Virtualized data storage and management of policy and credential data sources
First Claim
1. A method comprising:
- providing, by a computer system implemented as a data manager, to one or more single sign-on services, an interface for accessing a plurality of storage systems, wherein the plurality of storage systems includes a first storage system having a first type of storage system and a second storage system having a second type of storage system, and wherein the first type of storage system is different from the second type of storage system;
receiving a data request, at the computer system, for a credential from a single sign-on service of the one or more single sign-on services, wherein the credential is stored at one of the plurality of storage systems, and wherein the data request includes one or more criteria for obtaining the credential for the single sign-on service;
identifying, at the computer system, one or more credential criteria in the data request based on the one or more criteria, wherein the one or more credential criteria are generated for the credential;
identifying a storage system associated with the data request based on the one or more credential criteria identified in the data request based on the one or more criteria;
selecting, from a plurality of plug-ins, a plug-in corresponding to the identified storage system, wherein each of the plurality of plug-ins correspond to a different one of the plurality of storage systems, wherein the plurality of plug-ins includes a first plug-in and a second plug-in, wherein the first plug-in that corresponds to the first type of storage system is implemented to convert the data request according to the first type of storage system, and wherein the second plug-in that corresponds to the second type of storage system is implemented to convert the data request according to the second type of storage system;
retrieving data associated with the data request from the identified storage system using the selected plug-in corresponding to the identified storage system; and
sending, to the single sign-on service for which the data request is received, the data associated with the data request.
1 Assignment
0 Petitions
Accused Products
Abstract
Web-based single sign-on can enable a user to log in to a single interface (such as through a web browser or thin client) and then provide SSO services to the user for one or more web applications. The web-based SSO system can be extended to support one or more different access control methods, such as form-fill, Federated (OIF), SSO Protected (OAM), and other policies. The web-based SSO system can include a user interface through which the user can access different web applications, systems, etc. and manage their credentials. Each SSO service can be associated with a web interface allowing the SSO services to be accessed over the web. The web interfaces can provide CRUD (create, read, update, delete) functionality for each SSO service. To support different access policy types, the web-based SSO system can include an extensible data manager that can manage data access to different types of repositories transparently.
-
Citations
20 Claims
-
1. A method comprising:
-
providing, by a computer system implemented as a data manager, to one or more single sign-on services, an interface for accessing a plurality of storage systems, wherein the plurality of storage systems includes a first storage system having a first type of storage system and a second storage system having a second type of storage system, and wherein the first type of storage system is different from the second type of storage system; receiving a data request, at the computer system, for a credential from a single sign-on service of the one or more single sign-on services, wherein the credential is stored at one of the plurality of storage systems, and wherein the data request includes one or more criteria for obtaining the credential for the single sign-on service; identifying, at the computer system, one or more credential criteria in the data request based on the one or more criteria, wherein the one or more credential criteria are generated for the credential; identifying a storage system associated with the data request based on the one or more credential criteria identified in the data request based on the one or more criteria; selecting, from a plurality of plug-ins, a plug-in corresponding to the identified storage system, wherein each of the plurality of plug-ins correspond to a different one of the plurality of storage systems, wherein the plurality of plug-ins includes a first plug-in and a second plug-in, wherein the first plug-in that corresponds to the first type of storage system is implemented to convert the data request according to the first type of storage system, and wherein the second plug-in that corresponds to the second type of storage system is implemented to convert the data request according to the second type of storage system; retrieving data associated with the data request from the identified storage system using the selected plug-in corresponding to the identified storage system; and sending, to the single sign-on service for which the data request is received, the data associated with the data request. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium storing instructions executable by a processor of a computer system for performing a method, the method comprising:
-
providing to one or more single sign-on services, an interface for accessing a plurality of storage systems, wherein the plurality of storage systems includes a first storage system having a first type of storage system and a second storage system having a second type of storage system, and wherein the first type of storage system is different from the second type of storage system; receiving a data request for a credential from a single sign-on service of the one or more single sign-on services, wherein the credential is stored at one of the plurality of storage systems, and wherein the data request includes one or more criteria for obtaining the credential for the single sign-on service; identifying, at the computer system, one or more credential criteria in the data request based on the one or more criteria, wherein the one or more credential criteria are generated for the credential; identifying a storage system associated with the data request based on the one or more credential criteria identified in the data request based on the one or more criteria; selecting, from a plurality of plug-ins, a plug-in corresponding to the identified storage system, wherein each of the plurality of plug-ins correspond to a different one of the plurality of storage systems, wherein the plurality of plug-ins includes a first plug-in and a second plug-in, wherein the first plug-in that corresponds to the first type of storage system is implemented to convert the data request according to the first type of storage system, and wherein the second plug-in that corresponds to the second type of storage system is implemented to convert the data request according to the second type of storage system; retrieving data associated with the data request from the identified storage system using the selected plug-in corresponding to the identified storage system; and sending, to the single sign-on service for which the data request is received, the data associated with the data request. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
at least one processor; and a memory accessible to the at least one processor, the memory storing one or more instructions which, upon execution by the at least one processor, causes the at least one processor to perform operations for; providing, to one or more single sign-on services, an interface for accessing a plurality of storage systems, wherein the plurality of storage systems includes a first storage system having a first type of storage system and a second storage system having a second type of storage system, and wherein the first type of storage system is different from the second type of storage system; receiving a data request for a credential from a single sign-on service of the one or more single sign-on services, wherein the credential is stored at one of the plurality of storage systems, and wherein the data request includes one or more criteria for obtaining the credential for the single sign-on service; identifying one or more credential criteria in the data request based on the one or more criteria, wherein the one or more credential criteria are generated for the credential; identifying a storage system associated with the data request based on the one or more credential criteria identified in the data request based on the one or more criteria; selecting, from a plurality of plug-ins, a plug-in corresponding to the identified storage system, wherein each of the plurality of plug-ins correspond to a different one of the plurality of storage systems, wherein the plurality of plug-ins includes a first plug-in and a second plug-in, wherein the first plug-in that corresponds to the first type of storage system is implemented to convert the data request according to the first type of storage system, and wherein the second plug-in that corresponds to the second type of storage system is implemented to convert the data request according to the second type of storage system; retrieving data associated with the data request from the identified storage system using the selected plug-in corresponding to the identified storage system; and sending, to the single sign-on service for which the data request is received, the data associated with the data request. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification