The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Feb. 04, 2014
Filed:
Jun. 17, 2011
Elisa Ferracane, Austin, TX (US);
Paul William Bennett, Austin, TX (US);
William J. O'donnell, Fichburg, WI (US);
Ajay Reddy Karkala, Austin, TX (US);
UT Van Le, Austin, TX (US);
Michael Craig Thompson, Austin, TX (US);
Maxim Avery Moldenhauer, Durham, NC (US);
Elisa Ferracane, Austin, TX (US);
Paul William Bennett, Austin, TX (US);
William J. O'Donnell, Fichburg, WI (US);
Ajay Reddy Karkala, Austin, TX (US);
Ut Van Le, Austin, TX (US);
Michael Craig Thompson, Austin, TX (US);
Maxim Avery Moldenhauer, Durham, NC (US);
International Business Machines Corporation, Armonk, NY (US);
Abstract
A method is described for merging security constraints associated with an application when using security annotations. The application comprises one or more servlets, such as a Java servlet. During application deployment, a list of role names is generated by merging static security constraints, for example, identified in a deployment descriptor, and in a static security annotation that defines a list containing the names of authorized roles for a servlet. Later, during application runtime in an application server, security constraints are retrieved from a plurality of sources, including both dynamic and static security annotations. Using the list of role names and the security constraints retrieved, a set of merged security constraints having a defined and proper order of precedence is generated. In particular, preferably one or more dynamic security annotations are first merged with one or more static security annotations to generate a set of runtime constraints. The security constraints from the deployment descriptor are then merged with the set of runtime constraints and the list of roles to generate the set of merged security constraints. These merged security constraints are then applied to process a request being handled by the application server.