Resource server proxy method and system
First Claim
1. A resource request method comprising:
- initializing, by a computing system comprising a resource server software application, said resource server software application, wherein said resource server software application comprises an internal session cache, and wherein said internal session cache comprises an internal data structure within said resource server software application;
receiving, by said resource server software application, first configuration data, wherein said configuration data comprises session key life data comprising a session key life variable;
receiving, by said resource server software application from a first requestor, a first authentication request, first credentials data associated with said first requestor, and a first address associated with said first requestor, wherein said first credentials data comprises a first session ID;
transmitting, by said resource server software application to a user directory, said first credentials data and a first request for groups associated with said first requestor;
receiving, by said resource server software application from said user directory, first group IDs identifying a first group associated with said first requestor;
generating, by said resource server software application, a first session key associated with said first requestor, wherein said first session key comprises a randomly generated sequence of characters;
calculating, by a computer processor executing said resource server software application, a first specified lifetime associated with said first session key, wherein said calculating said first specified lifetime comprises adding said session key life data to a first current time;
storing within said internal session cache, by said resource server software application, said first session key, said first session ID, said first address, said first group IDs, and said first specified lifetime;
periodically determining, by said resource server software application, if said first session key and said session key life data should be updated, wherein said periodically determining is associated with a master cleanup period comprising a specified period of time that said resource server software application will wait between scans of said internal session cache for expired sessions;
establishing, by said resource server software application, a secure communication channel between said first requestor, said resource server software application, and a backend resource server;
transmitting, by said resource server software application to said first requestor based on said results of said periodically determining, said first session key.
1 Assignment
0 Petitions
Accused Products
Abstract
A resource request method and system. The method includes receiving by resource server software application, session key life data. The resource server software application receives from a requester, an authentication request, a session ID, and an address associated with the requestor. The resource server software application transmits the session ID and a request for groups associated with the request. The resource server software application receives group IDs. The resource server software application generates a session key associated with the requester. The resource server software application calculates a specified lifetime associated with the session key. The resource server software application stores the session key, the session ID, the address, the group IDs, and the specified lifetime. The resource server software application transmits to the requester, the session key.
-
Citations
22 Claims
-
1. A resource request method comprising:
-
initializing, by a computing system comprising a resource server software application, said resource server software application, wherein said resource server software application comprises an internal session cache, and wherein said internal session cache comprises an internal data structure within said resource server software application; receiving, by said resource server software application, first configuration data, wherein said configuration data comprises session key life data comprising a session key life variable; receiving, by said resource server software application from a first requestor, a first authentication request, first credentials data associated with said first requestor, and a first address associated with said first requestor, wherein said first credentials data comprises a first session ID; transmitting, by said resource server software application to a user directory, said first credentials data and a first request for groups associated with said first requestor; receiving, by said resource server software application from said user directory, first group IDs identifying a first group associated with said first requestor; generating, by said resource server software application, a first session key associated with said first requestor, wherein said first session key comprises a randomly generated sequence of characters; calculating, by a computer processor executing said resource server software application, a first specified lifetime associated with said first session key, wherein said calculating said first specified lifetime comprises adding said session key life data to a first current time; storing within said internal session cache, by said resource server software application, said first session key, said first session ID, said first address, said first group IDs, and said first specified lifetime; periodically determining, by said resource server software application, if said first session key and said session key life data should be updated, wherein said periodically determining is associated with a master cleanup period comprising a specified period of time that said resource server software application will wait between scans of said internal session cache for expired sessions; establishing, by said resource server software application, a secure communication channel between said first requestor, said resource server software application, and a backend resource server; transmitting, by said resource server software application to said first requestor based on said results of said periodically determining, said first session key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computing system comprising a computer processor coupled to a computer-readable memory unit, said memory unit comprising a resource server software application and instructions that when executed by the computer processor implements a resource request method, said method comprising:
-
initializing, by said computing system, said resource server software application, wherein said resource server software application comprises an internal session cache, and wherein said internal session cache comprises an internal data structure within said resource server software application; receiving, by said resource server software application, first configuration data, wherein said configuration data comprises session key life data comprising a session key life variable; receiving, by said resource server software application from a first requestor, a first authentication request, first credentials data associated with said first requestor, and a first address associated with said first requestor, wherein said first credentials data comprises a first session ID; transmitting, by said resource server software application to a user directory, said first credentials data and a first request for groups associated with said first requestor; receiving, by said resource server software application from said user directory, first group IDs identifying a first group associated with said first requestor; generating, by said resource server software application, a first session key associated with said first requestor, wherein said first session key comprises a randomly generated sequence of characters; calculating, by said computer processor executing said resource server software application, a first specified lifetime associated with said first session key, wherein said calculating said first specified lifetime comprises adding said session key life data to a first current time; storing within said internal session cache, by said resource server software application, said first session key, said first session ID, said first address, said first group IDs, and said first specified lifetime; periodically determining, by said resource server software application, if said first session key and said session key life data should be updated, wherein said periodically determining is associated with a master cleanup period comprising a specified period of time that said resource server software application will wait between scans of said internal session cache for expired sessions; establishing, by said resource server software application, a secure communication channel between said first requestor, said resource server software application, and a backend resource server; transmitting, by said resource server software application to said first requestor based on said results of said periodically determining, said first session key. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer program product, comprising a computer readable storage device having a computer readable program code embodied therein, said computer readable program code including a resource server software application comprising an algorithm that when executed by a computer processor of a computing system implements a method comprising:
-
initializing, by said computing system, said resource server software application, wherein said resource server software application comprises an internal session cache, and wherein said internal session cache comprises an internal data structure within said resource server software application; receiving, by said resource server software application, first configuration data, wherein said configuration data comprises session key life data comprising a session key life variable; receiving, by said resource server software application from a first requestor, a first authentication request, first credentials data associated with said first requestor, and a first address associated with said first requestor, wherein said first credentials data comprises a first session ID; transmitting, by said resource server software application to a user directory, said first credentials data and a first request for groups associated with said first requestor; receiving, by said resource server software application from said user directory, first group IDs identifying a first group associated with said first requestor; generating, by said resource server software application, a first session key associated with said first requestor, wherein said first session key comprises a randomly generated sequence of characters; calculating, by said computer processor executing said resource server software application, a first specified lifetime associated with said first session key, wherein said calculating said first specified lifetime comprises adding said session key life data to a first current time; storing within said internal session cache, by said resource server software application, said first session key, said first session ID, said first address, said first group IDs, and said first specified lifetime; periodically determining, by said resource server software application, if said first session key and said session key life data should be updated, wherein said periodically determining is associated with a master cleanup period comprising a specified period of time that said resource server software application will wait between scans of said internal session cache for expired sessions; establishing, by said resource server software application, a secure communication channel between said first requestor, said resource server software application, and a backend resource server; transmitting, by said resource server software application to said first requestor based on said results of said periodically determining, said first session key.
-
Specification