Security architecture for integration of enterprise information system with J2EE platform
First Claim
1. A method of providing security in a computer system having a client, an application server, an application component, a resource adapter and a principal mapping module, and a subject instance having the method comprising the steps of:
- invoking a connection request method by the application component on the resource adapter without passing in any security arguments;
the resource adapter passes the connection request to the application server via a connection factory;
the application server is configured to use the principal mapping module such that the principal mapping module takes the subject instance with a caller principal and returns the subject instance with a valid resource principal and password credential instance to the application server; and
an enterpriseestablishing a managed connection between the application server and the enterprise information system using the valid resource principal and password credential instance generated by the principle mapping module.
2 Assignments
0 Petitions
Accused Products
Abstract
A standard for security management in a client server computer system is disclosed. In one aspect, the present invention specifies a security contract between an application server and a resource adapter, supporting access to an enterprise information system by passing a connection request from the resource adapter to the application server, propagating a a security context from the application server to the resource adapter. The security contract includes a subject class representing a grouping of related information for a single entity, and security-related attributes of the subject class.
268 Citations
6 Claims
-
1. A method of providing security in a computer system having a client, an application server, an application component, a resource adapter and a principal mapping module, and a subject instance having the method comprising the steps of:
-
invoking a connection request method by the application component on the resource adapter without passing in any security arguments; the resource adapter passes the connection request to the application server via a connection factory; the application server is configured to use the principal mapping module such that the principal mapping module takes the subject instance with a caller principal and returns the subject instance with a valid resource principal and password credential instance to the application server; and
an enterpriseestablishing a managed connection between the application server and the enterprise information system using the valid resource principal and password credential instance generated by the principle mapping module. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification
-
- Resources
-
Current AssigneeOracle America, Inc. (Oracle Corporation)
-
Original AssigneeSun Microsystems Incorporated (Oracle Corporation)
-
InventorsSharma, Rahul
-
Primary Examiner(s)Barron, Jr., Gilberto
-
Assistant Examiner(s)NOBAHAR, ABDULHAKIM
-
Application NumberUS09/578,346Time in Patent Office2,267 DaysField of Search713/201, 713/155, 713/167US Class Current726/4CPC Class CodesG06F 21/335 for accessing specific reso...H04L 63/0807 using tickets, e.g. Kerbero...H04L 63/105 Multiple levels of security
