| 发明名称 |
CONFIGURABLE ADAPTIVE ACCESS MANAGER CALLOUTS |
| 摘要 |
A framework, which conforms to the OAuth standard, involves a generic OAuth authorization server that can be used by multiple resource servers in order to ensure that access to resources stored on those resource servers is limited to access to which the resource owner consents. Each resource server registers, with the OAuth authorization server, metadata for that resource server, indicating scopes that are recognized by the resource server. The OAuth authorization server refers to this metadata when requesting consent from a resource owner on behalf of a client application, so that the consent will be of an appropriate scope. The OAuth authorization server refers to this metadata when constructing an access token to provide to the client application for use in accessing the resources on the resource server. The OAuth authorization server uses this metadata to map issued access tokens to the scopes to which those access tokens grant access. |
| 申请公布号 |
US2015089570(A1) |
申请公布日期 |
2015.03.26 |
| 申请号 |
US201414266496 |
申请日期 |
2014.04.30 |
| 申请人 |
Oracle International Corporation |
发明人 |
Sondhi Ajay;Bhat Shivaram;Hingarajiya Ravi |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer-implemented method comprising:
storing, at an OAuth authorization server, a first mapping between a first adaptive access manager and a first identity domain of a plurality of identity domains; receiving, at the OAuth authorization server, a first authentication request from a first user associated with the first identity domain; in response to receiving the first authentication request, determining, based on the first mapping, that the first adaptive access manager is associated with an identity domain with which the first user is associated; in response to determining that the first adaptive access manager is associated with an identity domain with which the first user is associated, the OAuth authorization server making a first call to the first adaptive access manager; receiving, at the OAuth authorization server, from the first adaptive access manager, a first response that indicates that stronger than standard authentication is to be performed; and in response to receiving the first response, the OAuth authorization server performing stronger than standard authentication while attempting to authenticate the first user. |
| 地址 |
Redwood Shores CA US |
