×

Post data processing

  • US 7,249,369 B2
  • Filed: 02/26/2001
  • Issued: 07/24/2007
  • Est. Priority Date: 07/10/2000
  • Status: Expired due to Term
First Claim
Patent Images

1. A method for matching a policy to a resource in an Access System, comprising:

  • receiving from a requestor a first HTTP POST request to access a first resource;

    loading a first policy domain from a plurality of policy domains based on said first resource wherein said first policy domain comprises a logical grouping of a first set of resources and a plurality of policies, each policy of the plurality of policies comprising a plurality of access rules including at least one first level rule defining a default access rule for resources of the first policy domain not associated with a policy and at least one second level rule defining an access rule for an associated resource of the first set of resources, wherein each access rule includes an authentication rule having an associated rating indicting a relative strength of the authentication rule;

    choosing a first policy from the plurality of policies in the first policy domain by matching said first policy to said first resource based on POST data referenced by said first HTTP POST request;

    authentication said first HTTP POST request based on said authentication rule of said first policy;

    in response to authenticating said first HTTP POST request, authorizing said first HTTP POST request based on said first policy;

    receiving from the requestor a second HTTP POST request to access a second resource;

    loading a second policy domain from the plurality of policy domains based on said second resource wherein said second policy domain comprises a logical grouping of a second set of resources and a plurality of policies, each policy of the plurality of policies comprising a plurality of access rules including at least one first level rule defining a default access rule for resources of the second policy domain not associated with apolicy and at least one second level rule defining an access rule for an associated resource of the second set of resources, wherein each access rule includes an authentication rule having an associated rating indicting a relative strength of the authentication rule;

    choosing a second policy from the plurality of policies in the second policy domain by matching said second policy to said second resource based on POST data referenced by said second HTTP POST request;

    in response to the associated rating of the authentication rule of the first policy being less than the associated rating of the authentication rule of the second policy, authenticating the second HTTP POST request based on said authentication rule of said second policy and authorizing said second HTTP POST request based on said second policy; and

    in response to the associated rating of the authentication rule of the first policy being equal to or greater than the associated rating of the authentication rule of the second policy, authorizing said second HTTP POST request based on said second policy without authenticating the second HTTP POST request.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×