. 9), a window mapping table 1000 (FIG. 10), an external service table 1100 (FIG. 11), and an external service parameter table 1200. (FIG. 12), an external service user parameter table 1300 (FIG. 13), and an interactive site table 1800 (FIG. 18) are stored. When these pieces of information are used in the processing of each step in the flowchart described below, the information is acquired from the external memory and expanded in the RAM 203 before being used for processing.

<First Embodiment>
First, the processing procedure of the information processing system in the first embodiment will be described.
Next, the processing procedure of the information processing system in this embodiment will be described with reference to FIG.
FIG. 3 is a flowchart showing an example of a first control processing procedure executed by the information processing system in FIG.

  First, in steps S301, S302, S305, S306, and S312 to S315 shown in FIG. 3, the CPU 201 of the client terminal stores a program (browser or the like) stored in a storage unit such as the external memory 211. This is realized by loading the program into the RAM 203 and executing it.

  Also, the processing of step S303, step S304, and steps S307 to S311 shown in FIG. 3 is realized by the CPU 201 of the server 100 loading the program stored in the storage means such as the external memory 211 into the RAM 203 and executing it. The

  First, the CPU 201 of the client terminal accepts an input of a URL of a login screen of a web service provided by the server 100 by a user operation through a screen displayed by starting an installed browser (step S301).

  When the login screen URL is input in step S301, the CPU 201 of the client terminal transmits a login screen display request to the URL (step S302).

When the CPU 201 of the server 100 receives a login screen display request from the client terminal (step S303), it transmits display information (HTML or the like) for displaying the login screen to the client terminal to request authentication (step S303). S304). The display information described in the “DETAILED DESCRIPTION OF THE INVENTION” is also referred to as screen information.
In step S303, the authentication request transmitted from the client terminal is received (authentication request receiving means).

When receiving the display information from the server 100 (step S305), the CPU 201 of the client terminal displays a login screen on the display unit 210. When login information (login ID (also referred to as user ID) and password) is input from the user via the displayed login screen, the login information (user information) is transmitted to the server 100 (step S306). .
That is, an authentication request including the first authentication information input by a user operation is transmitted to the information processing apparatus (authentication request transmitting means).

  When the server 100 receives the login information from the client terminal (step S307), the server 100 performs an authentication process according to the received login information (step S308), and determines whether or not authentication has been performed (step S309).

  When it is determined that the server 100 has been authenticated (step S309: authentication OK), display information for displaying the portal screen of the authenticated user (a page ID corresponding to the user ID is included). Is transmitted to the client terminal (step S310). On the other hand, when it is determined that the authentication has not been performed (step S311: authentication NG), display information for displaying a failure screen indicating the authentication failure is transmitted to the client terminal (step S311). Step S311).

  Here, the server 100 stores the user ID and the page ID in association with each other, and transmits display information (portal screen) including the page ID corresponding to the user ID received in step S307 in step S310.

  When the client terminal receives the display information from the server 100 (step S312), if the display information is display information for displaying a failure screen (step S313: YES), the client terminal performs an authentication failure according to the display information. On the other hand, when the display information is for displaying the portal screen (step S313: NO), the portal screen (FIG. 14) is displayed according to the display information (step S315). .

An example of the portal screen displayed here will be described with reference to FIG.
FIG. 14 is a diagram illustrating an example of the portal screen 1400.

  On the portal screen 1400, an external cooperation page link button 1401 for displaying a web service page provided by the external service server 112 is displayed.

  Information to be displayed on the portal screen of the user authenticated in step S308 is displayed in the screen area 1402.

  On the portal screen 1400 displayed after logging in, for example, information on the company to which the user belongs is displayed.

  Next, when the user presses the external link page link button 1401, the client terminal executes the process of S401 shown in FIG.

  FIG. 4 is a flowchart illustrating an example of a second control processing procedure executed by the information processing system in FIG.

  The processing of step S401, step S409 to step S411, step S418 to step S420, and step S424 to step S425 shown in FIG. 4 is performed by the CPU 201 of the client terminal stored in a storage unit such as the external memory 211 (browser or the like). Is loaded into the RAM 203 and executed.

  Also, the processing of step S402 to step S408 and step S412 to step S417 shown in FIG. 4 is realized by the CPU 201 of the server 100 loading the program stored in the storage means such as the external memory 211 into the RAM 203 and executing it. Is done.

  4 is realized by the CPU 201 of the external service server 112 loading a program stored in a storage unit such as the external memory 211 into the RAM 203 and executing the program.

  First, when the external cooperation page link button 1401 on the portal screen 1400 is pressed by the user, the client terminal transmits an external cooperation page display request including the page ID included in the display information on the portal screen 1400 to the server 100. (Step S401).

  When the server 100 receives the external cooperation page display request from the client terminal (step S402), the server 100 refers to the layout page information table 900 (FIG. 9) stored in the external memory 211 of the server 100, and the external cooperation page display request. The portlet and window ID are specified according to the page ID included in the ID and the login ID received in step S307 (step S403).

Here, FIG. 9 will be described.
FIG. 9 is a diagram illustrating an example of the layout page information table 900.

  9 includes items of “page ID”, “layout ID”, “region No.”, “user ID”, “portlet”, and “window ID”.

Here, the “user ID” is information for identifying the user whose external cooperation page link button 1401 is pressed, and is a value corresponding to the user ID included in the login information received in step S307.
The “page ID” is information for identifying a page of a screen displayed when the external link page link button 1401 is pressed.

  The “layout ID” is information for identifying the layout of the page. “Region No.” is information for identifying the position of the region of the frame. A table in which “region No.” is associated with the position of the region of the frame is stored, and when “region No.” is determined by the layout page information table 900, the frame associated with the “region No.” is stored. The position of the area is determined.

The “portlet” is information indicating what information is displayed in the frame. In the example of FIG. 9, “external linkage”, “scheduler”, “message memo”, and “bulletin board” are set in the “portlet” column. The functions of “scheduler”, “message memo”, and “bulletin board” are web services provided by the server 100, respectively. Further, “external cooperation” indicates that a web service provided by the external service server 112 that is not provided by the server 100 is displayed in a frame.
The “window ID” is information for identifying the frame.

That is, the layout page information table 900 is displayed on the display section of the client terminal operated by the user when the authenticated and logged-in user presses the external link page link button 1401, and what kind of screen has what kind of content. Is information that defines whether or not to display.
Returning to the description of FIG.

