Securing Asynchronous Client Server Transactions
First Claim
1. A computer implemented method for securing asynchronous client server transactions, the computer implemented method comprising:
- receiving a request at a first application executing in a data processing system, the request including an application identifier and a version associated with a second application;
generating a service identifier responsive to a session with the second application being valid;
generating a registry at the first application, the registry including information about a set of services and data that the second application is permitted to use;
generating a catalog based on the registry, the catalog including a transformed subset of the registry; and
sending the service identifier and the catalog to the second application.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, system, and computer usable program product for securing asynchronous client server transactions are provided in the illustrative embodiments. A request including an application identifier and a version of a second application is received at a first application. A service identifier is generated if a session with the second application is valid. A registry is generated at the first application. A catalog is generated based on the registry and the service identifier and the catalog are sent to the second application. A sub-request including the service identifier is received as part of an asynchronous client server transaction. Validity of the sub-request is determined by determining whether the service identifier has expired, whether the sub-request requests a service that is permissible according to the catalog, whether the service identifier is used in conjunction with the second application, or a combination thereof. If the sub-request is valid, the service is provided.
-
Citations
28 Claims
-
1. A computer implemented method for securing asynchronous client server transactions, the computer implemented method comprising:
-
receiving a request at a first application executing in a data processing system, the request including an application identifier and a version associated with a second application; generating a service identifier responsive to a session with the second application being valid; generating a registry at the first application, the registry including information about a set of services and data that the second application is permitted to use; generating a catalog based on the registry, the catalog including a transformed subset of the registry; and sending the service identifier and the catalog to the second application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer implemented method for securing asynchronous client server transactions, the computer implemented method comprising:
-
receiving, from a first application, at a second application executing in a data processing system, a security identifier and a catalog responsive to sending an application identifier and an application version associated with the second application, the catalog including a transformed subset of a registry associated with the first application; dynamically constructing a sub-request, the sub-request being a part of an asynchronous client server transaction, the sub-request including the service identifier, and the sub-request further including a request for a service from the catalog; receiving, responsive to the sub-request being valid according to the first application, data associated with the service. - View Dependent Claims (12, 13)
-
-
14. A computer usable program product comprising a computer usable storage medium including computer usable code for securing asynchronous client server transactions, the computer usable code comprising:
-
computer usable code for receiving a request at a first application executing in a data processing system, the request including an application identifier and a version associated with a second application; computer usable code for generating a service identifier responsive to a session with the second application being valid; computer usable code for generating a registry at the first application, the registry including information about a set of services and data that the second application is permitted to use; computer usable code for generating a catalog based on the registry, the catalog including a transformed subset of the registry; and computer usable code for sending the service identifier and the catalog to the second application. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A data processing system for securing asynchronous client server transactions, the data processing system comprising:
-
a storage device including a storage medium, wherein the storage device stores computer usable program code; and a processor, wherein the processor executes the computer usable program code, and wherein the computer usable program code comprises; computer usable code for receiving, from a first application, at a second application executing in a data processing system, a security identifier and a catalog responsive to sending an application identifier and an application version associated with the second application, the catalog including a transformed subset of a registry associated with the first application; computer usable code for dynamically constructing a sub-request, the sub-request being a part of an asynchronous client server transaction, the sub-request including the service identifier, and the sub-request further including a request for a service from the catalog; and
computer usable code for receiving, responsive to the sub-request being valid according to the first application, data associated with the service. - View Dependent Claims (27, 28)
-
Specification