Method for integrated security roles
First Claim
Patent Images
1. A method of authorizing a client'"'"'s request at a first downstream application, said method comprising:
- generating a matched authorization table entry, the generating including;
receiving a role-mapping requirement wherein the role-mapping requirement includes an upstream security role and a downstream security role, the upstream security role corresponding to an upstream security role identifier;
including the upstream security role identifier in the matched authorization table entry, the matched authorization table entry corresponding to the downstream security role;
determining whether the upstream security role and the downstream security role are equivalent; and
configuring the upstream security role and the downstream security role such that they are equivalent; and
receiving, at the first downstream application, a first application request from an upstream application, wherein the first application request is derived from the client'"'"'s request and includes the upstream security role identifier that was determined by the upstream application;
reading authorization table entries stored in a downstream authorization table accessible from the downstream application;
matching the upstream security role identifier included in the request with at least one of the authorization table entries included in the downstream authorization table;
authorizing the client'"'"'s request in response to the matching;
identifying one or more required downstream security roles wherein each authorization table entry corresponds to at least one of the required downstream security roles;
selecting the required downstream security role that corresponds to the matched authorization table entry;
including the selected required downstream security role in a second application request; and
sending the second application request to a second downstream application.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for integrated security roles is presented. An upstream application includes one or more role-mapping requirements that correspond to an upstream security role and a downstream security role. The upstream security role is expanded by adding an upstream security role identifier in a downstream application'"'"'s role-mapping table or by adding upstream user-to-role mappings to a downstream application'"'"'s role-mapping table. When an upstream security role is expanded, a user assigned to the upstream security role automatically has access to role-mapped downstream applications.
-
Citations
1 Claim
-
1. A method of authorizing a client'"'"'s request at a first downstream application, said method comprising:
-
generating a matched authorization table entry, the generating including; receiving a role-mapping requirement wherein the role-mapping requirement includes an upstream security role and a downstream security role, the upstream security role corresponding to an upstream security role identifier; including the upstream security role identifier in the matched authorization table entry, the matched authorization table entry corresponding to the downstream security role; determining whether the upstream security role and the downstream security role are equivalent; and configuring the upstream security role and the downstream security role such that they are equivalent; and receiving, at the first downstream application, a first application request from an upstream application, wherein the first application request is derived from the client'"'"'s request and includes the upstream security role identifier that was determined by the upstream application; reading authorization table entries stored in a downstream authorization table accessible from the downstream application; matching the upstream security role identifier included in the request with at least one of the authorization table entries included in the downstream authorization table; authorizing the client'"'"'s request in response to the matching; identifying one or more required downstream security roles wherein each authorization table entry corresponds to at least one of the required downstream security roles; selecting the required downstream security role that corresponds to the matched authorization table entry; including the selected required downstream security role in a second application request; and sending the second application request to a second downstream application.
-
Specification