  In step S403, a record in which the page ID included in the external cooperation page display request received in step S402 and the user ID received in step S307 match among the records of the layout page information table 900 is identified. Specify the portlet and window ID of the recorded record. At this time, the layout ID or region number is determined from the record specified here. The region number is determined from the layout ID of the record specified here using the layout table 800 of FIG. May be specified.

Then, the server 100 refers to the window mapping table 1000 (FIG. 10), and specifies an external service ID (web service information) using the window ID specified in step S403 as a key (step S404).
FIG. 10 is a diagram illustrating an example of the window mapping table 1000.

  As shown in FIG. 10, the window mapping table 1000 stores “window ID” and “external service ID” in association with each other. Here, the “external service ID” is information for identifying a web service provided by the external service server.

  In step S404, the window ID specified in step S403 specifies the external service ID associated in the window mapping table 1000.

  Then, the server 100 generates information including the external service ID specified in step S404 and the URL for storing the servlet program stored in advance as a servlet URL (step S405).

Here, among the records of the layout page information table 900 (FIG. 9), the window ID specified in step S403 and the record indicating that the “portlet” specified in step S403 is external linkage are shown. The servlet URL generated in step S405 is set in a frame (screen area) to be generated, and display information of the frame is generated (step S406).
In this embodiment, the frame is described as an “external linkage page”. Further, the frame indicates “Iframe (eye frame)”.

  Here, among the records in the layout page information table 900 (FIG. 9), the record indicating that the window ID specified in step S403 and the “portlet” specified in step S403 are externally linked. When there are a plurality of records, the processing of step S404 and step S405 is performed for each record, and a servlet URL including an external service ID specified from each window ID is set for each frame, Generate frame display information.

  Then, the server 100 generates display information (HTML or the like) for displaying the external cooperation page screen (FIG. 15) in which the servlet URL generated in step S405 is set in the frame (step S406).

FIG. 15 is a diagram illustrating an example of the external cooperation page screen 1500.
In the example of the external cooperation page screen 1500 illustrated in FIG. 15, a frame 1501, a frame 1502, and a frame 1503 are displayed.
Next, the server 100 transmits the display information generated in step S407 to the client terminal (step S408).

  When the client terminal receives the display information generated in step S407 from the server 100 (step S409), the browser reads and interprets (analyzes) the display information, and displays the external cooperation page screen 1500 (FIG. 15). The information is displayed on the display unit (step S410).

  At this time, the client terminal reads the servlet URL set in the frame and transmits a frame display request including the external service ID included in the servlet URL to the URL included in the servlet URL ( Step S411). In the process of step S411, each frame reads the servlet URL set in each frame, and transmits a frame display request including the external service ID included in the servlet URL to the URL included in the servlet URL. .

  In the present embodiment, the URL included in the servlet URL will be described as a URL for specifying a servlet program stored in the server 100.

  Next, when the servlet of the server 100 receives the frame display request transmitted from the client terminal (step S412) (specific information receiving unit), the servlet of the server 100 sets the external service ID included in the display request. Using the key, the external service table 1100 (FIG. 11) is searched to identify a record that matches the external service ID (step S413). Then, the specified record (including the URL) is acquired. The servlet executes the process of step S406 described later from step S402.

  FIG. 11 is a diagram illustrating an example of the external service table 1100.

  The external service table 1100 includes “external service ID (specific information)”, “URL”, “title”, and “type”.

  “URL” indicates the URL (access destination) of the web page of the web service provided by the external service server.

  “Title” indicates the title of the service of the web service.

“Type” is a “portlet” that displays the web page of the web service in a frame (1501, 1502, 1503) created in the portal screen 1400, or a new browser is launched (generated) and displayed in a separate window. A “separate window” for displaying the web page of the web service is set.
Returning to the description of FIG.

  Next, the server 100 searches the external service parameter table 1200 (FIG. 12) using the external service ID included in the display request received from the client terminal as a key, and identifies a record that matches the external service ID. Then, the parameter ID and parameter name included in the identified record are acquired (step S414).

  FIG. 12 is a diagram illustrating an example of the external service parameter table 1200.

  The external service parameter table 1200 includes “parameter ID”, “external service ID”, and “parameter name” (authentication parameter).

  “Parameter ID” is information for identifying a parameter.

  The “parameter name” is a parameter name used for performing authentication processing. Since this parameter name often differs for each web service, it is necessary to store it for each web service as shown in FIG.

  That is, in the “parameter name” of the external service parameter table 1200, a parameter (name) indicating (identifying) each of a user ID and a password (parameter values shown in FIG. 13) used in the authentication process in the external web service is included. Registered for each external web service.

  Next, the server 100 searches the external service user parameter table 1300 (FIG. 13) using the parameter ID acquired in step S414 and the user ID included in the login information acquired in step S307 as keys. A record that matches the parameter ID and the user ID is specified. If there are a plurality of parameter IDs acquired in step S414, the external service user parameter table 1300 (FIG. 13) is searched using each parameter ID and user ID as a key to match the parameter ID and user ID. Identify each record. Then, the parameter value included in the specified record is acquired (step S415).

Then, the server 100 sets the URL acquired in step S413, the parameter name acquired in step S414, and the parameter value acquired in step S415 in the frame. That is, the server 100 performs login instruction information in a format that allows login to the URL acquired in step S413 according to the URL acquired in step S413, the parameter name acquired in step S414, and the parameter value acquired in step S415. Service authentication information) is generated, and display information of the frame in which the login instruction information is set in the frame is generated (step S416).
FIG. 19 is a diagram illustrating an example of display information generated in step S416.

  As shown in FIG. 19, the display information of the frame includes a login ID 1901 and a password 1902 for logging in to the web service of the external service server as login instruction information. 1901 indicates that login_id (parameter name) is a login ID (user ID), and that the value as the login ID is usera (parameter value). Reference numeral 1902 indicates that passwd (parameter name) is a password, and that the value as the password is passa (parameter value). In 1903, the URL acquired in step S413 is set as the transmission destination of the login instruction information.

Here, since 1901 and 1902 are “<input type =” hidden ”name =...”, The login ID and password are not displayed on the (frame) screen of the client terminal. Is set. In FIG. 19, “transition is in progress” is set to be displayed on the (frame) screen of the client terminal.
On the client device's (frame) screen,

  Next, the server 100 transmits display information (HTML or the like) of the frame generated in step S416 to the client terminal (step S417) (web service transmission unit) (frame transmission unit).

