×

Attribute rule enforcer for a directory

  • US 7,865,482 B2
  • Filed: 10/30/2007
  • Issued: 01/04/2011
  • Est. Priority Date: 08/01/2001
  • Status: Expired due to Fees
First Claim
Patent Images

1. An apparatus comprising at least one of hardware and a computer readable storage medium, the apparatus comprising:

  • a transaction monitor and a rule validator, the transaction monitor and the rule validator being interposed between a client computer and a directory access server for providing access to a directory,wherein the transaction monitor is capable of intercepting a request from a client computer to said directory access server, diverting the intercepted request to the rule validator if the call includes one of a request to add data to a directory accessed by the directory access server, a request to modify data in the directory, and a request to delete data from the directory, and being further capable of forwarding the intercepted request to the directory access server if the request does not include one of a request to add data to the directory, a request to modify data in the directory, and a request to delete data from the directory,wherein the rule validator is capable of determining whether an attribute of the request complies with a first rule governing content of data that is permissible to be forwarded to the directory access server and a second rule governing structure of data that is permissible to be forwarded to the directory access server, the first and second rules including a data addition rule when the request includes a request to add data to the directory, the first and second rules including a data modification rule when the request includes a request to modify data in the directory, and the first and second data rules including a data deletion rule when the request includes a request to delete data from the directory, andwherein the rule validator is further capable of forwarding the request to the directory access server if the attribute complies with one of the first rule and the second rule and is further capable of rejecting the request to the directory access server and returning an error message to a source of the request if the attribute does not comply with the first rule and the second rule.

View all claims
  • 6 Assignments
Timeline View
Assignment View
    ×
    ×