PLUGGABLE TOKEN PROVIDER MODEL TO IMPLEMENT AUTHENTICATION ACROSS MULTIPLE WEB SERVICES
First Claim
1. A method to be executed at least in part in a computing device for message level authentication across multiple web services through a pluggable token provider model, the method comprising:
- receiving a web service request from a local web service component at a client application;
locating metadata associated with the requested web service, wherein the metadata includes information associated with execution and authentication of the requested web service;
if a credential is associated with the requested web service, retrieving the credential;
retrieving a token associated with the retrieved credential;
authenticating the requested web service based on the retrieved token; and
if the authentication is successful, performing the requested web service.
2 Assignments
0 Petitions
Accused Products
Abstract
A pluggable token provider model for message level authentication across multiple web services is provided. Web service and token provider implementations within a client application are separated from an actual component that operates the business logic to formulate and understand a web request. The web service components may request web services to be executed and supply the body for the web service message while a common framework maintains the web services metadata, which includes definitions associated with respective tokens. The framework may further maintain token provider implementations that actually fetch authentication tokens and perform the web requests.
50 Citations
20 Claims
-
1. A method to be executed at least in part in a computing device for message level authentication across multiple web services through a pluggable token provider model, the method comprising:
-
receiving a web service request from a local web service component at a client application; locating metadata associated with the requested web service, wherein the metadata includes information associated with execution and authentication of the requested web service; if a credential is associated with the requested web service, retrieving the credential; retrieving a token associated with the retrieved credential; authenticating the requested web service based on the retrieved token; and if the authentication is successful, performing the requested web service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A unified communication system employing message level authentication across multiple web services through a pluggable token provider model, the system comprising:
-
a server configured to; manage communications between internal and external resources of the unified communication system and a plurality of client applications; a client device executing a client application, the client application including; at least one web service component; at least one token provider component representing token issuers interacting with the client application; a metadata model component for retrieving metadata from a web service, wherein the metadata includes information associated with execution and authentication of a requested web service; and a web service manager component configured to; retrieve the metadata from the metadata model component, cycle through a plurality of bindings parsed from the metadata by the metadata model component, select one of the bindings based on the requested web service and associated authentication type, and construct an actual web service request. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A computer-readable storage medium with instructions stored thereon for employing message level authentication across multiple web services through a pluggable token provider model, the instructions comprising:
-
receiving a payload of a web service call to be made from a web service component of a client application; extracting a base identifier of the call; calling into a metadata model component requesting web service metadata; upon retrieval of the metadata, cycling thorough available bindings in the metadata; selecting an appropriate binding based on a requested operation and an authentication type depending on a credential associated with the requested web service; and fetching a token associated with the credential such that an actual web service request is constructed. - View Dependent Claims (18, 19, 20)
-
Specification