Access control in a web application using event filtering

US 20050262099A1
Filed: 05/06/2005
Published: 11/24/2005
Est. Priority Date: 05/07/2004
Status: Active Grant

First Claim

Patent Images

1. A web server comprising a web application capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another, and a permission record defining a set of permitted or forbidden events, the web application comprising an event filter arranged to consult the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A web application is described that is capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another. A permission record defines a set of permitted or forbidden events and the web application comprises an event filter arranged to consult the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed. Related methods of access control and computer program products are also described.

23 Citations

View as Search Results

15 Claims

1. A web server comprising a web application capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another, and a permission record defining a set of permitted or forbidden events, the web application comprising an event filter arranged to consult the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. A web server as claimed in claim 1 wherein the dynamic generation of a web page is triggered on entry to at least some of the states.
  - 3. A web server as claimed in claim 1 comprising an event mapper for mapping http requests received from a web browser to events.
  - 4. A web server as claimed in claim 1 wherein at least some of the states correspond to user interface views of the web application.
  - 5. A web server as claimed in claim 1 wherein the event filter is part of a state machine controller.
  - 6. A web server as claimed in claim 1 wherein the permission file links events to user credentials, the event filter being arranged to check the user credentials in order to determine whether to permit or not permit the event to be processed.
  - 7. A web server as claimed in claim 1 wherein the permission file links events to states of the web application, the event filter being arranged to determine the current state of the application in order to determine whether to permit or not permit the event to be processed.

8. A method for access control within a web server capable of assuming a plurality of states and being arranged to process a received event from among a predeterminable set of events to change from one state to another, the method comprising defining in a permission record a set of permitted or forbidden events and consulting the permission record on receipt of an event in order to determine whether to permit or not permit the event to be processed.
- View Dependent Claims (9, 10, 11)
- - 9. A method as claimed in claim 8 comprising triggering dynamic generation of a web page on entry to at least some of the states.
  - 10. A method as claimed in claim 8 comprising mapping http requests received from a web browser to events.
  - 11. A method as claimed in claim 8 comprising determining the current state of the application in order to determine whether to permit or not permit the event to be processed.

12. A computer program product for configuring a web server to assume a plurality of states and to process a received event from among a predeterminable set of events to change from one state to another, the computer program product comprising program code elements for providing an event filter for consulting, on receipt of an event, a permission record defining a set of permitted or forbidden events in order to determine whether to permit or not permit the event to be processed.
- View Dependent Claims (13, 14, 15)
- - 13. A computer program product as claimed in claim 12 comprising program code elements for providing an event mapper for mapping http requests received from a web browser to events.
  - 14. A computer program product as claimed in claim 12 wherein the event filter is part of a state machine controller.
  - 15. A computer program product as claimed in claim 12 wherein the event filter is arranged to determine the current state of the application in order to determine whether to permit or not permit an event to be processed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Marqeta, Inc.
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Fouche, Pierre, Manfredi, Raphael

Granted Patent

US 7,735,119 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 9/542   Event management; Broadcast...

H04L 63/102   Entity profiles

H04L 63/168   above the transport layer

Access control in a web application using event filtering

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

23 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Access control in a web application using event filtering

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links