System and method for identity management providers in a cloud platform environment
First Claim
1. A system for managing identity store configurations in a platform as a service (PaaS) layer in a cloud environment, comprising:
- one or more computers including a cloud environment executing thereon;
a software suite within the cloud environment that supports provisioning PaaS services, and includes a first service definition package (SDP), and a second SDP, wherein each SDP includes a service management engine (SME), and a virtual assembly that defines and configures a set of virtual appliances;
a provider type derived from the first SDP for use in creating a provider service that stores and manages a plurality of identity store configurations, wherein each identity store configuration is associated with a different identity store;
a service type derived from the second SDP for use in creating a PaaS service, wherein the service type specifies one of the plurality of identity store configurations as a dependency;
wherein when the PaaS service is created from the service type and deployed on one or more virtual machines defined and configured by the virtual assembly, the SME in the second SDP operates toretrieve, from the provider service, the identity store configuration specified by the service type, anduse the retrieved identity store configuration to configure the associated identity store for use by the PaaS service.
1 Assignment
0 Petitions
Accused Products
Abstract
Described herein is a system and method for supporting an identity management provider in a cloud computing environment. In accordance with an embodiment, an identity management (IDM) provider can provide an identity store (e.g., LDAP directory) configuration for use by a cloud platform (e.g., CloudLogic) service. In accordance with an embodiment, the IDM provider can centrally manage one or more identity store configurations, and supply a particular configuration to the orchestration engine when a service is being provisioned, so that the service can then be launched with an appropriate identity store. This allows a platform administrator to specify identity store configurations once and in one place, instead of having to create an identity store configuration for each service.
-
Citations
20 Claims
-
1. A system for managing identity store configurations in a platform as a service (PaaS) layer in a cloud environment, comprising:
-
one or more computers including a cloud environment executing thereon; a software suite within the cloud environment that supports provisioning PaaS services, and includes a first service definition package (SDP), and a second SDP, wherein each SDP includes a service management engine (SME), and a virtual assembly that defines and configures a set of virtual appliances; a provider type derived from the first SDP for use in creating a provider service that stores and manages a plurality of identity store configurations, wherein each identity store configuration is associated with a different identity store; a service type derived from the second SDP for use in creating a PaaS service, wherein the service type specifies one of the plurality of identity store configurations as a dependency; wherein when the PaaS service is created from the service type and deployed on one or more virtual machines defined and configured by the virtual assembly, the SME in the second SDP operates to retrieve, from the provider service, the identity store configuration specified by the service type, and use the retrieved identity store configuration to configure the associated identity store for use by the PaaS service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of managing identity store configurations in a platform as a service (PaaS) layer in a cloud environment, comprising:
-
providing, at one or more computers including a cloud environment executing thereon, a software suite within the cloud environment that supports provisioning PaaS services, and includes a first service definition package (SDP), and a second SDP, wherein each SDP includes a service management engine (SME),and a virtual assembly that defines and configures a set of virtual appliances; deriving a provider type from the first SDP for use in creating a provider service that stores and manages a plurality of identity store configurations, wherein each identity store configuration is associated with a different identity store; deriving a service type from the second SDP for use in creating a PaaS service, wherein the service type specifies one of the plurality of identity store configurations as a dependency; deploying the PaaS service created from the service type on one or more virtual machines defined and configured by the virtual assembly; retrieving, using the SME in the second SDP, the identity store configuration specified by the service type from the provider service; and using the retrieved identity store configuration to configure the associated identity store for use by the PaaS service. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable storage medium, including instructions stored thereon which when read and executed by one or more computers cause the one or more computers to perform the steps comprising:
-
providing, at one or more computers including a cloud environment executing thereon, a software suite within the cloud environment that supports provisioning PaaS services, and includes a first service definition package (SDP), and a second SDP, wherein each SDP includes a service management engine (SME),and a virtual assembly that defines and configures a set of virtual appliances; deriving a provider type from the first SDP for use in creating a provider service that stores and manages a plurality of identity store configurations, wherein each identity store configuration is associated with a different identity store; deriving a service type from the second SDP for use in creating a PaaS service, wherein the service type specifies one of the plurality of identity store configurations as a dependency; deploying the PaaS service created from the service type on one or more virtual machines defined and configured by the virtual assembly; retrieving, using the SME in the second SDP, the identity store configuration specified by the service type from the provider service; and using the retrieved identity store configuration to configure the associated identity store for use by the PaaS service. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification