Multiple authentication support in a shared environment

US 8,516,138 B2
Filed: 08/31/2010
Issued: 08/20/2013
Est. Priority Date: 08/31/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method for authentication of customers, the method comprising the steps of:

receiving a definition of a Lightweight Directory Access Protocol (LDAP) security group for LDAP authentication, wherein the LDAP security group is associated with authentication rights;

receiving a definition of a native security group for native authentication users, wherein the native security group has at least one authentication right not present in the LDAP security group;

receiving a customer specification of a list of LDAP servers that are used to successively reject a request for authentication until one of the LDAP servers grants authentication;

configuring an LDAP authentication web application and a native authentication web application to connect to a service management database, and configuring the LDAP authentication web application to use the list of LDAP servers;

configuring a first Uniform Resource Locator (URL) for LDAP authentication to access the LDAP authentication web application;

configuring a second URL for native authentication to access the native authentication web application;

assessing authentication requirements of a customer;

responsive to assessing, creating a user identifier;

responsive to creating the at least one user identifier, associating the at least one user identifier with a security group selected from a group consisting of the LDAP security group and the native security group; and

responsive to assessing, notifying a customer of a customer URL selected from the group of URLs consisting of the first URL and the second URL, to use for authentication.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication configurator may define a LDAP security group for LDAP authentication, wherein the LDAP security group is associated with rights. It may define a native security group for native authentication users, wherein the native authentication group has at least one right not present in the LDAP security group, and define customer-specified LDAP chains. It may configure an LDAP authentication web application and a native authentication web application, wherein the LDAP authentication web application and the native authentication web application each connect to a service management database, and the LDAP authentication web application uses the customer-specified LDAP chains. A first Uniform Resource Locator (URL) for LDAP authentication to access the LDAP authentication web application and a second URL for native authentication to access the native authentication web application may also be configured. It may assess the authentication requirements of a customer and create a user identifier, responsive to assessing.

Citations

3 Claims

1. A method for authentication of customers, the method comprising the steps of:
- receiving a definition of a Lightweight Directory Access Protocol (LDAP) security group for LDAP authentication, wherein the LDAP security group is associated with authentication rights;
  
  receiving a definition of a native security group for native authentication users, wherein the native security group has at least one authentication right not present in the LDAP security group;
  
  receiving a customer specification of a list of LDAP servers that are used to successively reject a request for authentication until one of the LDAP servers grants authentication;
  
  configuring an LDAP authentication web application and a native authentication web application to connect to a service management database, and configuring the LDAP authentication web application to use the list of LDAP servers;
  
  configuring a first Uniform Resource Locator (URL) for LDAP authentication to access the LDAP authentication web application;
  
  configuring a second URL for native authentication to access the native authentication web application;
  
  assessing authentication requirements of a customer;
  
  responsive to assessing, creating a user identifier;
  
  responsive to creating the at least one user identifier, associating the at least one user identifier with a security group selected from a group consisting of the LDAP security group and the native security group; and
  
  responsive to assessing, notifying a customer of a customer URL selected from the group of URLs consisting of the first URL and the second URL, to use for authentication.

2. A computer program product for authentication routes of customers, the computer program product comprising:
- a computer readable storage device;
  
  first program instructions to define a Lightweight Directory Access Protocol (LDAP) security group for LDAP authentication, wherein the LDAP security group is associated with authentication rights;
  
  second program instructions to define a native security group for native authentication users, wherein the native security group has at least one authentication right not present in the LDAP security group;
  
  third program instructions to define customer-specified LDAP chains;
  
  fourth program instructions to configure a first Uniform Resource Locator (URL) for LDAP authentication to access the LDAP authentication web application;
  
  fifth program instructions to configure a second URL for native authentication to access the native authentication web application;
  
  sixth program instructions to assess authentication requirements of a customer;
  
  seventh program instructions to create a user identifier, responsive to assessing;
  
  eighth program instructions to associate the at least one user identifier with a security group selected from a group consisting of the LDAP security group and the native security group, responsive to creating the at least one user identifier;
  
  ninth program instructions to notify a customer of a customer URL selected from the group of URLs consisting of the first URL and the second URL, to use for authentication, responsive to assessing; and
  
  wherein the first, second, third, fourth, fifth, sixth, seventh, eighth and ninth program instructions are stored on the computer readable storage device.

3. A computer system for authentication of customers, the computer system comprising:
- a processor, a computer readable memory and a computer readable storage device;
  
  first program instructions to receive a definition of a Lightweight Directory Access Protocol (LDAP) security group for LDAP authentication, wherein the LDAP security group is associated with authentication rights;
  
  second program instructions to receive a definition of a native security group for native authentication users, wherein the native security group has at least one authentication right not present in the LDAP security group;
  
  third program instructions to receive a customer specification of a list of LDAP servers that are used to successively reject a request for authentication until one of the LDAP servers grants authentication;
  
  fourth program instructions to configure a first Uniform Resource Locator (URL) for LDAP authentication to access the LDAP authentication web application;
  
  fifth program instructions to configure a second URL for native authentication to access the native authentication web application;
  
  sixth program instructions to assess authentication requirements of a customer;
  
  seventh program instructions to create a user identifier, responsive to assessing;
  
  eighth program instructions to associate the at least one user identifier with a security group selected from a group consisting of the LDAP security group and the native security group, responsive to creating the at least one user identifier; and
  
  ninth program instructions to notify a customer of a customer URL selected from the group of URLs consisting of the first URL and the second URL, to use for authentication, responsive to assessing; and
  
  wherein the first, second, third, fourth, fifth, sixth, seventh, eighth and ninth program instructions are stored on the computer readable storage device for execution by the processor via the computer readable memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Kuritzky, Matt R., Morgan, Fabian F., Schlosser, Sandra J., White Eagle, Sarah V.
Primary Examiner(s)
Gorney, Boris

Application Number

US12/873,012
Publication Number

US 20120054357A1
Time in Patent Office

1,085 Days
Field of Search

709/229
US Class Current

709/229
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04L 63/168   above the transport layer

Multiple authentication support in a shared environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

3 Claims

Specification

Solutions

Use Cases

Quick Links

Multiple authentication support in a shared environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

3 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links