Method and system to integrate existing user and group definitions in a database server with heterogeneous application servers
First Claim
1. A method for sharing registry information among a plurality of heterogeneous servers, comprising the steps of:
- creating a database registry such that registry information is separated into first registry information that is common to a plurality of applications running on said plurality of heterogeneous servers and second registry information that is specific to ones of said plurality of applications, wherein said first registry information is stored in a common registry and said second registry information is stored in respective second registries associated with respective applications;
responsive to receiving a request to authenticate a user in said database registry, constructing a credential of the user; and
selectively allowing access to a resource based on the credential of the user and a protection policy applied to the resource in an object name space associated with a first server of said plurality of users.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system for sharing existing user and group registry information between heterogeneous application servers is provided. The method and system make use of an adapter that communicates with each registry associated with each application server through a registry communication mechanism. In a preferred embodiment, the present invention provides an additional application-specific database to protect application-specific data that is required for each application server'"'"'s operation but is not part of an existing database registry. Both the application-specific databases and existing user and group definitions in a user and group registry form a new registry abstraction which is required for each application server. As a result, each application server automatically shares user and group definitions with the existing database server. Furthermore, both the database server and each application server maintain a centralized user and group management model across different application domains.
15 Citations
26 Claims
-
1. A method for sharing registry information among a plurality of heterogeneous servers, comprising the steps of:
-
creating a database registry such that registry information is separated into first registry information that is common to a plurality of applications running on said plurality of heterogeneous servers and second registry information that is specific to ones of said plurality of applications, wherein said first registry information is stored in a common registry and said second registry information is stored in respective second registries associated with respective applications; responsive to receiving a request to authenticate a user in said database registry, constructing a credential of the user; and selectively allowing access to a resource based on the credential of the user and a protection policy applied to the resource in an object name space associated with a first server of said plurality of users. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system, comprising:
-
a bus system; a memory, including a set of instructions, connected to the bus system; and a processing unit, connected to said memory and to a database registry constructed such that registry information is separated into first registry information that is common to a plurality of applications running on said plurality of heterogeneous servers and second registry information that is specific to ones of said plurality of applications, wherein said first registry information is stored in a common registry and said second registry information is stored in respective second registries associated with respective applications; responsive to receiving a request to authenticate a user in said database registry, constructing a credential of the user; and selectively allowing access to a resource based on the credential of the user and a protection policy applied to the resource in an object name space associated with a first server of said plurality of servers.
-
-
14. A system for integrating a plurality of servers, comprising:
-
a database registry constructed such that registry information is separated into first registry information that is common to a plurality of applications running on said plurality of heterogeneous servers and second registry information that is specific to ones of said plurality of applications, wherein said first registry information is stored in a common registry and said second registry information is stored in respective second registries associated with respective applications; constructing means, responsive to receiving a request to authenticate a user in said database registry, for constructing a credential of the user; and accessing means for selectively allowing access to a resource based on the credential of the user and a protection policy applied to the resource in an object name space associated with a first server if said plurality of servers.
-
-
15. A computer program product stored in a computer-readable medium for sharing registry information among a plurality of heterogeneous servers, comprising:
-
instructions for creating a database registry such that registry information is separated into first registry information that is common to a plurality of applications running on said plurality of heterogeneous servers and second registry information that is specific to ones of said plurality of applications, wherein said first registry information is stored in a common registry and said second registry information is stored in respective second registries associated with respective applications; instructions, responsive to receiving a request to authenticate a user in said database registry, for constructing a credential of the user; and instructions for selectively allowing access to a resource based on the credential of the user and a protection policy applied to the resource in an object name space associated with a first server of said plurality of users. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification