Provisioning composite applications using secure parameter access
First Claim
1. A method, comprising:
- implementing a composite Web application, the implementing involving a first virtual machine (VM) to be hosted on a first physical machine and a second virtual machine to be hosted on a second physical machine, wherein the first physical machine and the second physical machine are located in a data center;
provisioning the first virtual machine on the first physical machine;
provisioning the second virtual machine on second physical machine;
instantiating a first component of the composite Web application on the first virtual machine and a second component of the composite Web application on the second virtual machine, wherein the first component has a first role of an application server and the second component has a second role of a database management system;
receiving, by a processing device of a provisioning server, a request for a configuration parameter from the first component of the composite Web application, the configuration parameter being a password that enables periodic reconfiguration to communication between the first component and the second component;
identifying, by the processing device of the provisioning server, the first role of the first component of the composite Web application by looking up an identifier of the first component within a stored VM table;
accessing, within a hierarchical data structure, an access condition that specifies a role condition or relationship condition of the requesting first component that is satisfied to access the configuration parameter and enable the communication with the second component;
verifying that the access condition is satisfied by the first component;
upon verification of the access condition, providing the configuration parameter to the first virtual machine associated with the first component;
reconfiguring the first virtual machine of the first component of the application server to access the second component using the requested configuration parameter; and
allowing the communication between the first component and the second component based on the requested configuration parameter.
1 Assignment
0 Petitions
Accused Products
Abstract
A mechanism for provisioning composite application using secure parameter access is disclosed. A method of one embodiment of the disclosure includes receiving a request for a configuration parameter from a first component of a composite Web application residing on a first virtual machine (VM). The requested configuration parameter can be related to a second component of the composite Web application residing on a second VM. The role of the first component of the composite Web application is identified and a determination is made as to whether the first component has access to the requested configuration parameter based on the role of the first component. If the first component has access, then the requested configuration parameter is provided to the first component.
-
Citations
19 Claims
-
1. A method, comprising:
-
implementing a composite Web application, the implementing involving a first virtual machine (VM) to be hosted on a first physical machine and a second virtual machine to be hosted on a second physical machine, wherein the first physical machine and the second physical machine are located in a data center; provisioning the first virtual machine on the first physical machine; provisioning the second virtual machine on second physical machine; instantiating a first component of the composite Web application on the first virtual machine and a second component of the composite Web application on the second virtual machine, wherein the first component has a first role of an application server and the second component has a second role of a database management system; receiving, by a processing device of a provisioning server, a request for a configuration parameter from the first component of the composite Web application, the configuration parameter being a password that enables periodic reconfiguration to communication between the first component and the second component; identifying, by the processing device of the provisioning server, the first role of the first component of the composite Web application by looking up an identifier of the first component within a stored VM table; accessing, within a hierarchical data structure, an access condition that specifies a role condition or relationship condition of the requesting first component that is satisfied to access the configuration parameter and enable the communication with the second component; verifying that the access condition is satisfied by the first component; upon verification of the access condition, providing the configuration parameter to the first virtual machine associated with the first component; reconfiguring the first virtual machine of the first component of the application server to access the second component using the requested configuration parameter; and allowing the communication between the first component and the second component based on the requested configuration parameter. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a memory, and a processing device operatively coupled to the memory to; implement a composite Web application, the implementing involving a first virtual machine (VM) to be hosted on a first physical machine and a second virtual machine to be hosted on a second physical machine, wherein the first physical machine and the second physical machine are located in a data center; provision the first virtual machine on the first physical machine; provision the second virtual machine on second physical machine; instantiate a first component of the composite Web application on the first virtual machine and a second component of the composite Web application on the second virtual machine, wherein the first component has a first role of an application server and the second component has a second role of a database management system; receive a request for a configuration parameter from the first component of the composite Web application, the configuration parameter being a password that enables periodic reconfiguration to communication between the first component and the second component; identify the first role of the first component of the composite Web application by looking up an identifier of the first component within a stored VM table; access, within a hierarchical data structure, an access condition that specifies a role condition or relationship condition of the requesting first component that is satisfied to access the configuration parameter and enable the communication with the second component; verify that the access condition is satisfied by the first component; upon verification of the access condition, provide the configuration parameter to the first virtual machine associated with the first component; reconfigure the first virtual machine of the first component of the application server to access the second component using the requested configuration parameter; and allow the communication between the first component and the second component based on the requested configuration parameter. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable storage medium programmed to include instructions that, when executed by a processing device of a provisioning server, cause the processing device to:
-
implement a composite Web application, the implementing involving a first virtual machine (VM) to be hosted on a first physical machine and a second virtual machine to be hosted on a second physical machine, wherein the first physical machine and the second physical machine are located in a data center; provision the first virtual machine on the first physical machine; provision the second virtual machine on second physical machine; instantiate a first component of the composite Web application on the first virtual machine and a second component of the composite Web application on the second virtual machine, wherein the first component has a first role of an application server and the second component has a second role of a database management system; receive, by the processing device, a request for a configuration parameter from the first component of the composite Web application, the configuration parameter being a password that enables periodic reconfiguration to communication between the first component and the second component; identify the first role of a first server of the first component of the composite Web application by looking up an identifier of the first component within a stored VM table; access, within a hierarchical data structure, an access condition that specifies a role condition or relationship condition of the requesting component that is satisfied to access the configuration parameter and enable the communication with the second component; verify that the access condition is satisfied by the first component; upon verification of the access condition, provide the configuration parameter to the first virtual machine associated with the first component; reconfigure the first virtual machine of the first component of the application server to access the second component using the requested configuration parameter; and allow the communication between the first component and the second component based on the requested configuration parameter. - View Dependent Claims (16, 17, 18, 19)
-
Specification