×

Dynamic identity switching

  • US 10,135,803 B2
  • Filed: 10/20/2016
  • Issued: 11/20/2018
  • Est. Priority Date: 09/30/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • receiving, by a computer system, an invocation by a web application acting as a web service client of a web service, wherein the invocation by the web application comprises a first username property representing a first identity using the web application and a second username property representing a second identity declared to be propagateable in web service invocations;

    while executing a first task using the first identity, receiving a request to dynamically switch from the first identity to the second identity, wherein the first identity is of a first user and the second identity is of a second user that is different from the first user;

    determining, by the computer system, a set of one or more switching rules using the first identity and the second identity in the invocation of the web service;

    verifying, by the computer system, during runtime that the switch from the first identity to the second identity that is included in the invocation is permitted by applying the set of one or more switching rules and determining that the web application is a permitted application in accordance with a permission object;

    including, by the computer system, the second identity in the second username property in a service request to the web service when the switch is permitted, wherein including the second identity in the service request comprises storing the second identity in a Security Assertion Markup Language (SAML) security token included in the service request;

    communicating, by the computer system, the service request to the web service; and

    executing, by the web service, a second task using the second identity in accordance with the one or more switching rules, wherein after executing the second task using the second identity, switching from the second identity to the first identity.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×