Java application framework for use in a content delivery network (CDN)
First Claim
1. In an apparatus for use in a content delivery network, the apparatus having a processor, a virtual machine and platform-independent application server code, the improvement comprising:
- a set of one or more platform-independent code components each of which are capable of being executed by the platform-independent application server code;
an edge server process for instantiating a set of one application server code instances, each application server code instance capable of executing a given platform-independent code component;
an application programming interface (API) for interfacing the edge server process to each application server code instance and the given platform-independent code component executing thereon;
a wrapper process responsive to a given application processing request for initializing the API and starting an application server code instance to handle the request using the given platform-independent code component;
a monitoring process to monitor the application server code instances and, responsive to said monitoring, to terminate any application server code instance that attempts to over-utilize a given resource, wherein the given resource is one of;
an amount of system memory, an amount of processor time consumed, a number of disk operations, and a number of open network sockets; and
an enforcing process to enforce one or more security restrictions on each given platform-independent code component executing in a given application server instance, wherein a security restriction is one of;
a restriction on file system reading or writing, a restriction on opening or closing a socket, a restriction on starting, stopping or modifying a thread, a restriction on running or loading code associated with another platform-independent code component, a restriction on loading data associated with another platform-independent code component, and a restriction on making native kernel calls.
2 Assignments
0 Petitions
Accused Products
Abstract
An application deployment model for enterprise applications to enable such applications to be deployed to and executed from a globally distributed computing platform, such as an Internet content delivery network (CDN). According to the invention, application developers separate their Web application into two layers: a highly distributed edge layer and a centralized origin layer. In a representative embodiment, the edge layer supports a servlet container that executes a Web tier, typically the presentation layer of a given Java-based application. Where necessary, the edge layer communicates with code running on an origin server to respond to a given request. In an alternative embodiment, the edge layer supports a more fully-provisioned application server that executes both Web tier (e.g., presentation) and Enterprise tier application (e.g., business logic) components. In either case, the inventive framework enables one or more different applications to be deployed to and executed from the edge server on behalf of one or more respective entities.
-
Citations
17 Claims
-
1. In an apparatus for use in a content delivery network, the apparatus having a processor, a virtual machine and platform-independent application server code, the improvement comprising:
-
a set of one or more platform-independent code components each of which are capable of being executed by the platform-independent application server code; an edge server process for instantiating a set of one application server code instances, each application server code instance capable of executing a given platform-independent code component; an application programming interface (API) for interfacing the edge server process to each application server code instance and the given platform-independent code component executing thereon; a wrapper process responsive to a given application processing request for initializing the API and starting an application server code instance to handle the request using the given platform-independent code component; a monitoring process to monitor the application server code instances and, responsive to said monitoring, to terminate any application server code instance that attempts to over-utilize a given resource, wherein the given resource is one of;
an amount of system memory, an amount of processor time consumed, a number of disk operations, and a number of open network sockets; andan enforcing process to enforce one or more security restrictions on each given platform-independent code component executing in a given application server instance, wherein a security restriction is one of;
a restriction on file system reading or writing, a restriction on opening or closing a socket, a restriction on starting, stopping or modifying a thread, a restriction on running or loading code associated with another platform-independent code component, a restriction on loading data associated with another platform-independent code component, and a restriction on making native kernel calls. - View Dependent Claims (2, 3, 4, 5, 10, 11, 12, 13, 14)
-
-
6. An apparatus for use in a content delivery network operated by a service provider on behalf of one or more customer entities, comprising:
-
a processor; a Java virtual machine; a servlet container; a set or one or more Java code components each of which are capable of being executed by the servlet container; an edge server process for instantiating a set of servlet container instances, each servlet container instance capable of executing a given Java code component on behalf of a given customer entity; an application programming interface (API) for interfacing a given application processing request to the servlet container instance and the Java code component; a wrapper process responsive to a given application processing request for initializing the API and starting an servlet code instance to handle the request using the given Java code component; a monitoring process to monitor the servlet container instances and, responsive to said monitoring, to terminate any servlet container instance that attempts to over-utilize a given resource, wherein the given resource is one of;
an amount of system memory, an amount of processor tune consumed, a number of disk operations, and a number of open network sockets; andan enforcing process to enforce one or more security, restrictions on each given Java code component executing in a given servlet container instance, wherein a security restriction is one of;
a restriction on file system reading or writing, a restriction on opening or closing a socket, a restriction on starting, stopping or modifying a thread, a restriction on running or loading code associated with another Java code component, a restriction on loading data associated with another Java code component, and a restriction on making native kernel calls. - View Dependent Claims (7, 8, 9, 15, 16, 17)
-
Specification