Method, system, and article of manufacture for implementing security features at a portal server

US 20030167298A1
Filed: 03/04/2002
Published: 09/04/2003
Est. Priority Date: 03/04/2002
Status: Active Grant

First Claim

Patent Images

1. A method for implementing security features at a portal server, comprising:

receiving a first request from a client;

in response to receiving the first request, authenticating the client;

consulting a database to determine access privileges of the authenticated client for interactions with a plurality of applications, wherein the applications are located at backend servers;

generating code containing selectable interactions with the applications, wherein any authentication for the selectable interactions can be performed within the portal server; and

sending the code to the client.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a method, system, and an article of manufacture for implementing security at a portal server. The portal server provides a client with access to backend applications, where the backend applications are stored at backend servers separate from the portal server. Associated with each backend application are privileges and other security features. The privileges and the security features are stored at a database in the portal server. The portal server receives a request from a client and constructs a list of allowable interactions for a plurality of the backend applications, by consulting the database. The portal server sends a page containing the list of allowable interactions to the client. The client selects an interaction and requests the portal server for a result of the interaction. The portal server requests a backend server to provide the result, and returns the result to the client, along with a set of new allowable interactions for the client to select.

Citations

50 Claims

1. A method for implementing security features at a portal server, comprising:
- receiving a first request from a client;
  
  in response to receiving the first request, authenticating the client;
  
  consulting a database to determine access privileges of the authenticated client for interactions with a plurality of applications, wherein the applications are located at backend servers;
  
  generating code containing selectable interactions with the applications, wherein any authentication for the selectable interactions can be performed within the portal server; and
  
  sending the code to the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising:
    - responsive to sending the code to the client, receiving a second request from the client, wherein the second request contains a selection of at least one of the selectable interactions;
      
      determining from the selection a set of backend servers to process the second request;
      
      forwarding the second request to the set of backend servers;
      
      receiving results corresponding to the request from applications executing on the backend servers; and
      
      sending the results to the client.
  - 3. The method of claim 2, wherein sending the results to the client further comprises:
    - generating further selectable interactions; and
      
      sending the further selectable interactions with the results to the client.
  - 4. The method of claim 1, wherein the portal server is a Web server and the portal server comprises a portal application.
  - 5. The method of claim 1, wherein the database comprises a plurality of generic objects, wherein each generic object contains the access privileges related to a user for the elements of the plurality of applications.
  - 6. The method of claim 5, wherein the access privileges indicate write access.
  - 7. The method of claim 5, wherein the database is in the form of a table.
  - 8. The method of claim 1 wherein the code is in a form that can be rendered into a Web page.
  - 9. The method of claim 8, wherein the form of the code is comprised of active code, wherein the active code can be executed on the client.
  - 10. The method of claim 1, wherein the selectable interactions correspond to operations within the applications.
  - 11. The method of claim 1, wherein the selectable interactions correspond to resources related to the applications.
  - 12. The method of claim 11, wherein the resources are selected from the group consisting of multimedia content, objects, files, attributes of objects, program elements, database objects, table entries.

13. A method at a backend system for securely making available a backend application, comprising:
- creating data structures corresponding to interactions with the backend application;
  
  associating privileges for each of the data structures, wherein the privileges can be fully checked at a portal application separately hosted from the backend application;
  
  receiving a request from the portal application for reading the data structures; and
  
  sending the data structures to the portal application.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The method of claim 13, further comprising:
    - receiving a request for an interaction with the backend application from the portal application;
      
      processing the request without checking for the privileges; and
      
      sending the results of processing the request to the portal server.
  - 15. The method of claim 13, wherein the data structures are data objects.
  - 16. The method of claim 13, wherein a representation of the data structure is from the group consisting of a relational database, an XML document and a class.
  - 17. The method of claim 13, wherein the interactions are operations that can be performed on the backend application.
  - 18. The method of claim 13, wherein the interactions relate to resources associated with the background application.

19. A method for accessing a group of applications at a client computer comprising:
- authenticating with a portal server;
  
  receiving a list of applications and interactions that can be performed with the applications from the portal server, wherein the applications are stored at backend servers that are different from the portal server;
  
  selecting an interaction; and
  
  receiving results based on the selection of the interaction without authenticating with the backend servers.
- View Dependent Claims (20, 21)
- - 20. The method of claim 19, wherein receiving the results further comprises receiving a set of further interactions selectable by the client.
  - 21. The method of claim 19, wherein authenticating, receiving the list, selecting, and receiving results are at a Web browser.

22. A system for implementing security features, comprising:
- a portal server;
  
  means for receiving a first request from a client at the portal server;
  
  means for authenticating the client, in response to receiving the first request;
  
  means for consulting a database to determine access privileges of the authenticated client for interactions with a plurality of applications, wherein the applications are located at backend servers;
  
  means for generating code containing selectable interactions with the applications, wherein any authentication for the selectable interactions can be performed within the portal server; and
  
  means for sending the code to the client.
- View Dependent Claims (23, 24, 25)
- - 23. The system of claim 22, further comprising:
    - means for receiving a second request from the client in response to sending the code to the client, wherein the second request contains a selection of at least one of the selectable interactions;
      
      means for determining from the selection a set of backend servers to process the second request;
      
      means for forwarding the second request to the set of backend servers;
      
      means for receiving results corresponding to the request from applications executing on the backend servers; and
      
      means for sending the results to the client.
  - 24. The system of claim 23, wherein the means for sending the results to the client further performs:
    - generating further selectable interactions; and
      
      sending the further selectable interactions with the results to the client.
  - 25. The system of claim 22, wherein the database comprises a plurality of generic objects, wherein each generic object contains the access privileges related to a user for the elements of the plurality of applications.

26. A system for securely making available a backend application, comprising:
- a backend system hosting the backend application;
  
  means for creating data structures at the backend system corresponding to interactions with the backend application;
  
  means for associating privileges for each of the data structures, wherein the privileges can be fully checked at a portal application separately hosted from the backend application;
  
  means for receiving a request from the portal application for reading the data structures; and
  
  means for sending the data structures to the portal application.
- View Dependent Claims (27)
- - 27. The system of claim 26, further comprising:
    - means for receiving a request for an interaction with the backend application from the portal application;
      
      means for processing the request without checking for the privileges; and
      
      means for sending the results of processing the request to the portal server.

28. A system for accessing a group of applications comprising:
- a client computer;
  
  means for authenticating with a portal server from the client computer;
  
  means for receiving a list of applications and interactions that can be performed with the applications from the portal server, wherein the applications are stored at backend servers that are different from the portal server;
  
  means for selecting an interaction; and
  
  means for receiving results based on the selection of the interaction without authenticating with the backend servers.
- View Dependent Claims (29)
- - 29. The system of claim 28, wherein the means for receiving the results further performs receiving a set of further interactions selectable by the client.

30. An article of manufacture including code for implementing security features at a portal server, wherein the code is capable of causing operations, the operations comprising:
- receiving a first request from a client;
  
  in response to receiving the first request, authenticating the client;
  
  consulting a database to determine access privileges of the authenticated client for interactions with a plurality of applications, wherein the applications are located at backend servers;
  
  generating code containing selectable interactions with the applications, wherein any authentication for the selectable interactions can be performed within the portal server; and
  
  sending the code to the client.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 31. The article of manufacture of claim 30, further comprising:
    - responsive to sending the code to the client, receiving a second request from the client, wherein the second request contains a selection of at least one of the selectable interactions;
      
      determining from the selection a set of backend servers to process the second request;
      
      forwarding the second request to the set of backend servers;
      
      receiving results corresponding to the request from applications executing on the backend servers; and
      
      sending the results to the client.
  - 32. The article of manufacture of claim 31, wherein sending the results to the client further comprises:
    - generating further selectable interactions; and
      
      sending the further selectable interactions with the results to the client.
  - 33. The article of manufacture of claim 30, wherein the portal server is a Web server and the portal server comprises a portal application.
  - 34. The article of manufacture of claim 30, wherein the database comprises a plurality of generic objects, wherein each generic object contains the access privileges related to a user for the elements of the plurality of applications.
  - 35. The article of manufacture of claim 34, wherein the access privileges indicate write access.
  - 36. The article of manufacture of claim 34, wherein the database is in the form of a table.
  - 37. The article of manufacture of claim 30 wherein the code is in a form that can be rendered into a Web page.
  - 38. The article of manufacture of claim 37, wherein the form of the code is comprised of active code, wherein the active code can be executed on the client.
  - 39. The article of manufacture of claim 30, wherein the selectable interactions correspond to operations within the applications.
  - 40. The article of manufacture of claim 30, wherein the selectable interactions correspond to resources related to the applications.
  - 41. The article of manufacture of claim 40, wherein the resources are selected from the group consisting of multimedia content, objects, files, attributes of objects, program elements, database objects, table entries.

42. An article of manufacture, including code for securely making available a backend application at a backend system, wherein the code is capable of causing operations, the operations comprising:
- creating data structures corresponding to interactions with the backend application;
  
  associating privileges for each of the data structures, wherein the privileges can be fully checked at a portal application separately hosted from the backend application;
  
  receiving a request from the portal application for reading the data structures; and
  
  sending the data structures to the portal application.
- View Dependent Claims (43, 44, 45, 46, 47)
- - 43. The article of manufacture of claim 42, further comprising:
    - receiving a request for an interaction with the backend application from the portal application;
      
      processing the request without checking for the privileges; and
      
      sending the results of processing the request to the portal server.
  - 44. The article of manufacture of claim 42, wherein the data structures are data objects.
  - 45. The article of manufacture of claim 42, wherein a representation of the data structure is from the group consisting of a relational database, an XML document and a class.
  - 46. The article of manufacture of claim 42, wherein the interactions are operations that can be performed on the backend application.
  - 47. The article of manufacture of claim 42, wherein the interactions relate to resources associated with the background application.

48. An article of manufacture, including code for accessing a group of applications at a client computer, wherein the code is capable of causing operations, the operations comprising:
- authenticating with a portal server;
  
  receiving a list of applications and interactions that can be performed with the applications from the portal server, wherein the applications are stored at backend servers that are different from the portal server;
  
  selecting an interaction; and
  
  receiving results based on the selection of the interaction without authenticating with the backend servers.
- View Dependent Claims (49, 50)
- - 49. The article of manufacture of claim 48, wherein receiving the results further comprises receiving a set of further interactions selectable by the client.
  - 50. The article of manufacture of claim 48, wherein authenticating, receiving the list, selecting, and receiving results are at a Web browser.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Meka, Sekhar, Bazinet, Allan, Ho, Phyllis, Wang, Mandy

Granted Patent

US 7,260,617 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/203
CPC Class Codes

H04L 63/0815 providing single-sign-on or...

H04L 63/101 Access control lists [ACL]

Method, system, and article of manufacture for implementing security features at a portal server

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

Method, system, and article of manufacture for implementing security features at a portal server

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links