Techniques for virtual representational state transfer (REST) interfaces
First Claim
Patent Images
1. A method, comprising:
- transparently intercepting, by a server, a Representational State Transfer (REST) service request from a client within a local processing environment of the REST service, wherein the REST service request is sent from the client to a REST service to the REST service and the REST service request is a REST-formatted request;
enforcing, by the server, enterprise policy against the REST service request, wherein enforcing further includes at least and independently enforcing security associated with the local processing environment as a portion of the enterprise policy, wherein the security is outside the scope of REST processing that is performed by the REST service when provided the REST service request;
forwarding, by the server, the REST service request to the REST service when the enterprise policy is validated, wherein the REST service is unaware of the enforcement of the enterprise policy and assumes the REST service request is being sent directly from the client to the REST service, and wherein the client and the REST service were riot preconfigured to directly interact with the server and the client is unaware of the server; and
processing the method on the server as a reverse proxy within a firewalled environment that is the local processing environment of the REST service and simultaneously processing the method as a transparent proxy to the client that is associated with an external processing environment that is external to the local processing environment.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for virtual Representational State Transfer (REST) interfaces are provided. A proxy is interposed between a client and a REST service over a network. The proxy performs independent authentication of the client and provides credentials to the client and for the client to authenticate to the REST service using a REST service authentication mechanism. The proxy inspects requests and responses and translates the requests and responses into formats expected by the client and the REST service. Moreover, the proxy enforces policy and audits the requests and responses occurring between the client and the REST service over the network.
29 Citations
17 Claims
-
1. A method, comprising:
-
transparently intercepting, by a server, a Representational State Transfer (REST) service request from a client within a local processing environment of the REST service, wherein the REST service request is sent from the client to a REST service to the REST service and the REST service request is a REST-formatted request; enforcing, by the server, enterprise policy against the REST service request, wherein enforcing further includes at least and independently enforcing security associated with the local processing environment as a portion of the enterprise policy, wherein the security is outside the scope of REST processing that is performed by the REST service when provided the REST service request; forwarding, by the server, the REST service request to the REST service when the enterprise policy is validated, wherein the REST service is unaware of the enforcement of the enterprise policy and assumes the REST service request is being sent directly from the client to the REST service, and wherein the client and the REST service were riot preconfigured to directly interact with the server and the client is unaware of the server; and processing the method on the server as a reverse proxy within a firewalled environment that is the local processing environment of the REST service and simultaneously processing the method as a transparent proxy to the client that is associated with an external processing environment that is external to the local processing environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
configuring a proxy as a proxy between a client of a network and two or more independent Representational State Transfer (REST) services, wherein configuring further includes configuring the proxy as a transparent proxy to the client and simultaneously configuring the proxy as a reverse proxy to the REST services, wherein configuring further includes configuring the proxy within a local processing environment of the REST services that is external to the client; operating the proxy to present to the client as the REST services, wherein the client directs requests to the REST services during operation of the client, wherein the requests are REST-formatted requests; enforcing, by the proxy during operation, policy against the requests for access made by the client to the REST services and against interactions between the client and the REST services, wherein the client and the REST services are not preconfigured for directly interacting with the proxy and the client and the REST services are unaware of the proxy, and wherein enforcing further includes at least and independently enforcing security associated with the local processing environment as a portion of the policy, wherein the security is outside the scope of any REST processing that is performed by the REST services when provided the requests; and processing the method for all REST service requests made by the client to any of the REST services of the local processing environment. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A system, comprising:
-
a hardware server configured with executable instructions residing in a non-transitory computer-readable medium, the executable instructions representing a proxy service; and the proxy service configured to; i) execute on one or more processors of the hardware server, ii) intercept Representational State Transfer (REST) requests issued over a network connection from a client as REST-formatted requests, wherein the REST requests are received by the proxy server within a local processing environment associated with a plurality of REST services and the client associated with an external processing environment that is external to the local processing environment, the client making the REST requests to at least one of the REST services, and iii) enforce enterprise policy against the REST requests before forwarding the REST requests to the at least one of the REST services, and at least and independently enforce security associated with the local processing as a portion of the enterprise policy, wherein the security is outside the scope of REST processing that is performed by the REST services when provided the REST requests , wherein both the client and the REST services are unaware of the proxy service and neither the client nor the REST services are preconfigured for directly interacting with the proxy service, wherein the proxy service is a transparent proxy to the client and simultaneously a reverse proxy to the REST services. - View Dependent Claims (16, 17)
-
Specification