Renewal of user identification information
First Claim
1. A method operative in association with a first application server for managing user identification information, the method comprising:
- responsive to receiving, at the first application server, a token that has expired, the token received from a client that is distinct from the first application server, determining, by a processor unit having a hardware element, whether an instance of security information in use on the first application server and referenced by the token was generated by an application server compatible with the first application server, wherein a determination regarding compatibility is based on whether the first application server is of a same type or version as the application server that generated the instance of security information;
responsive to determining that the instance of the security information was generated by an application server compatible with the first application server, determining whether the instance of the security information is managed using a set of rules for a group of users of the first application server;
responsive to determining that the instance of the security information referenced by the token is managed by the set of rules for the group of users of the first application server, determining whether a user identifier from the token is authorized to access the first application server; and
responsive to determining that the user identifier is authorized to access the first application server, renewing the token.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, data processing system, and computer program product for managing user identification information. A determination is made whether an instance of security information in use on the first application server and referenced by a token that has expired was generated by an application server compatible with a first application server in response to receiving the token. A determination is made whether the instance of the security information is managed by a set of rules for a group of users of the first application server. A determination is made whether a user identifier from the token is authorized to access the first application server. The token is renewed in response to determining that the user identifier is authorized to access the first application server.
-
Citations
25 Claims
-
1. A method operative in association with a first application server for managing user identification information, the method comprising:
-
responsive to receiving, at the first application server, a token that has expired, the token received from a client that is distinct from the first application server, determining, by a processor unit having a hardware element, whether an instance of security information in use on the first application server and referenced by the token was generated by an application server compatible with the first application server, wherein a determination regarding compatibility is based on whether the first application server is of a same type or version as the application server that generated the instance of security information; responsive to determining that the instance of the security information was generated by an application server compatible with the first application server, determining whether the instance of the security information is managed using a set of rules for a group of users of the first application server; responsive to determining that the instance of the security information referenced by the token is managed by the set of rules for the group of users of the first application server, determining whether a user identifier from the token is authorized to access the first application server; and responsive to determining that the user identifier is authorized to access the first application server, renewing the token. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An application server for managing user identification information, the application server comprising:
an authentication system configured to receive a token that has expired in a request, the request received from a client that is distinct from the application server, determine whether an instance of security information in use on the application server and referenced by the token was generated by a type or version of application server that is compatible with the application server, determine whether the instance of the security information is managed by a set of rules for a group of users of the application server in response to determining that the instance of the security information was generated by the type of application server that is compatible with the application server, determine whether a user identifier from the token is authorized to access the application server in response to determining that the instance of the security information referenced by the token is managed by the set of rules for the group of users of the application server, and renew the token in response to determining that the user identifier is authorized to access the application server. - View Dependent Claims (11, 12, 13)
-
14. A computer program product for managing user identification information in association with a first application server, the computer program product comprising:
-
a non-transitory computer readable storage medium; program code, stored on the computer readable storage medium, configured to determine whether an instance of security information in use on the first application server and referenced by a token that has expired was generated by an application server compatible with the first application server in response to receiving the token at the first application server from a client that is distinct from the first application server, wherein a determination regarding compatibility is based on whether the first application server is of a same type or version as the application server that generated the instance of security information; program code, stored on the computer readable storage medium, configured to determine whether the instance of the security information is managed by a set of rules for a group of users of the first application server in response to determining that the instance of the security information was generated by an application server compatible with the first application server; program code, stored on the computer readable storage medium, configured to determine whether a user identifier from the token is authorized to access the first application server in response to determining that the instance of the security information referenced by the token is managed by the set of rules for the group of users of the first application server; and program code, stored on the computer readable storage medium, configured to renew the token in response to determining that the user identifier is authorized to access the first application server. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A data processing system operative in association with a first application server for managing user identification information, the data processing system comprising:
-
a bus system; a storage device connected to the bus system, wherein the storage device includes program code; and
a processor unit connected to the bus system, wherein the processor unit is configured to determine whether an instance of security information in use on the first application server and referenced by a token that has expired was generated by an application server compatible with the first application server in response to receiving the token at the first application server from a client distinct from the first application server, determine whether the instance of the security information is managed by a set of rules for a group of users of the first application server in response to determining that the instance of the security information was generated by an application server compatible with the first application server, determine whether a user identifier from the token is authorized to access the first application server in response to determining that the instance of the security information referenced by the token is managed by the set of rules for the group of users of the first application server, and renew the token in response to determining that the user identifier is authorized to access the first application server, wherein a determination regarding compatibility is based on whether the first application server is of a same type or version as the application server that generated the instance of security information. - View Dependent Claims (22, 23, 24, 25)
-
Specification