Authenticated database connectivity for unattended applications

摘要

A custom database connectivity component is deployed in conjunction with a native database connectivity component and a credential manager. The custom connectivity component has a requestor interface for communicating with a requestor application, a credential service interface for communicating with the credential manager, a native database connectivity interface for communicating with native connectivity components, and a decision engine for determining how to convert a request from a requestor to an appropriate API call to the credential manager. The custom connectivity component provides an authenticated and authorized database connection for a requestor application. The component transparently serves retrieves database, or other target resource, credentials on a real time basis, without requiring code changes to the requestor application.

主权项

1. A computer-implemented method for providing secure credentials for accessing a target resource, which when executed on one or more processors, causes the one or more processors to perform steps of:
receiving a connection request to the target resource from an unattended requestor application, the connection request including target resource information identifying the target resource and configuration information necessary to authenticate the requestor application, wherein the configuration information of the requestor application is fingerprint information, which uniquely identifies a node of the requestor application; decoding the request to extract the target resource information and the configuration information required by a credential manager to authenticate the requestor application and to retrieve the secure credentials for accessing the target resource, the credential manager managing and storing credentials for the target resource; securely communicating the extracted information to the credential manager to retrieve credentials; generating a native target resource connection request to the target resource, including the retrieved credentials; and passing the native target resource connection request to a native target resource connectivity component to establish a connection between the requestor application and the target resource.