Specializing support for a federation relationship
First Claim
1. A method for providing federated functionality within a data processing system, the method comprising:
- defining configuration data wherein the configuration data describes a federation relationship between an identity provider and a plurality of requestors;
configuring federation relationship data which is specific to a first specialized runtime, wherein identity provider configuration data is overridden by the configured federation relationship data;
receiving a first request having first runtime parameters at a first computing system for access to federation services from the identity provider, wherein the first request is made by a first requestor in the plurality of requestors;
examining the first request to determine the configuration data identified by the runtime parameters;
invoking an application using the configuration data identified by the runtime parameters, wherein the configuration data is dynamically retrieved during invocation of the application;
instantiating the first specialized runtime using the first runtime parameters at the first computing system for the first request, wherein the first specialized runtime provides requested federation services for the first requestor according to the configuration data, wherein the configuration data is dynamically retrieved during instantiating of the first specialized runtime; and
providing the requested federation services using the first specialized runtime.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention provides federated functionality within a data processing system by means of a set of specialized runtimes. Each of the plurality of specialized runtimes provides requested federation services for selected ones of the requestors according to configuration data of respective federation relationships of the requestors with the identity provider. The configuration data is dynamically retrieved during initialization of the runtimes which allows the respective runtime to be specialized for a given federation relationship. Requests are routed to the appropriate specialized runtime using the first requestor identity and the given federation relationship. The data which describes each federation relationship between the identity provider and each of the plurality of requesters is configured prior to initialization of the runtimes. Configuration data is structured into global specified data, federation relationship data and requestor specific data to minimize data change, making the addition or deletion of requestors very scalable.
231 Citations
16 Claims
-
1. A method for providing federated functionality within a data processing system, the method comprising:
-
defining configuration data wherein the configuration data describes a federation relationship between an identity provider and a plurality of requestors; configuring federation relationship data which is specific to a first specialized runtime, wherein identity provider configuration data is overridden by the configured federation relationship data; receiving a first request having first runtime parameters at a first computing system for access to federation services from the identity provider, wherein the first request is made by a first requestor in the plurality of requestors; examining the first request to determine the configuration data identified by the runtime parameters; invoking an application using the configuration data identified by the runtime parameters, wherein the configuration data is dynamically retrieved during invocation of the application; instantiating the first specialized runtime using the first runtime parameters at the first computing system for the first request, wherein the first specialized runtime provides requested federation services for the first requestor according to the configuration data, wherein the configuration data is dynamically retrieved during instantiating of the first specialized runtime; and providing the requested federation services using the first specialized runtime. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product comprising a computer readable storage medium storing executable instructions for:
-
defining configuration data wherein the configuration data describes a federation relationship between an identity provider and a plurality of requestors; configuring federation relationship data which is specific to a first specialized runtime, wherein identity provider configuration data is overridden by the configured federation relationship data; receiving a first request having first runtime parameters at a first computing system for access to federation services from the identity provider, wherein the first request is made by a first requestor in the plurality of requestors; examining the first request to determine the configuration data identified by the runtime parameters; invoking an application using the configuration data identified by the runtime parameters, wherein the configuration data is dynamically retrieved during invocation of the application; instantiating the first specialized runtime using the first runtime parameters at the first computing system for the first request, wherein the first specialized runtime provides requested federation services for the first requestor according to the configuration data, wherein the configuration data is dynamically retrieved during instantiating of the first specialized runtime; and providing the requested federation services using the first specialized runtime. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A apparatus for providing federated functionality within a data processing system, the apparatus comprising:
-
a bus system; a memory connected to the bus system, wherein the memory includes a set of instructions; and a processing unit connected to the bus, wherein the processing unit executes the set of instructions to;
define configuration data wherein the configuration data describes a federation relationship between an identity provider and a plurality of requestors;
configure federation relationship data which is specific to a first specialized runtime, wherein identity provider configuration data is overridden by the configured federation relationship data;
receive a first request having first runtime parameters at a first computing system for access to federation services from the identity provider, wherein the first request is made by a first requestor in the plurality of requestors;
to examine the first request to determine the configuration data identified by the runtime parameters;
invoke an application using the configuration data identified by the runtime parameters, wherein the configuration data is dynamically retrieved during invocation of the application;
instantiate the first specialized runtime using the first runtime parameters at the first computing system for the first request, wherein the first specialized runtime provides requested federation services for the first requestor according to the configuration data, wherein the configuration data is dynamically retrieved during instantiating of the first specialized runtime; and
provide the requested federation services using the first specialized runtime. - View Dependent Claims (13, 14, 15, 16)
-
Specification