System and method for supporting security in a multitenant application server environment

US 10,097,589 B2
Filed: 01/11/2017
Issued: 10/09/2018
Est. Priority Date: 06/23/2014
Status: Active Grant

First Claim

Patent Images

1. A method for providing security in a multitenant application server environment comprising a plurality of partitions, a plurality of partition resources and a plurality of global resources, the method comprising:

providing, during runtime of the multitenant application server environment, a domain object that provides a domain configuration for the multitenant application server environment;

providing, as a child of the domain object, a security configuration object, wherein domain-wide services are configured on the security configuration object, and wherein the security configuration object includes a parent container for a plurality of realm objects;

providing a plurality of security realm objects including an admin security realm object, a first security realm object, and a second security realm object, wherein the first and second security realm objects are included in the parent container, and wherein each security realm object defines a configuration of security services;

configuring a first partition of the plurality of partitions to have a first plurality of partition resources of the plurality of partition resources;

configuring a second partition of the plurality of partitions to have a second plurality of partition resources of the plurality of partition resources;

providing a first partition security configuration including a realm attribute, wherein the value of the realm attribute of the first partition security configuration associates the first partition with the first security realm object;

providing a second partition security configuration including a realm attribute, wherein the value of the realm attribute of the second partition security configuration associates the second partition with the second security realm object;

associating a first primary identity domain with the first partition, wherein the first primary identity domain represents a first plurality of users associated with a first tenant;

associating a second primary identity domain with the second partition wherein the second primary identity domain represents a second plurality of users associated with a second tenant;

operating each of said admin security realm object, first security realm object, and second security realm object simultaneously at runtime of the multitenant application server environment to control authentication and authorization for access to said plurality of partition resources and said plurality of global resources;

whereby the first plurality of users associated with the first tenant are provided access to the first plurality of partition resources of the first partition via a service of the configuration of security services defined by the first security realm object, but not to the second plurality of partition resources of the second partition; and

whereby the second plurality of users associated with the second tenant are provided access to the second plurality of partition resources of the second partition via a service of the configuration of security services defined by the second security realm object, but not to the first plurality of partition resources of the first partition.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In accordance with an embodiment, described herein is a system and method for providing security in a multitenant application server environment. In accordance with an embodiment, per-partition security configuration includes: per-partition security realm (including configuration for authentication, authorization, credential mapping, auditing, password validation, certificate validation, and user lockout); SSL configuration, including keys, certificates, and other configuration attributes; and access control for partition and global resources. An administrator can designate one or more partition users as partition administrators, via grant of roles.

Citations

20 Claims

1. A method for providing security in a multitenant application server environment comprising a plurality of partitions, a plurality of partition resources and a plurality of global resources, the method comprising:
- providing, during runtime of the multitenant application server environment, a domain object that provides a domain configuration for the multitenant application server environment;
  
  providing, as a child of the domain object, a security configuration object, wherein domain-wide services are configured on the security configuration object, and wherein the security configuration object includes a parent container for a plurality of realm objects;
  
  providing a plurality of security realm objects including an admin security realm object, a first security realm object, and a second security realm object, wherein the first and second security realm objects are included in the parent container, and wherein each security realm object defines a configuration of security services;
  
  configuring a first partition of the plurality of partitions to have a first plurality of partition resources of the plurality of partition resources;
  
  configuring a second partition of the plurality of partitions to have a second plurality of partition resources of the plurality of partition resources;
  
  providing a first partition security configuration including a realm attribute, wherein the value of the realm attribute of the first partition security configuration associates the first partition with the first security realm object;
  
  providing a second partition security configuration including a realm attribute, wherein the value of the realm attribute of the second partition security configuration associates the second partition with the second security realm object;
  
  associating a first primary identity domain with the first partition, wherein the first primary identity domain represents a first plurality of users associated with a first tenant;
  
  associating a second primary identity domain with the second partition wherein the second primary identity domain represents a second plurality of users associated with a second tenant;
  
