Method and apparatus for facilitating single sign-on of an application cluster
First Claim
1. A method for facilitating single sign-on of an application cluster, wherein the application cluster hosts a plurality of computer applications on the same computer system, the method comprising:
- receiving a logon request at a database server from a specific application in the application cluster,wherein the logon request specifies the application cluster and an authentication credential for the server,wherein the application facilitates a user client system to access the database server, andwherein the application cluster resides in a middle-tier system that is different from the database server as well as the user client system;
authenticating the application cluster to the server using the authentication credential, wherein the plurality of computer applications within the application cluster share a common authentication credential that is unique to the application cluster;
subsequent to authenticating the application cluster, accessing a directory service on a directory server to determine if the specific application is authorized to access a given database schema on the database server; and
if so, authorizing the specific application to access the database schema.
2 Assignments
0 Petitions
Accused Products
Abstract
One embodiment of the present invention provides a system that facilitates single sign-on of an application cluster, wherein the application cluster includes a plurality of computer applications residing on the same computer system. The system operates by first receiving a logon request at a server from the application cluster, wherein the logon request specifies an account for the server. Next, the system authenticates the application cluster to the server and determines if the application cluster is authorized to use the specified account. If so, the system authorizes the application cluster to use the specified account.
18 Citations
18 Claims
-
1. A method for facilitating single sign-on of an application cluster, wherein the application cluster hosts a plurality of computer applications on the same computer system, the method comprising:
-
receiving a logon request at a database server from a specific application in the application cluster, wherein the logon request specifies the application cluster and an authentication credential for the server, wherein the application facilitates a user client system to access the database server, and wherein the application cluster resides in a middle-tier system that is different from the database server as well as the user client system; authenticating the application cluster to the server using the authentication credential, wherein the plurality of computer applications within the application cluster share a common authentication credential that is unique to the application cluster; subsequent to authenticating the application cluster, accessing a directory service on a directory server to determine if the specific application is authorized to access a given database schema on the database server; and if so, authorizing the specific application to access the database schema. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for facilitating single sign-on of an application cluster, wherein the application cluster hosts a plurality of computer applications on the same computer system, the method comprising:
-
receiving a logon request at a database server from a specific application in the application cluster, wherein the logon request specifies the application cluster and an authentication credential for the server, wherein the application facilitates a user client system to access the database server, and wherein the application cluster resides in a middle-tier system that is different from the database server as well as the user client system; authenticating the application cluster to the server using the authentication credential, wherein the plurality of computer applications within the application cluster share a common authentication credential that is unique to the application cluster; subsequent to authenticating the application cluster, accessing a directory service on a directory server to determine if the specific application is authorized to access a given database schema on the database server; and if so, authorizing the specific application to access the database schema. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An apparatus for facilitating single sign-on of an application cluster, wherein the application cluster hosts a plurality of computer applications on the same computer system, comprising:
-
a receiving mechanism configured to receive a logon request at a database server from a specific application in the application cluster, wherein the logon request specifies the application cluster and an authentication credential for the server, wherein the application facilitates a user client system to access the database server, and wherein the application cluster resides in a middle-tier system that is different from the database server as well as the user client system; an authenticating mechanism configured to authenticate the application cluster to the server using the authentication credential, wherein the plurality of computer applications within the application cluster share a common authentication credential that is unique to the application cluster; a determining mechanism, wherein, subsequent to authenticating the application cluster, the determining mechanism is configured to determine if the specific application is authorized to access a given database schema on the database server; and an authorizing mechanism configured to authorize the specific application to access the database schema if the specific application is authorized to use the specified account. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification