Managing secure resources in web resources that are accessed by multiple portals
First Claim
1. An apparatus for authorizing users of network portals to access a secure resource hosted by a secure server, comprising:
- an authorization table to store a plurality of user identifiers, each representing a user of an owning portal, and to store for each of the user identifiers an access privilege to the secure resource;
wherein the authorization table stores a proxy user identifier representing a guest portal and a guest access privilege to the secure resource for all of the users of the guest portal;
a policy manager to receive from the owning portal a first request for access to the secure resource, the first request comprising a first user identifier representing a user of the owning portal, wherein the policy manager grants to the user of the owning portal access to the secure resource according to the access privilege stored in the authorization table for the first user identifier; and
wherein the policy manager receives from the guest portal a second request for access to the secure resource, the second request comprising a second user identifier representing a user of the guest portal and a portal identifier representing the guest portal, wherein the policy manager grants to the user of the guest portal access to the secure resource according to the guest access privilege stored in the authorization table for the proxy user identifier.
3 Assignments
0 Petitions
Accused Products
Abstract
A method, apparatus, and computer-readable media for authorizing users of network portals to access a secure resource hosted by a secure server comprises storing a plurality of user identifiers, each representing a user of an owning portal; storing for each of the user identifiers an access privilege to the secure resource; storing a proxy user identifier representing a guest portal and a guest access privilege to the secure resource for all of the users of the guest portal; receiving from the owning portal a first request for access to the secure resource, the first request comprising a first user identifier representing a user of the owning portal; granting to the user of the owning portal access to the secure resource according to the access privilege stored for the first user identifier; receiving from the guest portal a second request for access to the secure resource, the second request comprising a second user identifier representing a user of the guest portal and a portal identifier representing the guest portal; and granting to the user of the guest portal access to the secure resource according to the guest access privilege stored in the authorization table for the proxy user identifier.
-
Citations
28 Claims
-
1. An apparatus for authorizing users of network portals to access a secure resource hosted by a secure server, comprising:
-
an authorization table to store a plurality of user identifiers, each representing a user of an owning portal, and to store for each of the user identifiers an access privilege to the secure resource;
wherein the authorization table stores a proxy user identifier representing a guest portal and a guest access privilege to the secure resource for all of the users of the guest portal;
a policy manager to receive from the owning portal a first request for access to the secure resource, the first request comprising a first user identifier representing a user of the owning portal, wherein the policy manager grants to the user of the owning portal access to the secure resource according to the access privilege stored in the authorization table for the first user identifier; and
wherein the policy manager receives from the guest portal a second request for access to the secure resource, the second request comprising a second user identifier representing a user of the guest portal and a portal identifier representing the guest portal, wherein the policy manager grants to the user of the guest portal access to the secure resource according to the guest access privilege stored in the authorization table for the proxy user identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus for authorizing users of network portals to access a secure resource hosted by a secure server, comprising:
-
means for storing a plurality of user identifiers, each representing a user of an owning portal, and to store for each of the user identifiers an access privilege to the secure resource;
wherein the means for storing stores a proxy user identifier representing a guest portal and a guest access privilege to the secure resource for all of the users of the guest portal;
policy manager means for receiving from the owning portal a first request for access to the secure resource, the first request comprising a first user identifier representing a user of the owning portal, wherein the policy manager grants to the user of the owning portal access to the secure resource according to the access privilege stored in the authorization table for the first user identifier; and
wherein the policy manager means receives from the guest portal a second request for access to the secure resource, the second request comprising a second user identifier representing a user of the guest portal and a portal identifier representing the guest portal, wherein the policy manager grants to the user of the guest portal access to the secure resource according to the guest access privilege stored in the authorization table for the proxy user identifier. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for authorizing users of network portals to access a secure resource hosted by a secure server, comprising:
-
storing a plurality of user identifiers, each representing a user of an owning portal;
storing for each of the user identifiers an access privilege to the secure resource;
storing a proxy user identifier representing a guest portal and a guest access privilege to the secure resource for all of the users of the guest portal;
receiving from the owning portal a first request for access to the secure resource, the first request comprising a first user identifier representing a user of the owning portal;
granting to the user of the owning portal access to the secure resource according to the access privilege stored for the first user identifier;
receiving from the guest portal a second request for access to the secure resource, the second request comprising a second user identifier representing a user of the guest portal and a portal identifier representing the guest portal; and
granting to the user of the guest portal access to the secure resource according to the guest access privilege stored in the authorization table for the proxy user identifier. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. Computer-readable media embodying instructions executable by a computer to perform a method for authorizing users of network portals to access a secure resource hosted by a secure server, the method comprising:
-
storing a plurality of user identifiers, each representing a user of an owning portal;
storing for each of the user identifiers an access privilege to the secure resource;
storing a proxy user identifier representing a guest portal and a guest access privilege to the secure resource for all of the users of the guest portal;
receiving from the owning portal a first request for access to the secure resource, the first request comprising a first user identifier representing a user of the owning portal granting to the user of the owning portal access to the secure resource according to the access privilege stored for the first user identifier;
receiving from the guest portal a second request for access to the secure resource, the second request comprising a second user identifier representing a user of the guest portal and a portal identifier representing the guest portal; and
granting to the user of the guest portal access to the secure resource according to the guest access privilege stored in the authorization table for the proxy user identifier. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
Specification