  Here, as shown in FIG. 15, when there are a plurality of frames to be displayed, the client terminal transmits a frame display request from each frame in step S411. Therefore, the server 100 transmits each display request. Receive. Therefore, the server 100 executes steps S412 to S417 for each received display request.

Next, when the client terminal receives the display information of the frame transmitted in step S417 from the server 100 (step S418), the client terminal reads and interprets (analyzes) the display information, and the external cooperation page screen 1600 (FIG. 16). Is displayed on the display unit (step S419).
In each frame 1601, 1602, 1603 of FIG. 16, a message “Transition is in progress” is displayed.

  In step S418, in response to the authentication request from the client terminal, web service authentication information for making an authentication request to the web server is received from the information processing apparatus (receiving means).

  Here, the login ID and password described in “<input type =“ hidden ”name =...” In 1901 and 1902 are not displayed on the (frame) screen of the client terminal. Instead, the message “Transitioning ...” in FIG. 19 is displayed in the frame.

Then, the client terminal transmits login instruction information (1901, 1902) to a URL (transmission destination) 1903 (external service server) included in the display information (step S420).
Here, the frame including the display information transmits login instruction information to the external service server.

  When the external service server receives the login instruction information from the client terminal (step S421), it recognizes login_id as the login ID, recognizes that the value is usera, and passeswd as the password, and the value is “passa”. Interpret that there is.

  Then, the external service server performs an authentication process according to the interpreted login ID and password (step S422), and displays the external service screen including the content (screen information) provided by the external service server when authenticated and logged in. Is displayed in the frame of the client (step S423).

  When the frame of the client terminal receives display information from the external service server (step S424), the received display information is read and interpreted, and the external service screen is displayed (step S425).

Here, FIG. 17 shows an external cooperation page screen 1700 including the external service screen displayed in the frame.
FIG. 17 is a diagram illustrating an example of the external cooperation page screen 1700.

  Frames 1701, 1702, and 1703 shown in FIG. 17 indicate that an external service screen including content provided by the external service server is displayed.

  If the external service server is not authenticated in step S422, the external service server transmits failure information indicating that the authentication has not been performed to the frame from which the login instruction information has been transmitted, and the frame of the client terminal includes the failure information. And the failure information is displayed in the frame.

  When the client terminal has a plurality of frames and a plurality of pieces of display information (such as HTML) are transmitted from the server 100 in step S417, the processing of step S418 to step S420, step S424, and step S425 is performed for each piece of display information. Processing will be executed. In this case, the external service server also executes the processes from step S421 to step S423.

  As described above, in the description of FIG. 4, a plurality of frames displayed on the same screen (one screen) as the portal screen each access a plurality of external service servers, and contents provided by the external service server are displayed in the frames. Explained the mechanism to display in.

  As described above, when the user is authenticated by the server 100, the user does not enter the login ID and password required for the authentication process in the external (external) web service used by the user. Authentication can be performed.

  Next, using FIG. 5 and FIG. 6, instead of displaying the content (external service screen) provided by the external service server in a frame within one screen, another window is newly generated to A process for displaying the content on the browser will be described.

  FIG. 5 is a flowchart showing a third control processing procedure executed by the information processing system in FIG.

  The processing in step S501, step S505, and step S506 shown in FIG. The

  The processing in steps S502 to S504 shown in FIG. 5 is realized by the CPU 201 of the server 100 loading a program stored in a storage unit such as the external memory 211 into the RAM 203 and executing it.

  The flowchart shown in FIG. 5 is a process executed after executing the control processing procedure shown in the flow chat shown in FIG. 3 and executing step S315 at the client terminal.

  First, when the user presses another browser button 1403 on the portal screen (FIG. 14), the client terminal transmits a page display request for another browser including a page ID for identifying a page to be displayed on the other browser to the server 100. (Step S501).

  The page ID transmitted here is a page ID indicating a page to be displayed in another browser, and is a page ID different from the page ID transmitted in step S310 described above.

  That is, the display information transmitted in step S310 in FIG. 3 includes a page ID that is a page displayed in another browser corresponding to the user ID received in step S307.

  Here, the user ID and the page ID to be displayed on the separate browser are stored in association with each other, and the display information (portal screen) including the page ID to be displayed on the separate browser corresponding to the user ID received in step S307 is displayed. In step S310, transmission is performed.

  When the server 100 receives a page display request of another browser including a page ID for identifying a page to be displayed on another browser from the client terminal (step S502), the server 100 includes the page ID and the login information received in step S307. A window ID in which a record including a user ID is acquired from the layout page information table 900 (FIG. 9), and the “portlet” item of the record of the acquired layout page information table 900 (FIG. 9) is indicated as external linkage. To get. Then, the external service ID corresponding to the acquired window ID is acquired by searching the window mapping table. Information including the external service ID acquired here and a URL for specifying a preset servlet program is generated as a servlet URL. Display information of the page screen including the generated servlet URL is generated (step S503), and the display information is transmitted to the client terminal (step S504).

  When the client terminal receives the display information from the server 100 (step S505), the client terminal reads the display information and generates and displays a page screen (another new window) on the display unit (step S506).

  Next, the client terminal moves the process to step S601, reads the servlet URL set in the new window, and includes the external service ID included in the servlet URL with respect to the URL included in the servlet URL. A request to display another window is transmitted (step S601).

  When the server 100 receives a display request for another window from the client terminal (step S602), the server 100 searches for the URL of the external service according to the external service ID included in the display request, and performs the processing from step S413 to step S417 described above. Execute.

  The processing after step S602 is the same as the processing after step S412 shown in FIG. 4 when it is replaced with the browser of another window instead of the frame in the description of the processing after step S412 shown in FIG. The subsequent description is omitted.

  That is, step S603 is the same as the process from step S413 to step S417 in the description of the process from step S413 to step S417, if the frame is replaced with a browser in another window. Step S604 is the same as the processing from step S418 to step S425 in the description of the processing from step S418 to step S425, if the frame is replaced with a browser in another window. Step S605 is the same as the processing from step S418 to step S425 in the description of the processing from step S421 to step S423, if the frame is replaced with a browser in another window.

  As described above, in the description of FIGS. 5 and 6, a mechanism has been described in which a separate window accesses the external service server and displays the content provided by the external service server instead of the frame.

