| US 7,461,400 B2 | ||
| Methods, systems, and computer program products for providing authentication in a computer environment | ||
| David Foster, Pinson, Ala. (US); and Suriya Sena, Birmingham, Ala. (US) | ||
| Assigned to AT&T Intellectual Property, I,L.P., Wilmington, Del. (US) | ||
| Filed on Dec. 22, 2004, as Appl. No. 11/22,257. | ||
| Prior Publication US 2006/0137001 A1, Jun. 22, 2006 | ||
| Int. Cl. H04L 9/32 (2006.01) | ||
| U.S. Cl. 726—10 [726/2; 726/8; 726/9; 709/220; 709/230; 709/232; 709/238] | 16 Claims |
| 1. A method for providing authentication in a computer environment, the method comprising:
receiving a request for a web service from a client, wherein the request is received at a J2EE based application server hosting
one or more applications, the request includes a Kerberos security token and a Kerberos service ticket, and each application
has its own Kerberos identity;
verifying that the client has access to the web service using the Kerberos security token and Kerberos service ticket as input
to the verifying; and
providing the client a connection to the web service if the verifying results in a determination that the client has access
to the web service;
wherein the web service is hosted on a BEA WebLogic application server, the request is received at the BEA WebLogic application
server;
the BEA WebLogic application server detelmining if the request includes a generic security service (GSS) framed Kerberos application
request in a simple object access protocol (SOAP) header; and
wherein the BEA WebLogic application server returns a security exception if the Kerberos application request is not in the
simple object access protocol (SOAP).
|