System and method for ensuring security with multiple authentication schemes
First Claim
Patent Images
1. A method for authenticating a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, comprising:
- maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;
said maintaining, responsive to modification of a given privilege set, including incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set;
connecting said user to said database manager; and
logging on said user to said content manager running on top of said database manager to enable access by said user to said user data items, selectively responsive to at least one of;
said user connecting to said database manager;
said user being authenticated by at least one of;
(i) said content manager and (ii) a third party;
a user exit authenticating content manager (CM) indicia of said user; and
database (DB) indicia of said user matching content manager (CM) indicia of said user.
0 Assignments
0 Petitions
Accused Products
Abstract
System for authenticating a user for logon to a content manager running on top of a database manager. A connect procedure connects the user to a database manager; and then a logon procedure logs on the user to the content manager selectively responsive to the user connecting to the database manager; the user being authenticated by a third party by way of a user exit or a trusted logon environment and privilege; or the user being authenticated by the content manager.
51 Citations
12 Claims
-
1. A method for authenticating a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, comprising:
-
maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;said maintaining, responsive to modification of a given privilege set, including incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set; connecting said user to said database manager; and logging on said user to said content manager running on top of said database manager to enable access by said user to said user data items, selectively responsive to at least one of; said user connecting to said database manager; said user being authenticated by at least one of;
(i) said content manager and (ii) a third party;a user exit authenticating content manager (CM) indicia of said user; and database (DB) indicia of said user matching content manager (CM) indicia of said user. - View Dependent Claims (2, 3, 4)
-
-
5. A system for authenticating a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, comprising:
-
one or more computer processors; and a memory containing a program which, when executed by the one or more computer processors, is configured to perform an operation comprising; a maintenance procedure for maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;said maintenance procedure, responsive to modification of a given privilege set, for incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set; a connect procedure for connecting said user to said database manager; and a logon procedure for logging on said user to said content manager selectively responsive to at least one of; said user connecting to said database manager; said user being authenticated by at least one of;
(i) a third party and (ii) said content manager;a user exit authenticating content manager (CM) indicia of said user; and database (DB) indicia of said user matching content manager (CM) indicia of said user. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer readable storage medium containing a program of instructions which, when executed, performs an operation for authorizing access by a user for access to controlled entities maintained at a server, said server including a content management system having a content manager, a database manager, an user application, and user exits, said operation comprising:
-
maintaining said controlled entities within said content manager, said controlled entities including an access control list table bound to user data items, said access control list table including, in rows, for each user and user group;
user kind, user identifier, access control list code, and privilege set code, each privilege set code corresponding to a privilege set;said maintaining, responsive to modification of a given privilege set, including incrementally refreshing said access control list table to refresh only those rows having a privilege set code corresponding to said given privilege set; connecting said user to said database manager; and logging on said user to said content manager running on top of said database manager to enable access by said user to said user data items, selectively responsive to at least one of; said user connecting to said database manager; said user being authenticated by at least one of;
(i) said content manager and (ii) a third party;a user exit authenticating content manager (CM) indicia of said user; and
database (DB) indicia of said user matching content manager (CM) indicia of said user. - View Dependent Claims (10, 11, 12)
-
Specification