Securing asynchronous client server transactions
First Claim
1. A computer implemented method for securing asynchronous client server transactions, the computer implemented method comprising:
- receiving a request at a first application executing in a data processing system, the request including an application identifier and a version associated with a second application;
generating a service identifier responsive to a session with the second application being valid;
generating a registry at the first application, the registry including information about a set of services and data that the second application is permitted to use;
generating a catalog based on the registry, the catalog including a transformed subset of the registry;
sending the service identifier and the catalog to the second application;
receiving a sub-request, the sub-request being a part of an asynchronous client server transaction, the sub-request including the service identifier;
determining a validity of the sub-request by determining a combination of (i) whether the service identifier has expired, (ii) whether the sub-request requests a service that is permissible according to the catalog, and (iii) whether the service identifier is used in conjunction with the second application;
providing, responsive to the sub-request being valid, the service in response to the sub-request.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for securing asynchronous client server transactions is provided in the illustrative embodiments. A request including an application identifier and a version of a second application is received at a first application. A service identifier is generated if a session with the second application is valid. A registry is generated at the first application. A catalog is generated based on the registry and the service identifier and the catalog are sent to the second application. A sub-request including the service identifier is received as part of an asynchronous client server transaction. Validity of the sub-request is determined by determining whether the service identifier has expired, whether the sub-request requests a service that is permissible according to the catalog, whether the service identifier is used in conjunction with the second application, or a combination thereof. If the sub-request is valid, the service is provided.
13 Citations
12 Claims
-
1. A computer implemented method for securing asynchronous client server transactions, the computer implemented method comprising:
-
receiving a request at a first application executing in a data processing system, the request including an application identifier and a version associated with a second application; generating a service identifier responsive to a session with the second application being valid; generating a registry at the first application, the registry including information about a set of services and data that the second application is permitted to use; generating a catalog based on the registry, the catalog including a transformed subset of the registry; sending the service identifier and the catalog to the second application; receiving a sub-request, the sub-request being a part of an asynchronous client server transaction, the sub-request including the service identifier; determining a validity of the sub-request by determining a combination of (i) whether the service identifier has expired, (ii) whether the sub-request requests a service that is permissible according to the catalog, and (iii) whether the service identifier is used in conjunction with the second application; providing, responsive to the sub-request being valid, the service in response to the sub-request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer implemented method for securing asynchronous client server transactions, the computer implemented method comprising:
-
receiving, from a first application, at a second application executing in a data processing system, a service identifier and a catalog responsive to sending an application identifier and an application version associated with the second application, the catalog including a transformed subset of a registry associated with the first application; dynamically constructing a sub-request, the sub-request being a part of an asynchronous client server transaction, the sub-request including the service identifier, and the sub-request further including a request for a service from the catalog, wherein a validity of the sub-request is determinable by determining a combination of (i) whether the service identifier has expired, (ii) whether the sub-request requests a service that is permissible according to the catalog, and (iii) whether the service identifier is used in conjunction with the second application; receiving, responsive to the sub-request being valid according to the first application, data associated with the service. - View Dependent Claims (11, 12)
-
Specification