摘要:
An account manager plug-in for a Web server having an application programming interface (API). The plug-in is preferably a computer program product comprising a set of instructions (program code) encoded on a computer-readable substrate. This plug-in includes program code for establishing a set of one or more monitored resources (e.g., UrlCounter, ByteCounter, PageCounter and FailedLoginCounter) and for defining a threshold rule for at least one of the set of monitored resources. As Web transactions occur at the Web server, the account manager is responsive to a monitored resource exceeding a condition of a threshold rule for triggering one of a set of threshold actions. The set of threshold actions, for example, include clearing a record counter, running a given program, sending an e-mail note and disabling or enabling a user account.
摘要:
A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment. The distributed computing environment includes a security service for returning a credential to a user authenticated to access the distributed file system. In response to receipt by the Web server of a user id and password from the Web client, a login protocol is executed with the security service. If the user can be authenticated, a credential is stored in a database of credentials associated with authenticated users. The Web server then returns to the Web client a persistent client state object having a unique identifier therein. This object, sometimes referred to as a cookie, is then used to enable the Web client to browse Web documents in the distributed file system. In particular, when the Web client desires to make a subsequest request to the distributed file system, the persistent client state object including the identifier is used in lieu of the user's id and password, which makes the session much more secure. In this operation, the cookie identifier is used as a pointer into the credential storage table, and the credential is then retrieved and used to facilitate multiple file accessess from the distributed file system. At the same time, the Web client may obtain access to Web server (as opposed to distributed file system) documents via conventional user id and password in an HTTP request.
摘要:
A method of enabling an HTTP server plug-in to pass an unmangled environment variable into a CGI process begins by configuring the HTTP server to initially override a CGI service method. When the server processes an HTTP request, the server plug-in, which is called prior to the CGI service method and is running in a process of the HTTP server, inserts a “name value” pair prepended with a marker in a request header parameter block of the HTTP server. Then, the CGI service override method executes the server's original (i.e. native) CGI service method, causing it to run an encapsulation program in the CGI process. This program scans the environment of the CGI process for any string prepended with a given HTTP code (e.g., the string “HTTP_”) and the marker. If it finds any such string, the program strips the given HTTP code and the marker from a remainder of the string and resets the environment variable into the CGI process in an “unmangled” form. The target CGI program is then executed in the CGI process.
摘要:
A method of enabling a Web server to impersonate a Web client to thereby obtain access to files stored in a distributed file system of a distributed computing environment. The distributed computing environment includes a security service for returning a credential to a user authenticated to access the distributed file system. In response to receipt of a transaction request from the Web client, a determination is made whether the transaction request has originated from a user authenticated to access the distributed file system. If so, the Web server is controlled to reuse the credential of the user across multiple file accesses in the distributed file system on behalf of the Web client.
摘要:
A method of enabling persistent access by a Web server to files stored in a distributed file system of a distributed computing environment that includes a security service. A session manager is used to perform a proxy login to the security service on behalf of the Web server. Persistent operation of the session manager is ensured by periodically spawning new instances of the session manager process. Each new instance preferably initializes itself against a binding file. A prior instance of the session manager is maintained in an active state for at least a period of time during which the new instance of the session manager initializes itself. Upon receipt of a given transaction request from a Web client to the Web server, a determination is made regarding whether a new instance of the session manager process has been spawned while the Web server was otherwise idle. If so, the Web server is re-bound to the new instance of the session manager process so that the new instance of the session manager process can respond to the transaction request.
摘要:
A computer implemented method, apparatus, and computer usable program code to identify a policy for managing data in a data storage system. Raw data is located in the data storage system for processing to form located data. The located data is aggregated based on the policy to form aggregated data. The aggregated data is stored in the data storage system.
摘要:
A computer implemented method, apparatus, and computer usable program code to identify a policy for managing data in a data storage system. Raw data is located in the data storage system for processing to form located data. The located data is aggregated based on the policy to form aggregated data. The aggregated data is stored in the data storage system.
摘要:
A computer implemented method, apparatus, and computer usable program code for collecting data. The data is collected from a particular data source by an application portion of agent to form collected data. The application portion is associated with the particular data source in response to an event. The collected data stored in a temporary data store for transfer to a data storage system to form stored data. The stored data sent to the data storage system using a generic portion of the agent, wherein the generic portion of the agent is configured to send data to the data storage system.
摘要:
A computer implemented method for accessing data begins with receipt of a data access request. In response to determining that the requested data needs to be acquired in real time from an original data source, the processor acquires and stores that data. In response to determining that the data cannot be acquired in real time from the data source, the processor acquires the data from a configuration management database in which the requested data was previously stored.
摘要:
A computer implemented method, apparatus, and computer usable program code to aggregate data. Data is parsed for a behavior tag assigned to a portion of the data. In response to detecting a behavior tag, a determination is made as to whether a policy is associated with the behavior tag. The policy associated with a behavior tag defines how the portion of the data assigned to the behavior tag is to be aggregated. The portion of the data is aggregated using the policy associated with the behavior tag.