  operating each of said admin security realm object, first security realm object, and second security realm object simultaneously at runtime of the multitenant application server environment to control authentication and authorization for access to said plurality of partition resources and said plurality of global resources;
  
  whereby the first plurality of users associated with the first tenant are provided access to the first plurality of partition resources of the first partition via a service of the configuration of security services defined by the first security realm object, but not to the second plurality of partition resources of the second partition; and
  
  whereby the second plurality of users associated with the second tenant are provided access to the second plurality of partition resources of the second partition via a service of the configuration of security services defined by the second security realm object, but not to the first plurality of partition resources of the first partition.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - configuring the first primary identity domain to reference a first identity store for storing a first representation of the first plurality of users associated with the first tenant; and
      
      configuring the second primary identity domain to reference a second identity store, different than the first identity store, for storing a second representation of the second plurality of users associated with the second tenant.
  - 3. The method of claim 1, further comprising:
    - configuring the first primary identity domain to reference a first portion of an identity store for storing a first representation of the first plurality of users associated with the first tenant; and
      
      configuring the second primary identity domain to reference a second portion of said identity store for storing a second representation of the second plurality of users associated with the second tenant.
  - 4. The method of claim 1, further comprising:
    - associating an admin identity domain with the multitenant application server environment, wherein the admin identity domain represents a plurality of system administrators of the multitenant application server environment; and
      
      whereby the plurality of system administrators associated with the multitenant application server environment have access to said plurality of global resources.
  - 5. The method of claim 1, further comprising:
    - providing a first authentication service included in the configuration of security services defined by the first security realm, the first authentication service configured to authenticate the first plurality of users associated with the first tenant and generate first signed principals identifying said first primary identity domain in combination with one or more of said first plurality of users.
  - 6. The method of claim 1, further comprising:
    - associating each of the first plurality of resources with the first primary identity domain;
      
      associating each of the second plurality of resources with the second primary identity domain;
      
      providing an authorization service which in response to receiving a call from a user to access a resource compares a primary identity domain associated with said user to a primary identity domain associated with said resource and authorizes access to said resource only if the primary identity domain associated with said user matches the primary identity domain associated with said resource.
  - 7. The method of claim 1, further comprising:
    - providing a first authentication service configured to authenticate the first plurality of users associated with the first tenant and generate first signed principals identifying said first primary identity domain in combination with one or more of said first plurality of users;
      
      providing a second authentication service configured to authenticate the second plurality of users associated with the second tenant and generate second signed principals identifying said second primary identity domain in combination with one or more of said second plurality of users;
      
      associating each of the first plurality of resources with the first primary identity domain;
      
      associating each of the second plurality of resources with the second primary identity domain;
      
      providing an authorization service which, in response to receiving a call associated with a principal to access a resource, compares a primary identity domain identified in said principal to a primary identity domain associated with said resource and authorizes access to said resource only if the primary identity domain associated with said principal matches the primary identity domain associated with said resource.

8. A non-transitory computer-readable medium including instructions stored thereon for providing security in a multitenant application server environment comprising a plurality of partitions having a plurality of partition resources and a plurality of global resources, which instructions, when executed, cause a system to perform steps comprising:
- providing, during runtime of the multitenant application server environment, a domain object that provides a domain configuration for the multitenant application server environment;
  
  providing, as a child of the domain object, a security configuration object, wherein domain-wide services are configured on the security configuration object, and wherein the security configuration object includes a parent container for a plurality of realm objects;
  
  providing a plurality of security realm objects including an admin security realm object, a first security realm object, and a second security realm object, wherein the first and second security realm objects are included in the parent container, and wherein each security realm object defines a configuration of security services;
  
  configuring a first partition of the plurality of partitions to have a first plurality of partition resources of the plurality of partition resources;
  
  configuring a second partition of the plurality of partitions to have a second plurality of partition resources of the plurality of partition resources;
  
  providing a first partition security configuration including a realm attribute, wherein the value of the realm attribute of the first partition security configuration associates the first partition with the first security realm object;
  
  providing a second partition security configuration including a realm attribute, wherein the value of the realm attribute of the second partition security configuration associates the second partition with the second security realm object;
  
