Method and system for pluggability of federation protocol runtimes for federated user lifecycle management
First Claim
1. A method for providing federated functionality within a data processing system, the method comprising:
- configuring one or more pluggable modules into a federated user lifecycle management functionality with a federated computing environment, each of the pluggable modules having associated therewith a set of one or more runtime parameters to be used during federation transactions;
receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within the federated computing environment;
analyzing an incoming request with the point-of-contact functionality;
in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality without the request requiring processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the resource accessing functionality; and
in response to a determination that the received request requires processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality invokes one of the pluggable modules and its associated runtime parameters to provide a federated user lifecycle management function during a federation transaction;
wherein the pluggable modules enable the federated user lifecycle management functionality to support multiple, simultaneous, federated user lifecycle management functions on an as-needed basis without requiring changes to an existing infrastructure.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and a system are presented in which federated domains interact within a federated environment. Domains within a federation can initiate federated operations for a user at other federated domains. A point-of-contact server within a domain relies upon a trust proxy within the domain to manage trust relationships between the domain and the federation. The point-of-contact server receives incoming requests directed to the domain and interfaces with a first application server and a second application server, wherein the first application server responds to requests for access to controlled resources and the second application server responds to requests for access to federated user lifecycle management functions, which are implemented using one or more pluggable modules that interface with the second application server.
39 Citations
41 Claims
-
1. A method for providing federated functionality within a data processing system, the method comprising:
-
configuring one or more pluggable modules into a federated user lifecycle management functionality with a federated computing environment, each of the pluggable modules having associated therewith a set of one or more runtime parameters to be used during federation transactions; receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within the federated computing environment; analyzing an incoming request with the point-of-contact functionality; in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality without the request requiring processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the resource accessing functionality; and in response to a determination that the received request requires processing by federated user lifecycle management functionality, sending the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality invokes one of the pluggable modules and its associated runtime parameters to provide a federated user lifecycle management function during a federation transaction; wherein the pluggable modules enable the federated user lifecycle management functionality to support multiple, simultaneous, federated user lifecycle management functions on an as-needed basis without requiring changes to an existing infrastructure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An apparatus for providing federated functionality within a data processing system, the apparatus comprising:
-
a processor; a computer memory holding computer program instructions which when executed by the processor perform a method comprising; configuring one or more pluggable modules into a federated user lifecycle management functionality with a federated computing environment, each of the pluggable modules having associated therewith a set of one or more runtime parameters to be used during federation transactions; receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within the federated computing environment; analyzing an incoming request with the point-of-contact functionality; sending, in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality, the received request from the point-of-contact functionality to the resource accessing functionality; and sending, in response to a determination that the received request is directed to accessing federated user lifecycle management functionality, the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality responds to requests for access to federated user lifecycle management functions by invoking one of the pluggable modules and its associated runtime parameters to provide a federated user lifecycle management function during a federation transaction; wherein the pluggable modules enable the federated user lifecycle management functionality to support multiple, simultaneous, federated user lifecycle management functions on an as-needed basis without requiring changes to an existing infrastructure. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A computer program product on a computer storage medium for use in a data processing system for providing federated functionality, the computer program product holding computer program instructions which when executed by the data processing system perform a method comprising:
-
configuring one or more pluggable modules into a federated user lifecycle management functionality with a federated computing environment, each of the pluggable modules having associated therewith a set of one or more runtime parameters to be used during federation transactions; receiving an incoming request at point-of-contact functionality within a domain, wherein the domain is associated with a plurality of domains within the federated computing environment; analyzing an incoming request with the point-of-contact functionality; sending, in response to a determination that the received request is directed to accessing a resource that is controlled by resource accessing functionality, the received request from the point-of-contact functionality to the resource accessing functionality; and sending, in response to a determination that the received request is directed to accessing federated user lifecycle management functionality, the received request from the point-of-contact functionality to the federated user lifecycle management functionality, wherein the federated user lifecycle management functionality responds to requests for access to federated user lifecycle management functions by invoking one of the pluggable modules and its associated runtime parameters to provide a federated user lifecycle management function during a federation transaction; wherein the pluggable modules enable the federated user lifecycle management functionality to support multiple, simultaneous, federated user lifecycle management functions on an as-needed basis without requiring changes to an existing infrastructure. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A data processing system comprising:
-
a management application having an associated interface for configuring one or more pluggable modules into a federated user lifecycle management functionality with a federated computing environment, each of the pluggable modules having associated therewith a set of one or more runtime parameters to be used during federation transactions; a point-of-contact server, wherein the point-of-contact server receives incoming requests directed to a domain, wherein the domain is associated with a plurality of domains within the federated computing environment; a first application server that interfaces with the point-of-contact server, wherein the first application server responds to requests for access to controlled resources; and a second application server that interfaces with the point-of-contact server, wherein the second application server responds to requests for access to federated user lifecycle management functions by invoking one of the pluggable modules and its associated runtime parameters to provide a federated user lifecycle management function during a federation transaction; wherein the pluggable modules enable the federated user lifecycle management functionality to support multiple, simultaneous, federated user lifecycle management functions on an as-needed basis without requiring changes to an existing infrastructure. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
-
Specification