Authentication on demand in a distributed network environment
First Claim
Patent Images
1. An apparatus to establish local authentication information, comprising:
- a computer;
a memory in the computer, the memory including a container hierarchy, the container hierarchy including a first container and a second container stored in the first container;
a user object creator for creating a user object for storage in the second container in the container hierarchy;
an authentication source to authenticate a first authentication request;
a user object populator for populating the user object with identity information including a user name and an encrypted password responsive to the first authentication request, wherein the user object populator is operative to make the user object permanent responsive to a signal from the authentication source indicating a validated authentication request; and
a local administration policy for the computer to define rights for the user object independent of rights of a corresponding user object in the authentication source.
11 Assignments
0 Petitions
Accused Products
Abstract
A computer receives an authentication request from a client. The computer creates a temporary user object and populates it with identification information from the authentication request. The computer then forwards the authentication request to an authentication source. Once the authentication source has validated the authentication request, the computer queries the authentication source for identification information, populates the temporary user object with the identification information, and makes the user object permanent.
-
Citations
25 Claims
-
1. An apparatus to establish local authentication information, comprising:
-
a computer; a memory in the computer, the memory including a container hierarchy, the container hierarchy including a first container and a second container stored in the first container; a user object creator for creating a user object for storage in the second container in the container hierarchy; an authentication source to authenticate a first authentication request; a user object populator for populating the user object with identity information including a user name and an encrypted password responsive to the first authentication request, wherein the user object populator is operative to make the user object permanent responsive to a signal from the authentication source indicating a validated authentication request; and a local administration policy for the computer to define rights for the user object independent of rights of a corresponding user object in the authentication source. - View Dependent Claims (2, 3)
-
-
4. A method for establishing local authentication information for a user, comprising:
-
receiving a first authentication request from a client, the first authentication request including a user name and an encrypted password; forwarding the first authentication request to an authentication source; receiving a response from the authentication source; forwarding the response to the client; creating a user object for the user; placing the user object in a container, the container residing in a container hierarchy; populating the user object with identification information about the user, the identification information including the user name and the encrypted password; making the user object permanent if the response from the authentication source validates the first authentication request; and applying a local administration policy defining rights for the user object independent of rights for a corresponding user object in the authentication source. - View Dependent Claims (5, 6, 7, 8, 9, 10)
-
-
11. One or more computer-readable media containing a program to establish local authentication information for a user, comprising:
-
software to receive a first authentication request from a client, the first authentication request including a user name and an encrypted password; software to forward the first authentication request to an authentication source; software to receive a response from the authentication source; software to forward the response to the client; software to create a user object for the user; software to place the user object in a container, the container residing in a container hierarchy; software to populate the user object with identification information about the user including the user name and the encrypted password; software to make the user object permanent if the response from the authentication source validates the first authentication request; and software to apply a local administration policy defining rights for the user object independent of rights of a corresponding user object in the authentication source. - View Dependent Claims (12, 13, 14)
-
-
15. A system comprising:
-
a first computer; memory in the first computer, the memory including a container hierarchy, the container hierarchy including a first container and a second container stored in the first container; a second computer in communication with the first computer for generating an authentication request; an authentication source in communication with the first computer for responding to the authentication request from the second computer; means for populating a user object stored in the second container in the container hierarchy with identification information including a user name and an encrypted password; means for making the user object permanent responsive to a signal from the authentication source indicating a validated authentication request; and a local administration policy to define rights for the user object independent of rights of a corresponding user object in the authentication source. - View Dependent Claims (16, 17, 18)
-
-
19. A method for establishing local authentication information for a user, comprising:
-
receiving a first authentication request from a client, the first authentication request including a user name and an encrypted password; creating a temporary user object for the user; placing the temporary user object in a container, the container residing in a container hierarchy; forwarding the first authentication request to an authentication source; receiving a response from the authentication source; if the response from the authentication source indicates that the first authentication request succeeded; populating the temporary user object with identification information including the user name and the encrypted password; marking the temporary user object as permanent; and returning to the client a code validating the first authentication request. - View Dependent Claims (20, 21, 22)
-
-
23. One or more computer-readable media containing a program to store identification information, comprising:
-
software for creating a user object; software for placing the user object in a first container, the first container residing in a second container, the second container residing in a container hierarchy; software to receive a message containing the identification information including a user name and an encrypted password; software for populating the user object with the identification information including the user name and the encrypted password drawn from the message; software for making the user object permanent if a response from an authentication source validates a first authentication request; and software for applying a local administration policy defining rights for the user object independent of rights of a corresponding user object in the authentication source. - View Dependent Claims (24, 25)
-
Specification