USER AUTHENTICATION FOR INTERMEDIATE REPRESENTATIONAL STATE TRANSFER (REST) CLIENT VIA CERTIFICATE AUTHORITY
First Claim
1. A computer program product, the computer program product being tangibly embodied on a computer-readable storage medium and including executable code that, when executed, is configured to cause at least one data processing apparatus to:
- receive a resource request at a representational state transfer (REST) client from a user, the resource request including a user ID;
determine, by the REST client, a key pair including a public key and a corresponding private key that are associated with the user ID;
obtain, by the REST client, a certificate associated with the user ID that is signed by a certificate authority and based on at least the user ID and the public key associated with the user ID;
impersonate, by the REST client, the user to a REST server using the certificate and the private key associated with the user ID; and
access, by the REST client on behalf of the user, using a stateless protocol with the REST server, the requested resource.
2 Assignments
0 Petitions
Accused Products
Abstract
The present description refers to a computer implemented method, computer program product, and computer system for receiving a resource request at a representational state transfer (REST) client from a user, the resource request including a user ID, determining, by the REST client, a key pair including a public key and a corresponding private key that are associated with the user ID, obtaining, by the REST client, a certificate associated with the user ID that is signed by a certificate authority and based on at least the user ID and the public key associated with the user ID, impersonating, by the REST client, the user to a REST server using the certificate and the private key associated with the user ID, and accessing, by the REST client on behalf of the user, using a stateless protocol with the REST server, the requested resource.
45 Citations
20 Claims
-
1. A computer program product, the computer program product being tangibly embodied on a computer-readable storage medium and including executable code that, when executed, is configured to cause at least one data processing apparatus to:
-
receive a resource request at a representational state transfer (REST) client from a user, the resource request including a user ID; determine, by the REST client, a key pair including a public key and a corresponding private key that are associated with the user ID; obtain, by the REST client, a certificate associated with the user ID that is signed by a certificate authority and based on at least the user ID and the public key associated with the user ID; impersonate, by the REST client, the user to a REST server using the certificate and the private key associated with the user ID; and access, by the REST client on behalf of the user, using a stateless protocol with the REST server, the requested resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer implemented method comprising:
-
receiving a resource request at a representational state transfer (REST) client from a user, the resource request including a user ID; determining, by the REST client, a key pair including a public key and a corresponding private key that are associated with the user ID; obtaining, by the REST client, a certificate associated with the user ID that is signed by a certificate authority and based on at least the user ID and the public key associated with the user ID; impersonating, by the REST client, the user to a REST server using the certificate and the private key associated with the user ID; and accessing, by the REST client on behalf of the user, using a stateless protocol with the REST server, the requested resource. - View Dependent Claims (15, 16, 17)
-
-
18. An apparatus comprising:
-
a transceiver configured to receive a resource request at a representational state transfer (REST) client from a user, the resource request including a user ID; key determination logic configured to determine, by the REST client, a key pair including a public key and a corresponding private key that are associated with the user ID; certificate acquisition logic configured to obtain, by the REST client, a certificate associated with the user ID that is signed by a certificate authority and based on at least the user ID and the public key associated with the user ID; impersonating logic configured to impersonate, by the REST client, the user to a REST server using the certificate and the private key associated with the user ID; and accessing logic configured to access, by the REST client on behalf of the user, using a stateless protocol with the REST server, the requested resource. - View Dependent Claims (19, 20)
-
Specification