  As described above, when the user is authenticated by the server 100, the user does not enter the login ID and password required for the authentication process in the external (external) web service used by the user. Authentication can be performed.

<Second Embodiment>
Next, a processing procedure of the information processing system in the second embodiment will be described.

  In the first embodiment, the client terminal transmits the login instruction information acquired from the server 100 to the external service server, so that the authentication process is automatically performed without displaying the web service login screen of the external service server. However, depending on the web service, there is a web service that does not permit login unless the login screen of the web service is once displayed. In the second embodiment, a mechanism for automatically performing an authentication process for such a web service without displaying a login screen will be described.

  In the processing of Step S710, Step S711, Step S712, Step S716, and Step S717 shown in FIG. It is realized by executing.

  Further, the processing of step S701, step S702, and step S706 to step S709 shown in FIG. Is done.

7 is executed by the CPU 201 of the external service server 112 (web server) loading the program stored in the storage means such as the external memory 211 into the RAM 203. In the processing of steps S703 to S705 and steps S713 to S715 shown in FIG. It is realized by executing.
Since the processing up to step S415 is the same as that of the first embodiment, the description thereof is omitted.

First, after executing the processing of step 415, the server 100 refers to the interactive site table 1800 shown in FIG. 18, and the URL of the web page of the web service provided by the external service server acquired in step S413 is interactive. It is determined whether it is registered in the type site table 1800 (step S701) (access destination determination means).
FIG. 18 is a diagram illustrating an example of the interactive site table 1800.

  The interactive site table 1800 is a table in which URLs of web services that are controlled so as not to allow login unless a web service login screen is once displayed.

  "Web service (interactive site) that does not allow login unless web service login screen is displayed" is a display that includes unique unique information (number, symbol, etc.) generated by an external service server The login screen (specific information is not displayed) displayed according to the information is displayed once on the client terminal, and the specific information is transmitted to the external service server together with the user ID and password input by the user via the login screen. Otherwise, it is a web service with an unauthenticated mechanism.

  If the server 100 determines in step S701 that the URL acquired in step S413 is not registered in the interactive site table 1800 (not an interactive site) (step S701: NO), the process proceeds to step S416. Then, the processing described above is executed. On the other hand, if it is determined that the URL acquired in step S413 is registered in the interactive site table 1800 (is an interactive site) (step S701: YES), the process proceeds to step S702.

  In step S702, the server 100 transmits a login page (login screen) display request (acquisition request) to the external service server (the URL acquired in step S413) (acquisition request transmission unit).

  When the external service server receives the display request from the server 100 (step S703), the external service server generates unique unique information (such as a unique number or symbol) for the display request (step S704), and generates the generated unique information. Display information including the information for displaying the screen of the login page is transmitted to the server 100 (step S705).

  When the server 100 receives the display information from the external service server (step S706) (login screen receiving means), the server 100 acquires unique information included in the display information (step S707).

  Next, the server 100 sets the unique information acquired in step S707, the URL acquired in step S413, the parameter name acquired in step S414, and the parameter value acquired in step S415 in the frame.

  That is, the server 100 logs in to the URL acquired in step S413 according to the unique information acquired in step S707, the URL acquired in step S413, the parameter name acquired in step S414, and the parameter value acquired in step S415. Login instruction information in a format that allows (authentication processing can be performed) is generated, and display information of a frame in which the login instruction information is set as a frame is generated (step S708).

  Next, the server 100 transmits the display information generated in step S708 to the client terminal (step S709).

  Upon receiving the display information from the server 100, the client terminal reads and interprets (analyzes) the display information, and displays the external cooperation page screen 1600 (FIG. 16) on the display unit (step S711).

  Then, the client terminal executes JavaScript included in the display information received from the server 100, and logs in to the URL (transmission destination) 1903 (external service server) included in the display information as login instruction information 1901. The password 1092 and the unique information included in the display information are transmitted (step S420).

  Then, when receiving the login instruction information (login ID, password, unique information) from the client terminal (step S713), the external service server determines whether or not the unique information is generated in step S704, and in step S704. If it is determined that the unique information is generated, authentication processing is performed according to the login ID, password, and unique information (step S714). On the other hand, if it is determined that the unique information is not generated in step S704 The display information of the screen indicating the service error is transmitted to the client terminal, and the client terminal displays the screen.

  In addition, the authentication result of the authentication process using the login ID and password in step S714 indicates that the external service server displays display information for displaying the external service screen including the content provided by the external service server when authenticated and logged in. The frame is transmitted to the client (step S715).

  When the frame of the client terminal receives display information from the external service server (step S4716), it reads and interprets the received display information and displays the external service screen (step S717).

  As described above, once the web service login screen is not displayed, when accessing a web service that does not allow login, authentication information (information necessary for performing authentication processing, such as a user ID and password) via the login screen. It is possible to provide a mechanism that allows an external service server to perform an authentication process without inputting.

In step S701, it is determined whether or not the site is an interactive site, and in accordance with the determination result, the user switches the process for causing the external service server to perform the authentication process without newly inputting authentication information. Can make the user aware of the web service authentication method that the user wants to enjoy.

Next, the layout page information table (FIG. 9), window mapping table (FIG. 10), external service table (FIG. 11), external service parameter table used in the first and second embodiments described above. (FIG. 12) and the registration process of the external service user parameter table (FIG. 13) will be described with reference to FIGS. 20, 21, 22, 23, 24, 25, and 26. FIG.

FIG. 24 is a flowchart showing an example of a processing procedure for registering an external service table (FIG. 11) and an external service parameter (FIG. 12).

  The processing of step S2401, step S2404, step S2405, and step S2406 shown in FIG. 24 is executed by the CPU 201 of the administrator terminal 101 by loading a program (browser or the like) stored in a storage unit such as the external memory 211 into the RAM 203. It is realized by doing.

  24, the processing of steps S2402, S2403, S2407, and S2408 is executed by the CPU 201 of the server 100 by loading a program (browser or the like) stored in a storage unit such as the external memory 211 into the RAM 203. Is realized.

  First, the administrator terminal 101 receives an input of the administrator's user ID and password by the administrator, transmits the received user ID and password to the server 100, and makes an authentication request for the administrator. Then, the server 100 performs authentication processing of the administrator according to the user ID and password received from the administrator terminal 101, and when authenticated (authentication is successful), only the administrator can view the administrator terminal 101. Display information (HTML or the like) for displaying a simple administrator portal screen (not shown) is transmitted to the administrator terminal 101. When the administrator terminal 101 receives the display information, the administrator terminal 101 displays an administrator portal screen on the display unit according to the display information.

  The administrator portal screen displayed here is provided with a button for requesting display of the external service registration screen (FIG. 20) and a button for requesting display of the interactive site registration screen (FIG. 22).

  When the administrator terminal 101 presses a button for requesting display of the external service registration screen (FIG. 20) displayed on the administrator portal screen by the administrator, the administrator terminal 101 makes an external service to the server 100. A display request for the registration screen (FIG. 20) is transmitted (step S2401).

  When the server 100 receives a display request for the external service registration screen (FIG. 20) from the administrator terminal 101 (2402), the server 100 displays display information (HTML or the like) for displaying the external service registration screen (FIG. 20). 101 is transmitted (step S2403).

Next, upon receiving the display information from the server 100 (step S2404), the administrator terminal 101 displays an external service registration screen (FIG. 20) on the display unit according to the display information (step S2405).
FIG. 20 is a diagram illustrating an example of the external service registration screen 2000.

  The external service registration screen 2000 is for an administrator to register information relating to an external service so that a user can use an external service provided by the external service server 112 within the screen provided by the server 100. This is the screen.

  As shown in FIG. 20, the external service registration screen 2000 includes an input field 2001 for inputting the title of the service provided by the external service server 112, an input field 2002 for inputting the URL of the service provided by the external service server 112, A radio button 2003 for setting whether a screen of a service provided by the external service server 112 is displayed in a frame in the screen provided by the server 100 (portlet) or in another window (separate window); Input field 2004 for inputting a parameter name of a user ID used when authenticating a service provided by external service server 112 and a parameter name of a password used when authenticating a service provided by external service server 112 are input. Input field 2005 and registration button 2006 It is constructed from.

  The administrator terminal 101 accepts input (selection) of the input field 2001, the input field 2002, the radio button 2003, the input field 2004, and the input field 2005 by the administrator, and the administrator presses the registration button 2006. Then, by transmitting the data of the contents (input contents) input by the administrator to the server 100, a registration request for the input contents is transmitted (step S2406).

  When the server 100 receives data (registration request) of the input content input by the user via the external service registration screen 2000 from the administrator terminal 101 (step S2407), the server 100 is obtained according to the received data and the received data. A registration process for registering data in the external service table (FIG. 11) and the external service parameter table (FIG. 12) is performed (step S2408).

  Specifically, the title input in the input field 2001 of the external service registration screen 2000 is registered in the “title” of the external service table (FIG. 11), and the URL input in the input field 2002 is the external service table ( The data of the content registered in “URL” in FIG. 11) and selected by the radio button 2003 is registered in “Type” in the external service table (FIG. 11).

  Further, when the URL input in the input field 2002 is already registered in the column of the item “URL” of the external service table (FIG. 11), the URL already registered in the external service table (FIG. 11). The record data is overwritten on the content input on the external service registration screen 2000.

  If the URL input in the input field 2002 is not registered in the column of the item “URL” in the external service table (FIG. 11), an external service ID for uniquely identifying the URL is generated, Registered in the item “external service ID” of the external service table (FIG. 11).

In this manner, these data (external service ID, URL, title, type) are associated and registered in the external service table as shown in FIG.
Next, registration in the external service parameter table (FIG. 12) will be described.

  The parameter name of the user ID input in the input field 2004 and the parameter name input in the input field 2005 are registered in the item “parameter name” of the external service parameter table (FIG. 12), respectively.

  At this time, the parameter name registered in the external service parameter table (FIG. 12), the URL input in the input field 2002 is the value of the external service ID of the record registered in the external service table (FIG. 11), and the external service Each parameter ID value uniquely identifying the parameter name registered in the parameter table (FIG. 12) is associated with each other and registered in the external service parameter table (FIG. 12).

In this way, these data (parameter ID, external service ID, parameter name) are associated and registered in the external service parameter table as shown in FIG.

As described above, the processing shown in the flowchart shown in FIG. 24 is executed in advance according to the operation by the administrator, so that the screen of the external service can be displayed within the screen of the service provided by the server 100. Information about external services (FIGS. 11 and 12) can be registered.

  Next, with reference to FIG. 26, the processing procedure for registering the layout page information table (FIG. 9), the window mapping table (FIG. 10), and the external service user parameter table (FIG. 13) in accordance with the operation of the client terminal user. ,explain.

  FIG. 26 is a flowchart showing an example of a processing procedure for registering the layout page information table (FIG. 9), window mapping table (FIG. 10), and external service user parameter table (FIG. 13).

  The processing in steps S2601 to S2604 and steps S2607 to S2609 shown in FIG. 26 is performed by the CPU 201 of the client terminal loading a program (such as a browser) stored in a storage unit such as the external memory 211 into the RAM 203 and executing it. It is realized by.

In addition, the processing of step S2605, step S2606, step S2610, and step S2611 shown in FIG. It is realized by doing.

  The client terminal executes the processing of step S301, step S302, step S305, step S306, step S312, step S313, step S314, and step S315 shown in FIG. 3, and a setting button 1404 on the portal screen (FIG. 14) displayed. Is pressed by the user (step S2603: YES), a display request for the layout / parameter registration screen (FIG. 21) is transmitted to the server 100 (step S2604).

  If the user presses the external link page link button 1401 on the portal screen (FIG. 14) displayed in step S315 (step S2601: YES), the client terminal moves the process to step S401 and uses another browser button 1403. Is pressed by the user (step S2602: YES), the process proceeds to step S501. If the external link page link button 1401, the separate browser button 1403, and the setting button 1404 are not pressed (step S2601: NO, step S2602: NO, step S2603: NO), the client terminal returns the processing to step 2601. Then, it waits for any one of the external link page link button 1401, the separate browser button 1403, and the setting button 1404 to be pressed.

  When the server 100 receives a display request for the layout / parameter registration screen (FIG. 21) from the client terminal (step S2605), the server 100 displays display information (HTML or the like) for displaying the layout / parameter registration screen (FIG. 21). ) Is transmitted to the client terminal (step S2606).

Upon receiving the display information of the layout / parameter registration screen (FIG. 21) from the server 100 (step S2607), the client terminal displays the layout / parameter registration screen (FIG. 21) according to the display information (step S2608).
FIG. 21 is a view showing an example of the layout / parameter registration screen 2100.