  associating a first primary identity domain with the first partition, wherein the first primary identity domain represents a first plurality of users associated with a first tenant;
  
  associating a second primary identity domain with the second partition wherein the second primary identity domain represents a second plurality of users associated with a second tenant;
  
  operating each of said admin security realm object, first security realm object, and second security realm object simultaneously at runtime of the multitenant application server environment to control authentication and authorization for access to said plurality of partition resources and said plurality of global resources;
  
  whereby the first plurality of users associated with the first tenant are provided access to the first plurality of partition resources of the first partition via a service of the configuration of security services defined by the first security realm object, but not to the second plurality of partition resources of the second partition; and
  
  whereby the second plurality of users associated with the second tenant are provided access to the second plurality of partition resources of the second partition via a service of the configuration of security services defined by the second security realm object, but not to the first plurality of partition resources of the first partition.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The non-transitory computer-readable medium of claim 8 including further instructions stored thereon, which when executed, cause a system to perform further steps comprising:
    - configuring the first primary identity domain to reference a first identity store for storing a first representation of the first plurality of users associated with the first tenant; and
      
      configuring the second primary identity domain to reference a second identity store, different than the first identity store, for storing a second representation of the second plurality of users associated with the second tenant.
  - 10. The non-transitory computer-readable medium of claim 8 including further instructions stored thereon, which when executed, cause a system to perform further steps comprising:
    - configuring the first primary identity domain to reference a first portion of an identity store for storing a first representation of the first plurality of users associated with the first tenant; and
      
      configuring the second primary identity domain to reference a second portion of said identity store for storing a second representation of the second plurality of users associated with the second tenant.
  - 11. The non-transitory computer-readable medium of claim 8 including further instructions stored thereon, which when executed, cause a system to perform further steps comprising:
    - associating an admin identity domain with the multitenant application server environment, wherein the admin identity domain represents a plurality of system administrators of the multitenant application server environment; and
      
      whereby the plurality of system administrators associated with the multitenant application server environment have access to said plurality of global resources.
  - 12. The non-transitory computer-readable medium of claim 8 including further instructions stored thereon, which when executed, cause a system to perform further steps comprising:
    - providing a first authentication service included in the configuration of security services defined by the first security realm, the first authentication service configured to authenticate the first plurality of users associated with the first tenant and generate first signed principals identifying said first primary identity domain in combination with one or more of said first plurality of users.
  - 13. The non-transitory computer-readable medium of claim 8 including further instructions stored thereon, which when executed, cause a system to perform further steps comprising:
    - associating each of the first plurality of resources with the first primary identity domain;
      
      associating each of the second plurality of resources with the second primary identity domain;
      
      providing an authorization service which in response to receiving a call from a user to access a resource compares a primary identity domain associated with said user to a primary identity domain associated with said resource and authorizes access to said resource only if the primary identity domain associated with said user matches the primary identity domain associated with said resource.
  - 14. The non-transitory computer-readable medium of claim 8 including further instructions stored thereon, which when executed, cause a system to perform further steps comprising:
    - providing a first authentication service configured to authenticate the first plurality of users associated with the first tenant and generate first signed principals identifying said first primary identity domain in combination with one or more of said first plurality of users;
      
      providing a second authentication service configured to authenticate the second plurality of users associated with the second tenant and generate second signed principals identifying said second primary identity domain in combination with one or more of said second plurality of users;
      
      associating each of the first plurality of resources with the first primary identity domain;
      
      associating each of the second plurality of resources with the second primary identity domain;
      
      providing an authorization service which, in response to receiving a call associated with a principal to access a resource, compares a primary identity domain identified in said principal to a primary identity domain associated with said resource and authorizes access to said resource only if the primary identity domain associated with said principal matches the primary identity domain associated with said resource.

