Access control in a web application using event filtering
First Claim
1. A web server comprising a web application capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another, and a permission record defining a set of permitted or forbidden events, the web application comprising an event filter arranged to consult the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed.
3 Assignments
0 Petitions
Accused Products
Abstract
A web application is described that is capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another. A permission record defines a set of permitted or forbidden events and the web application comprises an event filter arranged to consult the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed. Related methods of access control and computer program products are also described.
23 Citations
15 Claims
- 1. A web server comprising a web application capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another, and a permission record defining a set of permitted or forbidden events, the web application comprising an event filter arranged to consult the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed.
- 8. A method for access control within a web server capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another, the method comprising defining in a permission record a set of permitted or forbidden events and consulting the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed.
- 12. A computer program product for configuring a web server to assume a plurality of states and to process a received event from among a predeterminable set of events to change from one state to another, the computer program product comprising program code elements for providing an event filter for consulting, on receipt of an event, a permission record defining a set of permitted or forbidden events in order to determine whether to permit or not permit the event to be processed.
Specification