Security for external system management
First Claim
Patent Images
1. A computer-implemented method comprising:
- registering a web service in a register as an interface of an application server for one or more external client systems for purposes of managing a computer application stored in a container, wherein the web service interface is used in a start up and control framework for the application server;
receiving a communication from a first client system at the interface, the communication including a request by the first client system to manage the computer application and including identification information for the first client system, the web service interface including a security function to extract identity information, the identification information of the communication including a domain name and a user name for the first client system;
determining if an additional level of security is desired for the interface that is not provided by the web service; and
if the additional level of security is desired for the interface, then;
obtaining the identification information from the communication,converting the identification information into a format that is compatible with a computer platform for the computer application to be managed, wherein converting the identification information includes generating a searchable identification in the context of the managed computer application by stripping out account information, including the domain name, from the identification information,determining whether the computer application provides authorization for the first client system to manage the computer application by searching the computer application for authentication of the first client system, andif the web service interface is successful in extracting information from the computer application to authenticate the first client system, allowing the first client system to engage in management of the computer application.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for enhanced security for external system management. A request to manage a system is received from a client at an interface. A determination is made whether a level of security is desired for the interface. If a level of security is desired for the interface, then identification information is obtained from the request and is converted into a format that is compatible with the system to be managed. A determination is made whether the system provides authorization for the client to manage the system.
82 Citations
14 Claims
-
1. A computer-implemented method comprising:
-
registering a web service in a register as an interface of an application server for one or more external client systems for purposes of managing a computer application stored in a container, wherein the web service interface is used in a start up and control framework for the application server; receiving a communication from a first client system at the interface, the communication including a request by the first client system to manage the computer application and including identification information for the first client system, the web service interface including a security function to extract identity information, the identification information of the communication including a domain name and a user name for the first client system; determining if an additional level of security is desired for the interface that is not provided by the web service; and if the additional level of security is desired for the interface, then; obtaining the identification information from the communication, converting the identification information into a format that is compatible with a computer platform for the computer application to be managed, wherein converting the identification information includes generating a searchable identification in the context of the managed computer application by stripping out account information, including the domain name, from the identification information, determining whether the computer application provides authorization for the first client system to manage the computer application by searching the computer application for authentication of the first client system, and if the web service interface is successful in extracting information from the computer application to authenticate the first client system, allowing the first client system to engage in management of the computer application. - View Dependent Claims (2, 3, 4)
-
-
5. An application server comprising:
-
a processor to execute instructions; a container to store data, the data including a computer application, the computer application including authorization data concerning users who are authorized to access the computer application; and a web service registered as an interface for one or more external client systems, the web service being used in a start up and control framework for the application server, the web service interface to be connected to a first client system for management of the application, the interface to include an enhanced security function, the enhanced security function to extract identification information from a communication from a client system and determine whether the client system has authority to manage the application, wherein extracting identification information and determining authority includes; obtaining identification information from the communication, the identification information including a domain name and a user name for the first client system, converting the identification information into a format that is compatible with a computer platform for the computer application to be managed including generating a searchable identification for the managed computer application by stripping out account information, including the domain name, from the identification information, searching the computer application for authentication of the first client system, and if the web service interface is successful in extracting information from the computer application to authenticate the first client system, allowing the first client system to engage in management of the computer application. - View Dependent Claims (6, 7)
-
-
8. A system comprising:
-
a client system, the client system to provide a communication including a request to manage a computer application, the communication to include identification information regarding the client system, the identification information including a domain name and a user name for the client system; and a server, the server including a container to store the computer application, and a web service interface and a registry, the interface being registered with the registry, the web service to be used in a start up and control framework for the server, the client system to be coupled with the interface, the computer application including data regarding access credentials; wherein the interface is to extract the identification information from the communication and convert the identification information into a format compatible with a computer platform for the computer application, wherein convening the identification information includes generating a searchable identification in the context of the managed computer application by stripping out account information, including the domain name, from the identification information, the interface to compare the converted identification information with the data regarding access credentials to determine whether the client system is authorized to access the computer application, and wherein, if the web service interface is successful in extracting information from the computer application to authenticate the first client system, the interface is to allow the first client system to engage in management of the computer application. - View Dependent Claims (9, 10)
-
-
11. A machine-readable medium having stored thereon data representing sequences of instructions that, when the instructions are executed by a processor, cause the processor to perform operations comprising:
-
registering a web service as a interface of an application server for one or more external client systems for management of a computer application stored in a container, the web service used in a start up and control framework for the application server; receiving a communication from a first client system at the interface, the communication including a request by the first client system to manage the computer application and including identification information for the first client system, the web service interface including a security function to extract identity information, the identification information of the communication including a domain name and a user name for the first client system; determining if an additional level of security is desired for the interface that is not provided by the web service; and if the additional level of security is desired for the interface, then; obtaining the identification information from the communication, converting the identification information into a format that is compatible with a computer platform for the computer application to be managed, wherein converting the identification information includes generating a searchable identification in the context of the managed computer application by stripping out account information, including the domain name, from the identification information, determining whether the computer application provides authorization for the first client system to manage the computer application by searching the computer application for authentication of the first client system, and if the web service interface is successful in extracting information from the computer application to authenticate the first client system, allowing the first client system to engage in management of the computer application. - View Dependent Claims (12, 13, 14)
-
Specification