15. A multitenant application server environment system comprising:
- an application server environment comprising a plurality of microprocessors and memory;
  
  a domain object, provided during runtime of the multitenant application server environment, that provides a domain configuration for the multitenant application server environment;
  
  a security configuration object that is a child of the domain object, wherein domain-wide services are configured on the security configuration object, and wherein the security configuration object includes a parent container for a plurality of realm objects;
  
  a plurality of partitions configured on said application server environment;
  
  a plurality of partition resources and a plurality of global resources provided in said application server environment;
  
  a plurality of security realm objects including an admin security realm object, a first security realm object, and a second security realm object configured in said application server environment, wherein the first and second security realm objects are included in the parent container, and wherein each security realm object defines a configuration of security services;
  
  a first partition of the plurality of partitions configured to have a first plurality of partition resources of the plurality of partition resources;
  
  a second partition of the plurality of partitions configured to have a second plurality of partition resources of the plurality of partition resources;
  
  a first partition security configuration including a realm attribute, wherein the value of the realm attribute of the first partition security configuration associates the first partition with the first security realm object;
  
  a second partition security configuration including a realm attribute, wherein the value of the realm attribute of the second partition security configuration associates the second partition with the second security realm object;
  
  a first primary identity domain associated with the first partition, wherein the first primary identity domain represents a first plurality of users associated with a first tenant;
  
  a second primary identity domain associated with the second partition wherein the second primary identity domain represents a second plurality of users associated with a second tenant;
  
  wherein said admin security realm object, first security realm object, and second security realm object are configured to operate simultaneously at runtime of the multitenant application server environment to control authentication and authorization for access to said plurality of partition resources and said plurality of global resources;
  
  whereby the first plurality of users associated with the first tenant are provided access to the first plurality of partition resources of the first partition via a service of the configuration of security services defined by the first security realm object, but not to the second plurality of partition resources of the second partition; and
  
  whereby the second plurality of users associated with the second tenant are provided access to the second plurality of partition resources of the second partition via a service of the configuration of security services defined by the second security realm object, but not to the first plurality of partition resources of the first partition.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein:
    - the first primary identity domain is configured to reference a first identity store for storing a first representation of the first plurality of users associated with the first tenant; and
      
      the second primary identity domain is configured to reference a second identity store, different than the first identity store, for storing a second representation of the second plurality of users associated with the second tenant.
  - 17. The system of claim 15, wherein:
    - the first primary identity domain is configured to reference a first portion of an identity store for storing a first representation of the first plurality of users associated with the first tenant; and
      
      the second primary identity domain is configured to reference a second portion of said identity store for storing a second representation of the second plurality of users associated with the second tenant.
  - 18. The system of claim 15, further comprising:
    - an admin identity domain associated with the multitenant application server environment, wherein the admin identity domain represents a plurality of system administrators of the multitenant application server environment; and
      
      whereby the plurality of system administrators associated with the multitenant application server environment have access to said plurality of global resources.
  - 19. The system of claim 15, further comprising:
    - a first authentication service included in the configuration of security services defined by the first security realm, the first authentication service configured to authenticate the first plurality of users associated with the first tenant and generate first signed principals identifying said first primary identity domain in combination with one or more of said first plurality of users.
  - 20. The system of claim 15, wherein:
    - the first plurality of resources is associated with the first primary identity domain;
      
      the second plurality of resources is associated with the second primary identity domain;
      
      the system further comprises an authorization service which in response to receiving a call from a user to access a resource compares a primary identity domain associated with said user to a primary identity domain associated with said resource and authorizes access to said resource only if the primary identity domain associated with said user matches the primary identity domain associated with said resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Hopkins, William S., Perez, Craig, Guy, David A., Bower, Peter, Li, Juan, Tancill, Jeff J., Sriramadhesikan, Krishnakumar
Primary Examiner(s)
Le, Khoi V

Application Number

US15/403,396
Publication Number

US 20170126742A1
Time in Patent Office

636 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/278   Data partitioning, e.g. hor...

G06F 21/604   Tools and structures for ma...

G06F 21/62   Protecting access to data v...

H04L 47/70   Admission control; Resource...

H04L 63/08   for authentication of entit...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

System and method for supporting security in a multitenant application server environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for supporting security in a multitenant application server environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links