SIMPLIFYING DETERMINATION OF THE GROUPS TO WHICH USERS BELONG WHEN USING DYNAMIC GROUPS
First Claim
1. A computing system comprising:
- an identity management server to process membership requests related to a plurality of dynamic groups based on a user data and a plurality of rules;
a collaboration system to execute an application requiring a set of dynamic groups to which a user belongs, wherein said set of dynamic groups is contained in said plurality of dynamic groups; and
a search tool operable to;
maintain a cache data indicating which of a plurality of users are members of which of said plurality of dynamic groups;
receive a membership request from said application, said membership request requesting said set of dynamic groups to which said user belongs;
examine said cache data to determine said set of dynamic groups to which said user belongs; and
send a response to said application indicating that said user belongs to said set of dynamic groups,wherein said cache data is maintained before said search tool receives said membership request.
1 Assignment
0 Petitions
Accused Products
Abstract
A search tool provided according to an aspect of the present invention maintains a cache data indicating which users are members of which dynamic groups. When a membership request is received requesting a set of dynamic groups to which a user belongs, the search tool examines the cache data to determine the set of dynamic groups to which the user belongs and sends the determined groups as a response to the membership request. According to another aspect of the present invention, the search tool may store an include list and an exclude list, respectively indicating the users to be included and excluded from each dynamic group. The lists are inspected in forming the set of dynamic groups to which the user belongs.
28 Citations
20 Claims
-
1. A computing system comprising:
-
an identity management server to process membership requests related to a plurality of dynamic groups based on a user data and a plurality of rules; a collaboration system to execute an application requiring a set of dynamic groups to which a user belongs, wherein said set of dynamic groups is contained in said plurality of dynamic groups; and a search tool operable to; maintain a cache data indicating which of a plurality of users are members of which of said plurality of dynamic groups; receive a membership request from said application, said membership request requesting said set of dynamic groups to which said user belongs; examine said cache data to determine said set of dynamic groups to which said user belongs; and send a response to said application indicating that said user belongs to said set of dynamic groups, wherein said cache data is maintained before said search tool receives said membership request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
4. The computing system of claim 1, said search tool is further operable to:
-
store an include list and an exclude list, respectively indicating a corresponding set of users to be include and excluded for each dynamic group; and inspect said include list and said exclude list to determine whether any dynamic groups are to be respectively included in and excluded from said set of dynamic groups for said user.
-
-
5. The computing system of claim 4, wherein said search tool performs said inspect after said examine.
-
6. The computing system of claim 4, wherein said examine and said inspect are performed using a single SQL query.
-
7. The computing system of claim 1, wherein said user data contains attributes and corresponding values related to a plurality of users and each of said plurality of rules specifies a criteria to be used to include each user as a member of a corresponding dynamic group,
wherein said identity management server processes a second membership request requesting groups to which a second user belongs by first determining a corresponding list of members for each of said plurality of dynamic groups using said user data and the corresponding rule, and then checking which of said lists of members includes said second user to identify the dynamic groups to which said second user belongs. -
8. The computing system of claim 7, wherein to perform said maintain, said search tool is operable to:
-
receive a notification from said identity management server upon any change to said user data or said plurality of rules; and update said cache data according to the change indicated in said notification.
-
-
9. The computing system of claim 8, wherein said search tool is provided within said identity management server.
-
-
10. A method of determining dynamic groups to which users belong, said method comprising:
-
maintaining a cache data indicating which of a plurality of users are members of which of a plurality of dynamic groups; receiving a membership request requesting a set of dynamic groups to which a user belongs; examining said cache data to determine said set of dynamic groups to which said user belongs; and sending a response to said membership request indicating that said user belongs to said set of dynamic groups, wherein said maintaining is performed prior to receiving said membership request. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A machine readable medium carrying one or more sequences of instructions for causing a system to determine dynamic groups to which users belong, wherein execution of said one or more sequences of instructions by one or more processors contained in said system causes said system to perform the actions of:
-
maintaining a cache data indicating which of a plurality of users are members of which of a plurality of dynamic groups; receiving a membership request requesting a set of dynamic groups to which a user belongs; examining said cache data to determine said set of dynamic groups to which said user belongs; and sending a response to said membership request indicating that said user belongs to said set of dynamic groups, wherein said maintaining is performed prior to receiving said membership request. - View Dependent Claims (17, 18, 19, 20)
-
Specification