Application programming interface for centralized storage of principal data
1 Assignment
0 Petitions
Accused Products
Abstract
In the present invention, data relating to principals known to a computer system is centrally stored and objects having a standardized principal application programming interface (API) for finding, managing and accessing that data is provided to applications in lieu of having the applications independently store the principal data. The present invention eliminates the need for each application to create duplicate principal data. It also ensures that principal data are consistent throughout the applications on the computer system. In addition, the present invention allows any application with objects having the principal API to manage and change the principal data making such principal data easy to update. The principal API includes methods to find principals based on an identity reference to a principal or an identity claim that uniquely identifies the principal on computer system.
-
Citations
35 Claims
-
1-9. -9. (canceled)
-
10. An application programming interface (API) for a central data store of principal objects in a computer system that is part of a distributed system, each principal object associated with one principal and having at least one property that uniquely identifies the associated principal in the distributed system, the API comprising:
a findbyidentity method that when invoked with the property searches the computer system for principal data uniquely identified by the property, instantiates a principal object containing the principal data identified by the property, and returns a pointer to the principal object. - View Dependent Claims (11, 12, 13)
-
14-19. -19. (canceled)
-
20. A method in a computer system for managing principal data, the computer system having installed thereon a plurality of disparate applications that utilize principal data, the method comprising:
-
storing on the computer system in a central data store principal data for a plurality of principals;
identifying for each principal, one or more identity claims that uniquely identifies the principal;
providing the plurality of disparate applications access to the principal data via component objects having at least one identity reference and capable of calling a standardized principal application programming interface (API), the standardized principal API containing methods accessing the central data store, instantiating principal objects, and retrieving principal data. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method in a computer system for determining a first identity reference of a first type of a principal from a second identity reference property of the principal comprising:
-
using the second identity reference to identify a principal;
instantiating a principal object for the principal, the principal object having a first identity claim of the first type identified by the first identity reference and a second identity claim of a different type identified by the second identity reference;
invoking a translate function exposed by the principal object with the first type as an argument;
receiving the first identity reference. - View Dependent Claims (32, 33, 34, 35)
-
Specification