摘要 |
A method and system for password mediation including identifying an HTTP request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system, obtaining user credentials using the HTTP request, requesting security information for the user with respect to the destination system, determining whether the user is allowed to perform the operation based on the security information, and upon determining that the user is allowed to perform the operation, modifying the HTTP request based on the security information and sending the modified HTTP request to the destination system. |
主权项 |
1. A method comprising;
identifying a hypertext transfer protocol (HTTP) request issued by a client application executing on a client device, the HTTP request indicating an operation to be performed for a user of the client application at a destination system; obtaining user credentials using the HTTP request; requesting security information for the user with respect to the destination system, wherein the security information comprises a password; determining, by a processor, whether the user is allowed to perform the operation in view of the security information; and upon determining that the user is allowed to perform the operation, modifying the HTTP request in view of the security information and sending the modified HTTP request to the destination system. |