User Role Mapping in Web Applications
First Claim
Patent Images
1. A method comprising:
- storing a plurality of application role mappings at a reverse proxy server, each application role mapping defining an application resource that a web application is allowed to access;
receiving a user request for a first web application at the reverse proxy server, the first web application being associated with at least one of the plurality of stored role mappings;
based upon the at least one of the plurality of stored application role mappings, determining a proper first user role for the web application requested by the user at the reverse proxy server;
sending the determined first user role as part of a HTTP header to the web application;
wherein the web application uses the user role without doing an independent mapping of the user to a role;
generating a display of the first web application suitable for use according to the determined first user role for the web application; and
providing the generated display to the user that requested the first web application.
1 Assignment
0 Petitions
Accused Products
Abstract
Roles and policies are used to provide display and access to data in a flexible manner. Users and/or web applications can be mapped to user roles that dictate which displays or other application resources are available to the user or application. Roles are assigned to web applications individually, allowing for user roles to be used without requiring an independent mapping of users to roles. In some cases, application roles can be centrally managed, so that presentation systems also avoid the need for an independent mapping of user or application roles.
-
Citations
18 Claims
-
1. A method comprising:
-
storing a plurality of application role mappings at a reverse proxy server, each application role mapping defining an application resource that a web application is allowed to access; receiving a user request for a first web application at the reverse proxy server, the first web application being associated with at least one of the plurality of stored role mappings; based upon the at least one of the plurality of stored application role mappings, determining a proper first user role for the web application requested by the user at the reverse proxy server; sending the determined first user role as part of a HTTP header to the web application;
wherein the web application uses the user role without doing an independent mapping of the user to a role;generating a display of the first web application suitable for use according to the determined first user role for the web application; and providing the generated display to the user that requested the first web application. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system comprising:
-
a storage medium storing a plurality of application role mappings, each application role mapping defining an application resource that a web application is allowed to access; a server in communication with the storage medium, the server adapted to; receive a user request for a first web application at the reverse proxy server, the first web application being associated with at least one of the plurality of stored role mappings; based upon the at least one of the plurality of stored application role mappings, determine a proper first user role for the web application requested by the user at the reverse proxy server; send the determined first user role as part of a HTTP header to the web application;
wherein the web application uses the user role without doing an independent mapping of the user to a role;generate a presentation of the first web application suitable for use according to the determined first user role for the web application; and provide the generated presentation to the user that requested the first web application. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable storage medium storing a plurality of instructions that cause a processor to:
-
store a plurality of application role mappings, each application role mapping defining an application resource that a web application is allowed to access; receive a user request for a first web application at the reverse proxy server, the first web application being associated with at least one of the plurality of stored role mappings; based upon the at least one of the plurality of stored application role mappings, determine a proper first user role for the web application requested by the user at the reverse proxy server; send the determined first user role as part of a HTTP header to the web application;
wherein the web application uses the user role without doing an independent mapping of the user to a role;generate a presentation of the first web application suitable for use according to the determined first user role for the web application; and provide the generated presentation to the user that requested the first web application. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification