METHOD AND DATA PROCESSING SYSTEM FOR INTERCEPTING COMMUNICATION BETWEEN A CLIENT AND A SERVICE
First Claim
1. A method of intercepting communication between a user and a service, said method comprising:
- receiving, by an authentication component from the user, a user request directed to the service;
adding, by the authentication component, a user-specific token to the user request to generate a tokenized request comprising the user request and the token added thereto, said user-specific token comprising a unique user identifier that identifies the user uniquely;
sending, by the authentication component, the tokenized request to a proxy;
receiving, by the proxy, the tokenized request sent by the authentication component;
sending, by the proxy, the tokenized request to the service;
invoking, by the proxy, an interceptor plug-in plugged into the proxy for processing the tokenized request;
ascertaining, by the interceptor plug-in, that the unique user identifier in the tokenized request is present in an interception control list of unique user identifiers accessible to the interceptor plug-in;
sending, by the interceptor plug-in, the tokenized request to an interceptor manager; and
storing, by the interceptor manager, the tokenized request.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and data processing system for intercepting communication between a user and a service. An authentication component receives, from the user, a user request directed to the service. The authentication component adds a user-specific token to the user request to generate a tokenized request. The tokenized request includes the user request and the token. The token includes a unique user identifier that identifies the user. The authentication component sends the tokenized request to a proxy. The proxy sends the tokenized request to the service. The proxy invokes an interceptor plug-in that is plugged into the proxy. The interceptor plug-in ascertains that the unique user identifier in the tokenized request is present in an interception control list of unique user identifiers. The interception control list is accessible to the interceptor plug-in. The interceptor plug-in sends the tokenized request to an interceptor manager who stores the tokenized request.
72 Citations
20 Claims
-
1. A method of intercepting communication between a user and a service, said method comprising:
-
receiving, by an authentication component from the user, a user request directed to the service;
adding, by the authentication component, a user-specific token to the user request to generate a tokenized request comprising the user request and the token added thereto, said user-specific token comprising a unique user identifier that identifies the user uniquely;
sending, by the authentication component, the tokenized request to a proxy;
receiving, by the proxy, the tokenized request sent by the authentication component;
sending, by the proxy, the tokenized request to the service;
invoking, by the proxy, an interceptor plug-in plugged into the proxy for processing the tokenized request;
ascertaining, by the interceptor plug-in, that the unique user identifier in the tokenized request is present in an interception control list of unique user identifiers accessible to the interceptor plug-in;
sending, by the interceptor plug-in, the tokenized request to an interceptor manager; and
storing, by the interceptor manager, the tokenized request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
Inventorsvon Kulessa, Thomas, Andress, Jiri, Heine, Stefan
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current709/227
-
CPC Class CodesH04L 63/08 for authentication of entit...H04L 63/0884 by delegation of authentica...
