System and method for supporting web services in a multitenant application server environment

US 10,027,716 B2
Filed: 09/19/2017
Issued: 07/17/2018
Est. Priority Date: 09/26/2014
Status: Active Grant

First Claim

Patent Images

1. A system for supporting web services in a multitenant application server environment, comprising:

a microprocessor;

an application server, executing on the microprocessor, that includes a plurality of partitions, wherein each of the plurality of partitions includes one or more web services, and a web services inspection language (WSIL) application, wherein the WSIL application in said each partition is automatically installed when that partition is created;

a web service security manager that attaches one or more security policies to each of the one or more web services in said each partition;

a managed bean server configured to dynamically generate an address for said each of the one or more web services in said each partition;

wherein the web service security manager operates tointercept a request targeted to a web service in a particular partition of the plurality of partitions,execute the one or more security policies attached to the web service,invoke the WSIL application in the particular partition to retrieve from the managed bean server the address for the web service, anddeliver the request to the web service using the retrieved address for the web service.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with an embodiment, described herein is a system and method for supporting web services in a multitenant application server environment. The system includes a domain with a plurality of partitions, wherein each partition can include one or more web services, and a web services inspection language (WSIL) application. A partition-aware managed bean server can include managed beans for generating addresses of web services deployed to each partition, wherein the generated addresses can be retrieved by the WSIL application in that partition for use by clients in accessing the web services. The system can further include a web service security manager that can secure web services in each partition, by attaching security policies to each web service endpoint and enforcing the security policies on requests directed to that web service endpoint.

Citations

20 Claims

1. A system for supporting web services in a multitenant application server environment, comprising:
- a microprocessor;
  
  an application server, executing on the microprocessor, that includes a plurality of partitions, wherein each of the plurality of partitions includes one or more web services, and a web services inspection language (WSIL) application, wherein the WSIL application in said each partition is automatically installed when that partition is created;
  
  a web service security manager that attaches one or more security policies to each of the one or more web services in said each partition;
  
  a managed bean server configured to dynamically generate an address for said each of the one or more web services in said each partition;
  
  wherein the web service security manager operates tointercept a request targeted to a web service in a particular partition of the plurality of partitions,execute the one or more security policies attached to the web service,invoke the WSIL application in the particular partition to retrieve from the managed bean server the address for the web service, anddeliver the request to the web service using the retrieved address for the web service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the managed bean server includes one or more partition-aware managed beans of different scopes.
  - 3. The system of claim 1, wherein the managed bean server includes one or more configuration managed beans for generating a relative address for said each of the one or more web services deployed to said each partition, and one or more runtime managed beans for generating a context path for said each of the one or more web services.
  - 4. The system of claim 3, wherein the relative address for said each of the one or more web services is generated using information from a web service deployment descriptor.
  - 5. The system of claim 2, further comprising:
    - an application programming interface (API) for use in accessing the one or more partition-aware managed beans on the managed bean server.
  - 6. The system of claim 1, further comprising:
    - one or more internal applications that support web service implementations, where the one or more internal applications are deployed to said each partition.
  - 7. The system of claim 6, wherein the one or more internal applications includes a test page application and a web service atomic transaction application.
  - 8. The system of claim 1, wherein each of the one or more security policies attached to said each of the one or more web services represents an assertion on security, reliable messaging, management, or addressing, and is created and stored in a domain-level security policy storage.
  - 9. The system of claim 8, wherein the web service security manager includes a security agent and a policy manager for said each partition, wherein the policy manager communicates with the domain-level security policy storage to retrieve a plurality of security policies, and wherein the security agent connects to the policy manager to download and cache a latest version of each of the plurality of security policies retrieved from the domain-level security policy storage.
  - 10. The system of claim 9, wherein when the web service returns a response, the web service security manager applies one or more of the plurality of security policies to the response, and passes the response to a client if the one or more security policies successfully execute.

11. A method for supporting web services in a multitenant application server environment, comprising:
- providing an application server, executing on a microprocessor, that includes a plurality of partitions, wherein each of the plurality of partitions includes one or more web services, and a web services inspection language (WSIL) application, wherein the WSIL application in said each partition is automatically installed when that partition is created;
  
  configuring a managed bean server to dynamically generate an address for said each of the one or more web services in said each partition;
  
  attaching, via a web service security manager, one or more security policies to said each of the one or more web services in said each partition;
  
  intercepting a request targeted to a web service in a particular partition of the plurality of partitions, and executing the one or more security policies attached to the web service on the request;
  
  invoking the WSIL application in the particular partition to retrieve from the managed bean server the address for the web service; and
  
  delivering the request to the web service using the retrieved address for the web service.
- View Dependent Claims (12, 13, 14, 15, 16, 17)
- - 12. The method claim 11, wherein the managed bean server includes one or more partition-aware managed beans of different scopes.
  - 13. The method of claim 11, wherein the managed bean server includes one or more configuration managed beans for generating a relative address for said each of the one or more web services deployed to said each partition, and one or more runtime managed beans for generating a context path for said each of the one or more web services.
  - 14. The method of claim 13, wherein the relative address for said each of the one or more web services is generated using information from a web service deployment descriptor.
  - 15. The method of claim 12, further comprising:
    - providing an application programming interface (API) for use in accessing the one or more partition-aware managed beans on the managed bean server.
  - 16. The method of claim 11, further comprising:
    - deploying one or more internal applications that support web service implementations, to said each partition.
  - 17. The method of claim 16, wherein the one or more internal applications includes a test page application and a web service atomic transaction application.

18. A non-transitory computer readable storage medium, including instructions stored thereon which when read and executed by one or more computers cause the one or more computers to perform the steps comprising:
- providing an application server, executing on a microprocessor, that includes a plurality of partitions, wherein each of the plurality of partitions includes one or more web services, and a web services inspection language (WSIL) application, wherein the WSIL application in said each partition is automatically installed when that partition is created;
  
  configuring a managed bean server to dynamically generate an address for said each of the one or more web services in said each partition;
  
  attaching, via a web service security manager, one or more security policies to said each of the one or more web services in said each partition;
  
  intercepting a request targeted to a web service in a particular partition of the plurality of partitions, and executing the one or more security policies attached to the web service on the request;
  
  invoking the WSIL application in the particular partition to retrieve from the managed bean server the address for the web service; and
  
  delivering the request to the web service using the retrieved address for the web service.
- View Dependent Claims (19, 20)
- - 19. The non-transitory computer readable storage medium of claim 18, wherein the managed bean server includes one or more partition-aware managed beans of different scopes.
  - 20. The non-transitory computer readable storage medium of claim 18, wherein the managed bean server includes one or more configuration managed beans for generating a relative address for said each of the one or more web services deployed to said each partition, the relative address for said each of the one or more web services being generated using information from a web service deployment descriptor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Watson, Tim, Zhang, Guoyong, Chen, Michael, Mullendore, Alan, Desai, Arjav, Naugle, Bob, Gilbode, Mike
Primary Examiner(s)
Shiferaw, Eleni A
Assistant Examiner(s)
Song, Hee K

Application Number

US15/708,680
Publication Number

US 20180027023A1
Time in Patent Office

301 Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/0273   using web services for netw...

H04L 41/20   Network management software...

H04L 63/168   above the transport layer

H04L 63/20   for managing network securi...

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

System and method for supporting web services in a multitenant application server environment

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for supporting web services in a multitenant application server environment

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links