System and method for secure web server gateway access using credential transform
First Claim
Patent Images
1. A middle-tier server (MTS) with facilities for automatically authenticating a request for a protected upper-tier resource, said MTS comprising:
- an input facility that receives a request from a user at a lower-tier client requiring access to at least one upper-tier resource;
a first application program interface (API) that performs middle-tier authentication;
a second API that performs upper-tier authentication; and
a server program that;
utilizes said first API to associate a middle-tier user credential with said request if no middle-tier user credential is associated with said request;
utilizes said second API to associate an upper-tier user credential with said request if said middle-tier user credential is associated with said request and no upper-tier user credential is associated with said request; and
utilizes said upper-tier user credential to access said at least one upper-tier resource if said middle-tier user credential and said upper-tier user credential are associated with said request and then returns a response from said upper-tier resource to said lower-tier client.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for controlling client access to enterprise resources through a middle tier server. Enterprise resource authorizations are maintained in a middle tier server. Users authenticate with the server causing it to map and transform the client access authorization into enterprise resource credentials. Enterprise resources are accessed after authorizing using the transformed credentials.
312 Citations
21 Claims
-
1. A middle-tier server (MTS) with facilities for automatically authenticating a request for a protected upper-tier resource, said MTS comprising:
-
an input facility that receives a request from a user at a lower-tier client requiring access to at least one upper-tier resource; a first application program interface (API) that performs middle-tier authentication; a second API that performs upper-tier authentication; and a server program that; utilizes said first API to associate a middle-tier user credential with said request if no middle-tier user credential is associated with said request; utilizes said second API to associate an upper-tier user credential with said request if said middle-tier user credential is associated with said request and no upper-tier user credential is associated with said request; and utilizes said upper-tier user credential to access said at least one upper-tier resource if said middle-tier user credential and said upper-tier user credential are associated with said request and then returns a response from said upper-tier resource to said lower-tier client. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method in a middle-tier server for automatically authenticating a request for a protected upper-tier resource, said method comprising:
-
receiving, at server software executing on a middle-tier server (MTS), a request from a user at a lower-tier client requiring access to at least one upper-tier resource; if no middle-tier user credential is associated with said request, associating said middle-tier user credential with said request by utilizing a first application program interface (API) of said MTS to perform middle-tier authentication of said request; if said middle-tier user credential is associated with said request and no upper-tier user credential is associated with said request, associating said upper-tier user credential with said request by utilizing a second API of said MTS to perform upper-tier authentication of said request; and if said middle-tier user credential and said upper-tier user credential are associated with said request, utilizing said upper-tier user credential to access said at least one upper-tier resource and, thereafter, returning a response from said upper-tier resource to said lower-tier client. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A program product that enables a middle-tier server (MTS) to authenticate a request for a protected upper-tier resource automatically, said program product comprising:
-
an input facility that receives a request from a user at a lower-tier client requiring access to at least one upper-tier resource; a first application program interface (API) that performs middle-tier authentication; a second API that performs upper-tier authentication; a server program that; utilizes said first API to associate a middle-tier user credential with said request if no middle-tier user credential is associated with said request; utilizes said second API to associate an upper-tier user credential with said request if said middle-tier user credential is associated with said request and no upper-tier user credential is associated with said request; and utilizes said upper-tier user credential to access said at least one upper-tier resource if said middle-tier user credential and said upper-tier user credential are associated with said request and then returns a response from said upper-tier resource to said lower-tier client; and a computer usable medium encoding said input facility, said first API, said second API, and said server program. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification