Specializing Support For A Federation Relationship

US 20090259753A1
Filed: 06/09/2009
Published: 10/15/2009
Est. Priority Date: 12/16/2004
Status: Active Grant

First Claim

Patent Images

1. A method for providing federated functionality within a data processing system, the method comprising:

receiving a first request at a first computing system for federation services from an identity provider, wherein the first request is made by a first requester;

initializing an instance of an application to provide requested federation services for the first requester, the instance of the application resulting in a first specialized runtime which is specialized according to configuration data of a federation relationship of the first requestor with the identity provider, wherein the configuration data is dynamically retrieved during initialization of the runtime; and

providing the requested federation services using the specialized runtime.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides federated functionality within a data processing system by means of a set of specialized runtimes, which are instances of an application for providing federation services to requesters. Each of the plurality of specialized runtimes provides requested federation services for selected ones of the requestors according to configuration data of respective federation relationships of the requestors with the identity provider. The configuration data is dynamically retrieved during initialization of the runtimes which allows the respective_runtime to be specialized for a given federation relationship. Requests are routed to the appropriate specialized runtime using the first requestor identity and the given federation relationship. The data, which describes each federation relationship between the identity provider and each of the plurality of requestors, is configured prior to initialization of the runtimes.

114 Citations

View as Search Results

18 Claims

1. A method for providing federated functionality within a data processing system, the method comprising:
- receiving a first request at a first computing system for federation services from an identity provider, wherein the first request is made by a first requester;
  
  initializing an instance of an application to provide requested federation services for the first requester, the instance of the application resulting in a first specialized runtime which is specialized according to configuration data of a federation relationship of the first requestor with the identity provider, wherein the configuration data is dynamically retrieved during initialization of the runtime; and
  
  providing the requested federation services using the specialized runtime.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the identity provider provides federation services for a plurality of requesters, further comprising:
    - initializing a plurality of specialized runtimes which provide requested federation services for the requestors according to configuration data of respective federation relationships of the requestors with the identity provider, wherein the configuration data is dynamically retrieved during initialization of the runtimes; and
      
      providing the requested federation services to each requestor by routing requests to appropriate a specialized runtime according to a requestor identity and a federation relationship.
  - 3. The method of claim 2 wherein the first specialized runtime also provides federation services to a second requestor and is also initialized according to configuration data of a federation relationship of the second requestor with the identity provider.
  - 4. The method of claim 2 wherein a second specialized runtime provides federation services to a third requestor and is initialized according to configuration data of a federation relationship of the third requestor with the identity provider, and wherein the federation services provided by the first and second specialized runtimes are substantially identical.
  - 5. The method of claim 2 further comprising:
    - configuring data which describes each federation relationship between the identity provider and each of the plurality of requestors.
  - 6. The method of claim 5 wherein the configuring data step further comprises the step of configuring global specified data which is common to all federation relations with the identity provider level.
  - 7. The method of claim 5 wherein the configuring data step further comprises the step of configuring federation relationship data which is specific to the first specialized runtime.
  - 8. The method of claim 5 wherein the configuring data step further comprises the step of configuring requestor specific data.
  - 9. The method of claim 7 wherein global identity provider default configuration data is overridden by the configured federation relationship data.
  - 10. The method of claim 8 wherein global identity provider default configuration data or federation relationship data is overridden by the configured requestor specific data.

11. A system including memory and processor for providing federated functionality within a data processing system, the system comprising:
- a processor;
  
  a memory for storing instructions, the instructions which when executed by the processor, perform the method comprising;
  
  receiving a first request at a first computing system for federation services from an identity provider, wherein the first request is made by a first requester;
  
  initializing an instance of an application to provide requested federation services for the first requester, the instance of the application resulting in a first specialized runtime which is specialized according to configuration data of a federation relationship of the first requestor with the identity provider, wherein the configuration data is dynamically retrieved during initialization of the runtime; and
  
  providing the requested federation services using the specialized runtime.
- View Dependent Claims (13, 14, 15)
- - 13. The system of claim 11, wherein the identity provider provides federation services for a plurality of requesters, and the method further comprises:
    - initializing a plurality of specialized runtimes which provide requested federation services for the requestors according to configuration data of respective federation relationships of the requesters with the identity provider, wherein the configuration data is dynamically retrieved during initialization of the runtimes; and
      
      providing the requested federation services to each requestor by routing requests to appropriate a specialized runtime according to a requester identity and a federation relationship.
  - 14. The system of claim 13 wherein the first specialized runtime also provides federation services to a second requestor and is also initialized according to configuration data of a federation relationship of the second requester with the identity provider.
  - 15. The system of claim 13 wherein a second specialized runtime provides federation services to a third requestor and is initialized according to configuration data of a federation relationship of the third requester with the identity provider, and wherein the federation services provided by the first and second specialized runtimes are substantially identical.

12. A computer program product in a computer storage medium for providing federated functionality within a data processing system, the product which when executed by the processor, performing the method comprising:
- receiving a first request at a first computing system for federation services from an identity provider, wherein the first request is made by a first requester;
  
  initializing an instance of an application to provide requested federation services for the first requester, the instance of the application resulting in a first specialized runtime which is specialized according to configuration data of a federation relationship of the first requestor with the identity provider, wherein the configuration data is dynamically retrieved during initialization of the runtime; and
  
  providing the requested federation services using the specialized runtime.
- View Dependent Claims (16, 17, 18)
- - 16. The product of claim 12, wherein the identity provider provides federation services for a plurality of requesters, and the method further comprises:
    - initializing a plurality of specialized runtimes which provide requested federation services for the requesters according to configuration data of respective federation relationships of the requesters with the identity provider, wherein the configuration data is dynamically retrieved during initialization of the runtimes; and
      
      providing the requested federation services to each requestor by routing requests to appropriate a specialized runtime according to a requester identity and a federation relationship.
  - 17. The product of claim 12 wherein the first specialized runtime also provides federation services to a second requestor and is also initialized according to configuration data of a federation relationship of the second requester with the identity provider.
  - 18. The product of claim 12 wherein a second specialized runtime provides federation services to a third requestor and is initialized according to configuration data of a federation relationship of the third requestor with the identity provider, and wherein the federation services provided by the first and second specialized runtimes are substantially identical.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Wardrop, Patrick Ryan, Milman, Ivan Matthew, Hinton, Heather Maria, Falola, Dolapo Martin, Moran, Anthony Scott

Granted Patent

US 8,181,225 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/226
CPC Class Codes

H04L 63/0815 providing single-sign-on or...

H04L 67/30 Profiles

Specializing Support For A Federation Relationship

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

114 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Specializing Support For A Federation Relationship

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

114 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others