×

Role passing and persistence mechanism for a container

  • US 8,161,173 B1
  • Filed: 03/30/2005
  • Issued: 04/17/2012
  • Est. Priority Date: 03/30/2005
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method, comprising:

  • calling, by a first adaptor of a plurality of adaptors of a web server, an authentication function of the web server to authenticate a first user identification and password information, wherein the web server supports a plurality of connection protocols and the first adaptor implements a first connection protocol of the plurality of connection protocols;

    interacting, by the first adaptor using the first connection protocol, with a first client to establish a first session in response to a first successful authentication, wherein the first client implements the first connection protocol;

    receiving, by a role persistence mechanism of the web server after establishing the first session, a first request comprising first role information directly from the first client via a first application programming interface (API) call without using any of the plurality of connection protocols supported by the plurality of adaptors,wherein the first client bypasses the first adaptor when transmitting the first request to the role persistence mechanism,wherein the first role information identifies a first set of one or more roles of the first client, andwherein the first request is the first passing of any role information between the first client and the web server for the first session;

    using, by the role persistence mechanism in response to the first request, the first role information to associate the first set of one or more roles with the first session in a persistent manner;

    calling, by a second adaptor of the plurality of adaptors, the authentication function of the web server to authenticate a second user identification and password information, wherein the second adaptor implements a second connection protocol of the plurality of connection protocols which is different from the first connection protocol;

    interacting, by the second adaptor using the second connection protocol, with a second client to establish a second session in response to a second successful authentication, wherein the second client implements the second connection protocol;

    receiving, by the role persistence mechanism, a second request comprising second role information directly from the second client via a second API call without using any of the plurality of connection protocols supported by the plurality of adaptors, wherein the second client bypasses the second adaptor when transmitting the second request to the role persistence mechanism;

    using, by the role persistence mechanism in response to the second request, the second role information to associate a second set of one or more roles with the second session in the persistent manner;

    receiving, by a hosted service of the web server, a service request for the hosted service from the first client;

    providing, by the role persistence mechanism of the web server, the first role information to the hosted service;

    in response to determining that the first client has privileges to access the hosted service based on the first role information, providing the hosted service to the first client;

    receiving, by the role persistence mechanism, a third request comprising third role information directly from the first client via a third API call without using any of the plurality of connection protocols supported by the plurality of adaptors,wherein the first client bypasses the first adaptor when transmitting the third request to the role persistence mechanism, andwherein the third request is to change the first set of one or more roles of the first client to a third set of one or more roles of the first client andusing, by the role persistence mechanism in response to the third request, the third role information to associate the third set of one or more roles with the first session in the persistent manner,wherein, after the third set of one or more roles is associated with the first session, at least one hosted service uses the third role information to determine whether the first client has privileges to access the at least one hosted service during the first session.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×