  The layout / parameter registration screen 2100 (FIG. 21) is a pull-down 2101 for accepting selection of the layout of the frame displayed on the external cooperation page screen 1500, and for accepting selection of an external service registered on the external service registration screen of FIG. Object 2102, setting buttons 2103, 2104, 2105 for accepting setting of which external service screen is displayed in the frame displayed on the external cooperation page screen 1500 in the layout selected by pull-down 2101, selected by object 2102 An input field 2106 for inputting a user ID used in the authentication process in the external service, an input field 2107 for inputting a password used in the authentication process, and a registration button 2108 are included.

  The layout names displayed in the pull-down 2101 so as to be selectable are associated with the layout IDs of the layout table 800 (FIG. 8) and stored in the storage unit of the server 100 (not shown). In step S2606, the server 100 transmits display information for displaying the layout name associated with the layout ID of the layout table 800 (FIG. 8) stored in the storage section of FIG.

  That is, for example, the layout name with the layout ID “R1” and the layout name with the layout ID “R2” in the layout table 800 of FIG.

Region No. of layout table 800 (FIG. 8). Is information for identifying the position of the frame area, and is associated with coordinates indicating the arrangement position of the frame area as shown in the arrangement position table 2300 (FIG. 23) stored in the storage unit of the server 100. Is remembered.
FIG. 23 is a diagram illustrating an example of the arrangement position table 2300.

  The arrangement position table 2300 includes a region number. Are stored in association with each other. For example, in the example of FIG. The arrangement position of the frame region of RE1 indicates that the upper left coordinate of the rectangle is (x1, y1) and the lower right coordinate of the rectangle is (x2, y2).

As described above, when a layout name is selected in 2101, a layout ID stored in association with the selected layout name is selected to select a frame layout (external linkage page screen layout). be able to.
When “2 levels (upper level 2 / lower level 1)” is selected as in the pull-down 2101, two frames are displayed in the upper level and one in the lower level, as shown in FIG.

In the object 2102 for accepting selection of an external service, the title of the external service table 1100 registered (stored) in the server 100 by the operation on the external service registration screen of FIG. 20 is displayed. That is, in the example of FIG. 21, “service A”, “service B”, “service C”, and “service D” are displayed.
Among these, which external service is assigned to which frame of the layout selected by the pull-down 2101 is set.

  For example, the user selects “Service A” from the titles “Service A”, “Service B”, “Service C”, and “Service D”, and is used for the authentication process in “Service A” When the ID and password are entered in 2106 and 2107 respectively and the setting button 2103 is pressed, the entered user ID and password are set as information used in the authentication process for “service A” and selected from the pull-down 2101. It is possible to set to display the screen of “service A” in the upper left frame of the layout.

  In addition, when “Service B” is selected from the respective titles of 2102, the user ID and password used for the authentication process in “Service B” are input in 2106 and 2107, respectively, and the setting button 2104 is pressed, the input The user ID and password thus set are set as information used in the authentication process for “Service B”, and the screen of “Service B” is displayed in the upper right frame of the layout selected by pull-down 2101. Can be set.

  Also, when “Service C” is selected from the titles 2102, the user ID and password used for the authentication process for “Service C” are entered in 2106 and 2107, respectively, and the setting button 2105 is pressed, the input The set user ID and password are set as information used in the authentication process for “service C” and set to display the screen of “service C” in the lower frame of the layout selected by pull-down 2101. can do.

  In this way, the client terminal accepts input to the layout / parameter registration screen by the user, and when the registration button 2108 is pressed, sends the data of the input content to the server 100 to make a registration request. (Step S2609).

  When the server 100 receives data of contents input via the layout / parameter registration screen (FIG. 21) from the client terminal (step S2610), the server 100 displays the received data and data obtained according to the data in the layout page information table. (FIG. 9), the window mapping table (FIG. 10), and the external service user parameter table (FIG. 13) are registered (2611).

  Specifically, first, the server 100 generates a new page ID that uniquely identifies a page. Then, the layout ID associated with the layout name selected from the pull-down 2101 is specified, the layout table 800 is referenced, and the region No. associated with the layout ID is identified. To get. Also, a new window ID is generated. Then, the generated new page ID, the specified layout ID, and the acquired region No. The user ID received in step S307, “external cooperation”, and the generated new window ID are registered in association with the layout page information table 900, respectively.

  Here, registration processing to the layout page information table 900 is performed for each external service set for each frame on the layout / parameter registration screen (FIG. 21).

  Here, the external service IDs of the titles set in 2103, 2104, and 2105 are associated with the window IDs registered for the respective frames, and are registered in the window mapping table 1000. In this way, the newly generated window ID and the external service ID are registered in the window mapping table 1000 in association with each other.

  Then, the user ID and password set for each frame on the layout / parameter registration screen (FIG. 21) are associated with the user ID received in step S307 and registered in the external service user parameter table 1300.

  The parameter ID registered in the external service parameter table 1200 in association with the external service ID of the external service set in the frame on the layout / parameter registration screen (FIG. 21) is registered.

For example, the external service ID of the external service registered on the external service registration screen 2000 is “E1”, the parameter name of the user ID input in 2004 is “LOGIN_ID”, and the parameter name of the password input in 2005 is “ In the case of “PASSWORD”, the external service parameter table (FIG. 12) is associated with the parameter ID “P1”, the external service ID “E1”, and the parameter name “LOGIN_ID”, and the parameter ID “P2” and the external service ID “ E1 ”and parameter name“ PASSWORD ”are registered in association with each other. Then, for example, for the external service with the external service ID “E1” on the layout / parameter registration screen (FIG. 21), the user ID input to 2106 is set to “userA”, and the password input to 2107 is set to “Pass_a”. If the user ID received in step S307 is “U1”, the parameter value “userA” is registered for the parameter ID “P1” and the user ID “U1”, the parameter ID “P2”, the user The parameter value “Pass_a” is registered for the ID “U1”.

  As described above, among the external services registered in advance by the process shown in FIG. 24 by the administrator, the content of which external service is displayed in which frame of the user's page is selected by the user's operation. Are registered in FIG. 9 and FIG. Further, the user ID and password used for the authentication process in the external service selected by the user are also registered in FIG. 13 for each user and for each external service.

In this way, the layout page information table (FIG. 9), window mapping table (FIG. 10), and external service user parameter table (FIG. 13) can be registered.
Next, the registration process of the interactive site table (FIG. 18) will be described with reference to FIG.
FIG. 25 is a flowchart showing an example of a processing procedure of registration processing of the interactive site table (FIG. 18).

