Method and apparatus to discover services and negotiate capabilities
First Claim
1. A method for accessing a service in a distributed computing environment, comprising:
- a client locating a first service within the distributed computing environment;
the client requesting a capability credential to allow the client access to a portion of the first service'"'"'s capabilities depending upon the clients authorization;
the client receiving said capability credential;
the client requesting a document that describes the first service'"'"'s interface to access said portion of the first service'"'"'s capabilities;
the client receiving said document, wherein said document comprises information describing how to access no more than said portion of the first service'"'"'s capabilities; and
the client using the information from said document to access the first service.
2 Assignments
0 Petitions
Accused Products
Abstract
A service discovery protocol may allow clients in a distributed computing environment to search for services. Service providers (or a listener agent) may respond to search requests by publishing or providing corresponding service advertisements or URIs to corresponding service advertisements. When a service provider responds to a discovery search request (either directly or through a listener agent), the provider may choose to publish a protected or an un-protected (complete) advertisement. A protected advertisement may include the set of information necessary to obtain a complete advertisement. Publishing a protected advertisement may force the client to obtain a valid credential from an authentication service before receiving the complete un-protected advertisement from the service provider. A complete un-protected advertisement is needed to create a message endpoint for accessing the service. Forcing clients to obtain a valid credential before receiving an advertisement may provide an additional level of security for the service provider. The security credential that may need to be obtained to receive the complete advertisement may also be used to construct a message gate to communicate with the service where the gate embeds the security credential in each message to the service.
-
Citations
40 Claims
-
1. A method for accessing a service in a distributed computing environment, comprising:
-
a client locating a first service within the distributed computing environment;
the client requesting a capability credential to allow the client access to a portion of the first service'"'"'s capabilities depending upon the clients authorization;
the client receiving said capability credential;
the client requesting a document that describes the first service'"'"'s interface to access said portion of the first service'"'"'s capabilities;
the client receiving said document, wherein said document comprises information describing how to access no more than said portion of the first service'"'"'s capabilities; and
the client using the information from said document to access the first service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A client device, comprising:
-
a connection to a distributed computing environment;
an interface coupled to said connection and configured to locate a first service within the distributed computing environment;
wherein said interface is further configured to request over said connection a capability credential to allow access to a portion of the first service'"'"'s capabilities depending upon the clients authorization;
wherein said interface is further configured to receive over said connection said capability credential;
wherein said interface is further configured to request over said, connection a document that describes the first service'"'"'s interface to access said portion of the first service'"'"'s capabilities;
wherein said interface is further configured to receive over said connection said document, wherein said document comprises information describing how to access no more than said portion of the first service'"'"'s capabilities; and
wherein the interface is further configured to use the information from said document to provide a mechanism fro the client device to access the first service. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A carrier medium comprising program instructions, wherein the program instructions are computer-executable on a client device to implement:
-
locating a first service within the distributed computing environment;
requesting a capability credential to allow a client on the client device access to a portion of the first service'"'"'s capabilities depending upon the clients authorization;
receiving said capability credential;
requesting a document that describes the first service'"'"'s interface to access said portion of the first service'"'"'s capabilities;
receiving said document, wherein said document comprises information describing how to access no more than said portion of the first service'"'"'s capabilities; and
using the information from said document to access the first service. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
-
Specification