Method and system for pluggability of federation protocol runtimes for federated user lifecycle management
First Claim
1. A method for providing federated functionality within a data processing system, the method comprising:
- receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within a federated computing environment;
analyzing an incoming request with the point-of-contact functionality;
in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality without the request requiring processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the resource accessing functionality; and
in response to a determination that the received request requires processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality invokes one or more pluggable modules that interface with the federated user lifecycle management functionality in order to provide one or more federated user lifecycle management functions.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and a system are presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. The point-of-contact server receives incoming requests directed to the domain and interfaces with a first application server and a second application server, wherein the first application server responds to requests for access to controlled resources and the second application server responds to requests for access to federated user lifecycle management functions, which are implemented using one or more pluggable modules that interface with the second application server.
104 Citations
41 Claims
-
1. A method for providing federated functionality within a data processing system, the method comprising:
-
receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within a federated computing environment;
analyzing an incoming request with the point-of-contact functionality;
in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality without the request requiring processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the resource accessing functionality; and
in response to a determination that the received request requires processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality invokes one or more pluggable modules that interface with the federated user lifecycle management functionality in order to provide one or more federated user lifecycle management functions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus for providing federated functionality within a data processing system, the apparatus comprising:
-
means for receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within a federated computing environment;
means for analyzing an incoming request with the point-of-contact functionality;
means for sending, in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality, the received request from the point-of-contact functionality to the resource accessing functionality; and
means for sending, in response to a determination that the received request is directed to accessing federated user lifecycle management functionality, the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality responds to requests for access to federated user lifecycle management functions by invoking one or more pluggable modules that interface with the federated user lifecycle management functionality. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer program product on a computer readable medium for use in a data processing system for providing federated functionality, the computer program product comprising:
-
means for receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within a federated computing environment;
means for analyzing an incoming request with the point-of-contact functionality;
means for sending, in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality, the received request from the point-of-contact functionality to the resource accessing functionality; and
means for sending, in response to a determination that the received request is directed to accessing federated user lifecycle management functionality, the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality responds to requests for access to federated user lifecycle management functions by invoking one or more pluggable modules that interface with the federated user lifecycle management functionality. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A data processing system comprising:
-
a point-of-contact server, wherein the point-of-contact server receives incoming requests directed to a domain, wherein the domain is associated with a plurality of domains within a federated computing environment;
a first application server that interfaces with the point-of-contact server, wherein the first application server includes means for responding to requests for access to controlled resources; and
a second application server that interfaces with the point-of-contact server, wherein the second application server includes means for responding to requests for access to federated user lifecycle management functions, wherein the means for responding to requests for access to federated user lifecycle management functions includes one or more pluggable modules that interface with the second application server. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
-
Specification