Simplifying determination of the groups to which users belong when using dynamic groups
First Claim
1. A computing system comprising:
- an identity management server to process membership requests related to a plurality of dynamic groups based on a user data and a plurality of rules;
a collaboration system to execute an application requiring a set of dynamic groups to which a user belongs, wherein said set of dynamic groups is contained in said plurality of dynamic groups; and
a search tool operable to;
receive a plurality of rules and a user data, said user data containing a set of attributes and corresponding values related to each of a plurality of users, each of said plurality of rules specifying a corresponding criteria to be used to include each user as a member of a corresponding dynamic group,said criteria specifying at least one attribute and a corresponding condition with respect to the condition to be satisfied for a user to be included in the corresponding dynamic group;
maintain a cache data indicating which of a plurality of users are members of which of said plurality of dynamic groups, wherein the members of each group are determined by checking whether the value of an attribute for the corresponding user in said user data satisfies the condition contained in the criteria for being included in the corresponding dynamic group;
receive a membership request from said application, said membership request requesting said set of dynamic groups to which said user belongs,said membership request including an identifier of said user to indicate that the set of dynamic groups to which said user belongs, is being requested;
examine said cache data to determine said set of dynamic groups to which said user belongs; and
send a response to said application indicating that said user belongs to said set of dynamic groups,wherein said cache data is maintained before said search tool receives said membership request.
1 Assignment
0 Petitions
Accused Products
Abstract
A search tool provided according to an aspect of the present invention maintains a cache data indicating which users are members of which dynamic groups. When a membership request is received requesting a set of dynamic groups to which a user belongs, the search tool examines the cache data to determine the set of dynamic groups to which the user belongs and sends the determined groups as a response to the membership request. According to another aspect of the present invention, the search tool may store an include list and an exclude list, respectively indicating the users to be included and excluded from each dynamic group. The lists are inspected in forming the set of dynamic groups to which the user belongs.
15 Citations
21 Claims
-
1. A computing system comprising:
-
an identity management server to process membership requests related to a plurality of dynamic groups based on a user data and a plurality of rules; a collaboration system to execute an application requiring a set of dynamic groups to which a user belongs, wherein said set of dynamic groups is contained in said plurality of dynamic groups; and a search tool operable to; receive a plurality of rules and a user data, said user data containing a set of attributes and corresponding values related to each of a plurality of users, each of said plurality of rules specifying a corresponding criteria to be used to include each user as a member of a corresponding dynamic group, said criteria specifying at least one attribute and a corresponding condition with respect to the condition to be satisfied for a user to be included in the corresponding dynamic group; maintain a cache data indicating which of a plurality of users are members of which of said plurality of dynamic groups, wherein the members of each group are determined by checking whether the value of an attribute for the corresponding user in said user data satisfies the condition contained in the criteria for being included in the corresponding dynamic group; receive a membership request from said application, said membership request requesting said set of dynamic groups to which said user belongs, said membership request including an identifier of said user to indicate that the set of dynamic groups to which said user belongs, is being requested; examine said cache data to determine said set of dynamic groups to which said user belongs; and send a response to said application indicating that said user belongs to said set of dynamic groups, wherein said cache data is maintained before said search tool receives said membership request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of determining dynamic groups to which users belong, said method comprising:
-
receiving a plurality of rules and a user data, said user data containing a set of attributes and corresponding values related to each of a plurality of users, each of said plurality of rules specifying a corresponding criteria to be used to include each user as a member of a corresponding dynamic group, said criteria specifying at least one attribute and a corresponding condition with respect to the condition to be satisfied for a user to be included in the corresponding dynamic group; maintaining a cache data indicating which of a plurality of users are members of which of a plurality of dynamic groups, wherein the members of each group are determined by checking whether the value of an attribute for the corresponding user in said user data satisfies the condition contained in the criteria for being included in the corresponding dynamic group; receiving a membership request requesting a set of dynamic groups to which a user belongs, said membership request including an identifier of said user to indicate that the set of dynamic groups to which said user belongs, is being requested; examining said cache data to determine said set of dynamic groups to which said user belongs; and sending a response to said membership request indicating that said user belongs to said set of dynamic groups, wherein said maintaining is performed prior to receiving said membership request. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A machine readable medium carrying one or more sequences of instructions for causing a system to determine dynamic groups to which users belong, wherein execution of said one or more sequences of instructions by one or more processors contained in said system causes said system to perform the actions of:
-
receiving a plurality of rules and a user data, said user data containing a set of attributes and corresponding values related to each of a plurality of users, each of said plurality of rules specifying a corresponding criteria to be used to include each user as a member of a corresponding dynamic group, said criteria specifying at least one attribute and a corresponding condition with respect to the condition to be satisfied for a user to be included in the corresponding dynamic group; maintaining a cache data indicating which of a plurality of users are members of which of a plurality of dynamic groups, wherein the members of each group are determined by checking whether the value of an attribute for the corresponding user in said user data satisfies the condition contained in the criteria for being included in the corresponding dynamic group; receiving a membership request requesting a set of dynamic groups to which a user belongs, said membership request including an identifier of said user to indicate that the set of dynamic groups to which said user belongs, is being requested; examining said cache data to determine said set of dynamic groups to which said user belongs; and sending a response to said membership request indicating that said user belongs to said set of dynamic groups, wherein said maintaining is performed prior to receiving said membership request. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification