SIMPLIFYING DETERMINATION OF THE GROUPS TO WHICH USERS BELONG WHEN USING DYNAMIC GROUPS

US 20100205193A1
Filed: 02/11/2009
Published: 08/12/2010
Est. Priority Date: 02/11/2009
Status: Active Grant

First Claim

Patent Images

1. A computing system comprising:

an identity management server to process membership requests related to a plurality of dynamic groups based on a user data and a plurality of rules;

a collaboration system to execute an application requiring a set of dynamic groups to which a user belongs, wherein said set of dynamic groups is contained in said plurality of dynamic groups; and

a search tool operable to;

maintain a cache data indicating which of a plurality of users are members of which of said plurality of dynamic groups;

receive a membership request from said application, said membership request requesting said set of dynamic groups to which said user belongs;

examine said cache data to determine said set of dynamic groups to which said user belongs; and

send a response to said application indicating that said user belongs to said set of dynamic groups,wherein said cache data is maintained before said search tool receives said membership request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A search tool provided according to an aspect of the present invention maintains a cache data indicating which users are members of which dynamic groups. When a membership request is received requesting a set of dynamic groups to which a user belongs, the search tool examines the cache data to determine the set of dynamic groups to which the user belongs and sends the determined groups as a response to the membership request. According to another aspect of the present invention, the search tool may store an include list and an exclude list, respectively indicating the users to be included and excluded from each dynamic group. The lists are inspected in forming the set of dynamic groups to which the user belongs.

28 Citations

View as Search Results

20 Claims

1. A computing system comprising:
- an identity management server to process membership requests related to a plurality of dynamic groups based on a user data and a plurality of rules;
  
  a collaboration system to execute an application requiring a set of dynamic groups to which a user belongs, wherein said set of dynamic groups is contained in said plurality of dynamic groups; and
  
  a search tool operable to;
  
  maintain a cache data indicating which of a plurality of users are members of which of said plurality of dynamic groups;
  
  receive a membership request from said application, said membership request requesting said set of dynamic groups to which said user belongs;
  
  examine said cache data to determine said set of dynamic groups to which said user belongs; and
  
  send a response to said application indicating that said user belongs to said set of dynamic groups,wherein said cache data is maintained before said search tool receives said membership request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computing system of claim 1, wherein said search tool maintains said cache data as tables in a database server,to perform said examine, said search tool being operable to form and execute an structured query language (SQL) query on said database server to determine said set of dynamic groups to which said user belongs.
  - 3. The computing system of claim 2, wherein said cache data is stored in a table containing respective columns for the identifier of a dynamic group and the identifier of a user, wherein each row of said table indicates the dynamic group to which the user belongs,wherein said SQL query is of the form SELECT Group FROM MemberList WHERE MemberName = ‘
    UserName’
    
    wherein Group and MemberName are names of said respectively columns, MemberList is the name of said table, and UserName is a place holder for the identifier of said user.
- 4. The computing system of claim 1, said search tool is further operable to:
  - store an include list and an exclude list, respectively indicating a corresponding set of users to be include and excluded for each dynamic group; and
    
    inspect said include list and said exclude list to determine whether any dynamic groups are to be respectively included in and excluded from said set of dynamic groups for said user.
- 5. The computing system of claim 4, wherein said search tool performs said inspect after said examine.
- 6. The computing system of claim 4, wherein said examine and said inspect are performed using a single SQL query.
- 7. The computing system of claim 1, wherein said user data contains attributes and corresponding values related to a plurality of users and each of said plurality of rules specifies a criteria to be used to include each user as a member of a corresponding dynamic group,wherein said identity management server processes a second membership request requesting groups to which a second user belongs by first determining a corresponding list of members for each of said plurality of dynamic groups using said user data and the corresponding rule, and then checking which of said lists of members includes said second user to identify the dynamic groups to which said second user belongs.
- 8. The computing system of claim 7, wherein to perform said maintain, said search tool is operable to:
  - receive a notification from said identity management server upon any change to said user data or said plurality of rules; and
    
    update said cache data according to the change indicated in said notification.
- 9. The computing system of claim 8, wherein said search tool is provided within said identity management server.

10. A method of determining dynamic groups to which users belong, said method comprising:
- maintaining a cache data indicating which of a plurality of users are members of which of a plurality of dynamic groups;
  
  receiving a membership request requesting a set of dynamic groups to which a user belongs;
  
  examining said cache data to determine said set of dynamic groups to which said user belongs; and
  
  sending a response to said membership request indicating that said user belongs to said set of dynamic groups,wherein said maintaining is performed prior to receiving said membership request.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10, wherein said maintaining maintains said cache data as tables in a database server,wherein said examining comprises forming and executing an structured query language (SQL) query on said database server to determine said set of dynamic groups to which said user belongs.
  - 12. The method of claim 10, further comprising:
    - storing an include list and an exclude list, respectively indicating a corresponding set of users to be include and excluded for each dynamic group; and
      
      inspecting said include list and said exclude list to determine whether any dynamic groups are to be respectively included in and excluded from said set of dynamic groups for said user.
  - 13. The method of claim 12 wherein said examining and said inspecting are performed using a single SQL query.
  - 14. The method of claim 13, further comprising:
    - storing a user data and a plurality of rules in a identity management server, wherein said user data contains attributes and corresponding values related to a plurality of users and each of said plurality of rules specifies a criteria to be used to include each user as a member of a corresponding dynamic group;
      
      receiveing a second membership request in said identity management server, said second membership request requesting groups to which a second user belongs;
      
      determining a corresponding list of members for each of said plurality of dynamic groups using said user data and the corresponding rule;
      
      checking which of said lists of members includes said second user to identify a second set of dynamic groups to which said second user belongs; and
      
      sending a second response indicating that said second user belongs to said second set of dynamic groups.
  - 15. The method of claim 14, wherein said maintaining is performed in a search tool external to said identity management server, said maintaining further comprising:
    - receiving a notification from said identity management server upon any change to said user data or said plurality of rules; and
      
      updating said cache data in said search tool according to the change indicated in said notification.

16. A machine readable medium carrying one or more sequences of instructions for causing a system to determine dynamic groups to which users belong, wherein execution of said one or more sequences of instructions by one or more processors contained in said system causes said system to perform the actions of:
- maintaining a cache data indicating which of a plurality of users are members of which of a plurality of dynamic groups;
  
  receiving a membership request requesting a set of dynamic groups to which a user belongs;
  
  examining said cache data to determine said set of dynamic groups to which said user belongs; and
  
  sending a response to said membership request indicating that said user belongs to said set of dynamic groups,wherein said maintaining is performed prior to receiving said membership request.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The machine readable medium of claim 16, wherein said maintaining maintains said cache data as tables in a database server,wherein said examining comprises one or more instructions for forming and executing an structured query language (SQL) query on said database server to determine said set of dynamic groups to which said user belongs.
  - 18. The machine readable medium of claim 17, further comprising one or more instructions for:
    - storing an include list and an exclude list, respectively indicating a corresponding set of users to be include and excluded for each dynamic group; and
      
      inspecting said include list and said exclude list to determine whether any dynamic groups are to be respectively included in and excluded from said set of dynamic groups for said user.
  - 19. The machine readable medium of claim 18, further comprising one or more instructions for:
    - storing a user data and a plurality of rules in a identity management server, wherein said user data contains attributes and corresponding values related to a plurality of users and each of said plurality of rules specifies a criteria to be used to include each user as a member of a corresponding dynamic group;
      
      receiveing a second membership request in said identity management server, said second membership request requesting groups to which a second user belongs;
      
      determining a corresponding list of members for each of said plurality of dynamic groups using said user data and the corresponding rule;
      
      checking which of said lists of members includes said second user to identify a second set of dynamic groups to which said second user belongs; and
      
      sending a second response indicating that said second user belongs to said second set of dynamic groups.
  - 20. The machine readable medium of claim 19, wherein said system is external to said identity management server, said maintaining further comprising one or more instructions for:
    - receiving a notification from said identity management server upon any change to said user data or said plurality of rules; and
      
      updating said cache data in said system according to the change indicated in said notification.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Krishna, Jai

Granted Patent

US 8,150,876 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/758
CPC Class Codes

G06F 16/24575 using context

SIMPLIFYING DETERMINATION OF THE GROUPS TO WHICH USERS BELONG WHEN USING DYNAMIC GROUPS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SIMPLIFYING DETERMINATION OF THE GROUPS TO WHICH USERS BELONG WHEN USING DYNAMIC GROUPS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links