Authentication policy usage for authenticating a user
First Claim
1. A method for authenticating a user, comprising:
- a first server of a plurality of servers generating, by a computer processor, an authentication policy table, said generating the authentication policy table comprising (i) inserting into the authentication policy table an authentication policy of each server and (ii) setting a relative priority of each server in the authentication policy table of the first server in order of decreasing number of users registered in an authentication system of each server, wherein the authentication policy of each server is at least one rule of each server for authenticating users of a federated computing environment that comprises the plurality of servers;
said first server storing, by the processor, the generated authentication policy table within the first server;
after said generating and storing the authentication policy table, said first server receiving, by the processor, an access request from the user to access the federated computing environment;
after said receiving the access request, said first server receiving, by the processor, input authentication information from the user; and
said first server ascertaining, by the processor, that the user is authorized to access the federated computing environment, wherein said ascertaining comprises determining that the received input authentication information conforms to the at least one rule of the authentication policy of a second server having a highest relative priority among servers of the plurality of servers whose authentication policy'"'"'s at least one rule, in the authentication policy table of the first server, is conformed to by the received input authentication information.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for authenticating a user. A first server of multiple servers generates an authentication policy table by inserting into the authentication policy table an authentication policy of each server and setting a relative priority of each server in the authentication policy table of the first server in order of decreasing number of users registered in an authentication system of each server. The authentication policy of each server is at least one rule of each server for authenticating users of a federated computing environment that includes the multiple servers. The first server receives an access request from the user to access the federated computing environment, receives input authentication information from the user, and determines from use of both the input authentication information and the at least one rule in the authentication policy table of the first server that the user is authorized to access the federated computing environment.
-
Citations
18 Claims
-
1. A method for authenticating a user, comprising:
-
a first server of a plurality of servers generating, by a computer processor, an authentication policy table, said generating the authentication policy table comprising (i) inserting into the authentication policy table an authentication policy of each server and (ii) setting a relative priority of each server in the authentication policy table of the first server in order of decreasing number of users registered in an authentication system of each server, wherein the authentication policy of each server is at least one rule of each server for authenticating users of a federated computing environment that comprises the plurality of servers; said first server storing, by the processor, the generated authentication policy table within the first server; after said generating and storing the authentication policy table, said first server receiving, by the processor, an access request from the user to access the federated computing environment; after said receiving the access request, said first server receiving, by the processor, input authentication information from the user; and said first server ascertaining, by the processor, that the user is authorized to access the federated computing environment, wherein said ascertaining comprises determining that the received input authentication information conforms to the at least one rule of the authentication policy of a second server having a highest relative priority among servers of the plurality of servers whose authentication policy'"'"'s at least one rule, in the authentication policy table of the first server, is conformed to by the received input authentication information. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer system comprising a processor, a storage device coupled to the processor, and a computer readable memory unit coupled to the processor, said storage device containing program code configured to be executed by the processor via the memory unit to implement a method for authenticating a user, said method comprising:
-
a first server of a plurality of servers generating, by the processor, an authentication policy table, said generating the authentication policy table comprising (i) inserting into the authentication policy table an authentication policy of each server and (ii) setting a relative priority of each server in the authentication policy table of the first server in order of decreasing number of users registered in an authentication system of each server, wherein the authentication policy of each server is at least one rule of each server for authenticating users of a federated that comprises the plurality of servers; said first server storing, by the processor, the generated authentication policy table within the first server; after said generating and storing the authentication policy table, said first server receiving, by the processor, an access request from the user to access the federated computing environment; after said receiving the access request, said first server receiving, by the processor, input authentication information from the user; and said first server ascertaining, by the processor, that the user is authorized to access the federated computing environment, wherein said ascertaining comprises determining that the received input authentication information conforms to the at least one rule of the authentication policy of a second server having a highest relative priority among servers of the plurality of servers whose authentication policy'"'"'s at least one rule, in the authentication policy table of the first server, is conformed to by the received input authentication information. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer program product, comprising a computer readable storage device having program code stored therein, said program code configured to be executed by a computer processor to perform a method for authenticating a user, said method comprising:
-
a first server of a plurality of servers generating, by the processor, an authentication policy table, said generating the authentication policy table comprising (i) inserting into the authentication policy table an authentication policy of each server and (ii) setting a relative priority of each server in the authentication policy table of the first server in order of decreasing number of users registered in an authentication system of each server, wherein the authentication policy of each server is at least one rule of each server for authenticating users of a federated that comprises the plurality of servers; said first server storing, by the processor, the generated authentication policy table within the first server; after said generating and storing the authentication policy table, said first server receiving, by the processor, an access request from the user to access the federated computing environment; after said receiving the access request, said first server receiving, by the processor, input authentication information from the user; and said first server ascertaining, by the processor, that the user is authorized to access the federated computing environment, wherein said ascertaining comprises determining that the received input authentication information conforms to the at least one rule of the authentication policy of a second server having a highest relative priority among servers of the plurality of servers whose authentication policy'"'"'s at least one rule, in the authentication policy table of the first server, is conformed to by the received input authentication information. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification