Dynamic identity context propagation
US8966572B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 1, 2012 |
| Grant date | Feb 24, 2015 |
| Priority date | — |
| Expiry date | Jan 2, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/20
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Techniques are provided for dynamically propagating identity context for a user in a Service-Oriented Architecture. Methods and apparatus are provided that include receiving a request to invoke a web service, retrieving first security claims from application identity context information pertaining to a user, generating second security claims at runtime, packaging the first and second security claims into an authentication token, and transmitting the authentication token to a second computer system in a service request. The second computer system can be configured to extract the first and second security claims from the authentication token, validate the extracted first and second security claims, generate identity context information based upon the extracted first and second security claims, and publish and propagate the identity content information in an identity context object. The second computer system can verify that the security claims conform to corresponding security claim schemas stored in a claims dictionary.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.