  The processing in steps S2501 and S2504 to S2506 shown in FIG. 25 is performed by the CPU 201 of the administrator terminal 101 loading a program (such as a browser) stored in a storage unit such as the external memory 211 into the RAM 203 and executing it. Realized.

25, the process of steps S2502, S2503, S2507, and S2508 is executed by the CPU 201 of the server 100 by loading a program (browser or the like) stored in a storage unit such as the external memory 211 into the RAM 203. Is realized.

  First, the administrator terminal 101 receives an input of the administrator's user ID and password by the administrator, transmits the received user ID and password to the server 100, and makes an authentication request for the administrator. Then, the server 100 performs authentication processing of the administrator according to the user ID and password received from the administrator terminal 101, and when authenticated (authentication is successful), only the administrator can view the administrator terminal 101. Display information (HTML or the like) for displaying a simple administrator portal screen (not shown) is transmitted to the administrator terminal 101. When the administrator terminal 101 receives the display information, the administrator terminal 101 displays an administrator portal screen on the display unit according to the display information.

  The administrator portal screen displayed here is provided with a button for requesting display of the external service registration screen (FIG. 20) and a button for requesting display of the interactive site registration screen (FIG. 22).

  When the administrator terminal 101 presses a button for requesting display of the interactive site registration screen (FIG. 22) displayed on the administrator portal screen, the administrator terminal 101 interacts with the server 100. A display request for the type site registration screen (FIG. 22) is transmitted (step S2501).

  When the server 100 receives a display request for the interactive site registration screen (FIG. 22) from the administrator terminal 101 (2502), the server 100 manages display information (such as HTML) for displaying the interactive site registration screen (FIG. 22). To the user terminal 101 (step S2503).

Next, upon receiving the display information from the server 100 (step S2504), the manager terminal 101 displays an interactive site registration screen (FIG. 22) on the display unit according to the display information (step S2505).
FIG. 22 is a diagram showing an example of the interactive site registration screen 2200.

  The interactive site registration screen 2200 is a screen for registering the above-described interactive site, and is provided with an input field 2201 for inputting the URL of the interactive site to be registered and a registration button 2202.

  Then, the administrator terminal 101 accepts input of the URL of the interactive site in the input field 2201 by the administrator, and when the registration button 2202 is pressed by the administrator, the content input by the administrator (input content) Is sent to the server 100 to send a registration request for input contents (step S2506).

When the server 100 receives data (registration request) of the input content input by the user via the interactive site registration screen 2200 from the administrator terminal 101 (step S2507), the server 100 converts the received data (URL) into the interactive type. Registration processing for registration in the site table is performed (step S2508).
In this way, a process for registering an interactive site can be performed.

As described above, according to the present embodiment, it is possible to reduce an input operation of authentication information used in an authentication process performed to use a web service, which is executed at least once after a user is authenticated. it can. Conventionally, a client terminal has to access a service provided by each external service server by directly inputting a URL, which is complicated.

In order to solve this problem, in this embodiment, since a plurality of external services registered by the server 100 are registered, a plurality of different external service servers are provided by the user accessing the server 100. It is possible to easily access the services that are present.

The embodiment of the present invention has been described in detail above. However, the present invention can take an embodiment as a system, apparatus, method, program, storage medium, or the like, specifically, a plurality of devices. The present invention may be applied to a system configured from the above, or may be applied to an apparatus including a single device.

Another object of the present invention is to supply a storage medium storing software program codes for realizing the functions of the above-described embodiments to a system or apparatus, and the computer (or CPU or MPU) of the system or apparatus stores the storage medium. Needless to say, this can also be achieved by reading and executing the program code stored in.

In this case, the program code itself read from the storage medium realizes the functions of the above-described embodiments, and the program code itself and the storage medium storing the program code constitute the present invention.

As a storage medium for supplying the program code, for example, a flexible disk, a hard disk, an optical disk, a magneto-optical disk, a CD-ROM, a CD-R, a magnetic tape, a nonvolatile memory card, a ROM, or the like can be used.

Further, by executing the program code read by the computer, not only the functions of the above-described embodiments are realized, but also an OS (basic system or operating system) running on the computer based on the instruction of the program code. Needless to say, a case where the function of the above-described embodiment is realized by performing part or all of the actual processing and the processing is included.

Further, after the program code read from the storage medium is written in a memory provided in a function expansion board inserted into the computer or a function expansion unit connected to the computer, the function is determined based on the instruction of the program code. It goes without saying that the CPU or the like provided in the expansion board or function expansion unit performs part or all of the actual processing and the functions of the above-described embodiments are realized by the processing.

DESCRIPTION OF SYMBOLS 100 Server 101 Manager terminal 102 Client terminal 103 Client terminal 104 Client terminal 105 Client terminal 106 External service server 107 External service server 108 External service server 109 Network (wide area line)
110 Client terminal in company A 111 Client terminal in company B 102 External service server

Claims (7)

