Integrated Security Roles
First Claim
1. A method of authorizing a client'"'"'s request at a first downstream application, said method comprising:
- receiving, at the first downstream application, a first application request from an upstream application, wherein the first application request is derived from the client'"'"'s request and includes an upstream security role identifier that was determined by the upstream application;
reading authorization table entries stored in a downstream authorization table accessible from the downstream application;
matching the upstream security role identifier included in the request with at least one of the authorization table entries included in the downstream authorization table; and
authorizing the client'"'"'s request in response to the matching.
0 Assignments
0 Petitions
Accused Products
Abstract
An approach to handling integrated security roles is presented. An upstream application includes one or more role-mapping requirements that correspond to an upstream security role and a downstream security role. The upstream security role is expanded by adding an upstream security role identifier in a downstream application'"'"'s role-mapping table or by adding upstream user-to-role mappings to a downstream application'"'"'s role-mapping table. When an upstream security role is expanded, a user assigned to the upstream security role automatically has access to role-mapped downstream applications.
-
Citations
22 Claims
-
1. A method of authorizing a client'"'"'s request at a first downstream application, said method comprising:
-
receiving, at the first downstream application, a first application request from an upstream application, wherein the first application request is derived from the client'"'"'s request and includes an upstream security role identifier that was determined by the upstream application; reading authorization table entries stored in a downstream authorization table accessible from the downstream application; matching the upstream security role identifier included in the request with at least one of the authorization table entries included in the downstream authorization table; and authorizing the client'"'"'s request in response to the matching. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method of expanding an upstream security role to include a downstream application, said method comprising:
-
receiving a security role-mapping request that corresponds to an upstream application and the upstream security role; selecting a downstream security role corresponding to the security role-mapping request and the downstream application; and adding one or more downstream authorization table entries to the downstream security role, wherein the authorization table entries correspond to the upstream security role. - View Dependent Claims (8, 9, 10)
-
-
11. An information handling system comprising:
-
one or more processors; a memory accessible by the processors; one or more nonvolatile storage devices accessible by the processors; and a client authorization tool to authorize a client'"'"'s request at a first downstream application, the client authorization tool including; means for receiving, at the first downstream application, a first application request from an upstream application, wherein the first application request is derived from the client'"'"'s request and includes an upstream security role identifier that was determined by the upstream application; means for reading authorization table entries stored in a downstream authorization table accessible from the downstream application, the downstream authorization table located in one of the nonvolatile storage devices; means for matching the upstream security role identifier included in the request with at least one of the authorization table entries included in the downstream authorization table; and means for authorizing the client'"'"'s request in response to the matching. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A computer program product stored on a computer operable media for authorizing a client'"'"'s request at a first downstream application, said computer program product comprising:
-
means for receiving, at the first downstream application, a first application request from an upstream application, wherein the first application request is derived from the client'"'"'s request and includes an upstream security role identifier that was determined by the upstream application; means for reading authorization table entries stored in a downstream authorization table accessible from the downstream application; means for matching the upstream security role identifier included in the request with at least one of the authorization table entries included in the downstream authorization table; and means for authorizing the client'"'"'s request in response to the matching. - View Dependent Claims (18, 19, 20, 21, 22)
-
Specification