A client terminal capable of communicating with a web server that provides a web service, the client terminal displaying screen information of the web service transmitted from the web server in a frame in a browser screen displayed on a display unit; An information processing system comprising: an information processing device that transmits web service authentication information for performing an authentication request to the web server to the client terminal;
The client terminal is
Authentication request transmitting means for transmitting an authentication request including first authentication information input by a user operation to the information processing apparatus;
Receiving means for receiving, from the information processing apparatus, web service authentication information for making an authentication request to the web server after being authenticated by the authentication processing by the information processing apparatus in response to the authentication request by the authentication request transmitting means. When,
Authentication request means for requesting authentication of the user by transmitting to the web server second authentication information used for authentication processing by the web server included in the web service authentication information received by the receiving means; ,
With
The information processing apparatus includes:
Second authentication information for each web service provided by the web server, associated with the first authentication information, and an authentication parameter for each web service that identifies the second authentication information; Storage means for storing web service information indicating a web service to be displayed in a frame in a browser screen of a client terminal, associated with the first authentication information;
Authentication request receiving means for receiving an authentication request transmitted from the client terminal by the authentication request transmitting means;
Authentication means for performing authentication processing in accordance with first authentication information included in the authentication request received by the authentication request receiving means;
Authentication of the web service indicated in the web service information stored in the storage means in association with the first authentication information included in the authentication request received by the authentication request receiving means after being authenticated by the authentication means The second authentication information for the web server, including parameters and second authentication information of the web service indicated in the web service information stored in the storage means in association with the first authentication information. Generating means for generating web service authentication information for making an authentication request with the authentication information of;
Transmitting means for transmitting the web service authentication information generated by the generating means to the client terminal;
An information processing system comprising: The storage means stores web service information indicating web services to be displayed in each frame in the browser screen of the client terminal, which is associated with each first authentication information,
The generation means further includes a URL to a web server indicated in the web service information of each frame stored in the storage means in association with the first authentication information included in the authentication request received by the authentication request receiving means. The information processing system according to claim 1, further comprising: generating web service authentication information including: A client terminal capable of communicating with a web server that provides a web service, the client terminal displaying screen information of the web service transmitted from the web server in a frame in a browser screen displayed on a display unit; An information processing system including an information processing device that transmits a URL of a web service to a frame in a browser screen displayed on the display unit of the client terminal,
The client terminal is
Transmitting means for transmitting user information for identifying a user to the information processing apparatus;
Receiving means for receiving a URL of a web service from the information processing apparatus;
Display means for displaying the web service screen on each frame in the browser screen based on the web service URL received by the receiving means;
With
The information processing apparatus includes:
Storage means for storing, for each user information, a URL to a web service to be displayed in each frame in the browser screen of the client terminal;
Receiving means for receiving user information transmitted from the client terminal by the transmitting means;
Web service transmission for transmitting, to the client terminal, the URL of the web service displayed in each frame in the browser screen of the client terminal, stored in the storage means, based on the user information received by the receiving means Means,
An information processing system comprising: A client terminal capable of communicating with a web server that provides a web service, the client terminal displaying screen information of the web service transmitted from the web server in a frame in a browser screen displayed on a display unit; An information processing apparatus in an information processing system including: an information processing apparatus that transmits web service authentication information that makes an authentication request to the web server to the client terminal;
Second authentication information for each web service provided by the web server, associated with the first authentication information, authentication parameters for each web service for identifying the second authentication information, and Storage means for storing web service information associated with the first authentication information and indicating a web service to be displayed in a frame in the browser screen of the client terminal;
Authentication request receiving means for receiving an authentication request transmitted from the client terminal;
Authentication means for performing authentication processing in accordance with first authentication information included in the authentication request received by the authentication request receiving means;
Authentication of the web service indicated in the web service information stored in the storage means in association with the first authentication information included in the authentication request received by the authentication request receiving means after being authenticated by the authentication means The second authentication information for the web server, including parameters and second authentication information of the web service indicated in the web service information stored in the storage means in association with the first authentication information. Generating means for generating web service authentication information for making an authentication request with the authentication information of;
Transmitting means for transmitting the web service authentication information generated by the generating means to the client terminal;
An information processing apparatus comprising: When the user is authenticated by the authentication means, screen information for displaying a frame in the browser screen, and specifying an access destination to the web server that provides a web service screen to be displayed in the frame Frame transmitting means for transmitting screen information including specific information to the client terminal;
Specific information receiving means for receiving specific information from the client terminal in response to transmission of screen information by the frame transmitting means;
Access destination determination means for determining whether the access destination specified by the specific information received by the specific information receiving means is a predetermined access destination;
The access destination specified by the specific information received by the specific information receiving means when the access destination determination means determines that the web service login screen display information is obtained when it is determined as the predetermined access destination. Acquisition request transmission means for transmitting to the web server,
Login screen receiving means for receiving, from the web server, display information of a login screen including specific information for the acquisition request by the acquisition request transmitting means;
Further comprising
The generation means is stored in the storage means, which is specified according to first authentication information included in an authentication request received by the authentication request receiving means after the user is authenticated by the authentication means. Web service authentication information for making an authentication request with the second authentication information to the web server, including an authentication request including the authentication information including the authentication information including the unique information included in the display information received by the login screen receiving unit The information processing apparatus according to claim 4, wherein: A client terminal capable of communicating with a web server that provides a web service, the client terminal displaying screen information of the web service transmitted from the web server in a frame in a browser screen displayed on a display unit; An information processing apparatus control method in an information processing system, comprising: an information processing apparatus that transmits, to the client terminal, web service authentication information that makes an authentication request to the web server,
The storage means of the information processing apparatus identifies the second authentication information associated with the first authentication information and the second authentication information of each web service provided by the web server, and the second authentication information, A storage step of storing authentication parameters for each web service and web service information indicating a web service to be displayed in a frame in a browser screen of a client terminal, associated with the first authentication information;
An authentication request receiving means for receiving an authentication request transmitted from the client terminal;
An authentication step in which the authentication unit of the information processing apparatus performs an authentication process according to first authentication information included in the authentication request received by the authentication request receiving step;
The web stored in the storage step in association with the first authentication information included in the authentication request received by the authentication request receiving step after the generation unit of the information processing apparatus is authenticated by the authentication step Web service authentication parameters indicated in the service information, and second authentication information of the web service indicated in the web service information stored in the storing step in association with the first authentication information. Generating a web service authentication information for making an authentication request with the second authentication information to the web server;
A transmission step in which the transmission unit of the information processing apparatus transmits the web service authentication information generated by the generation step to the client terminal;
An information processing method comprising: A client terminal capable of communicating with a web server that provides a web service, the client terminal displaying screen information of the web service transmitted from the web server in a frame in a browser screen displayed on a display unit; An information processing apparatus including an information processing apparatus that transmits, to the client terminal, web service authentication information that makes an authentication request to the web server.
The information processing apparatus;
Second authentication information for each web service provided by the web server, associated with the first authentication information, authentication parameters for each web service for identifying the second authentication information, and Storage means for storing web service information associated with the first authentication information and indicating a web service to be displayed in a frame in the browser screen of the client terminal;
Authentication request receiving means for receiving an authentication request transmitted from the client terminal;
Authentication means for performing authentication processing in accordance with first authentication information included in the authentication request received by the authentication request receiving means;
Authentication of the web service indicated in the web service information stored in the storage means in association with the first authentication information included in the authentication request received by the authentication request receiving means after being authenticated by the authentication means The second authentication information for the web server, including parameters and second authentication information of the web service indicated in the web service information stored in the storage means in association with the first authentication information. Generating means for generating web service authentication information for making an authentication request with the authentication information of;
A program that functions as a transmission unit that transmits the web service authentication information generated by the generation unit to the client terminal.

Images