Mannan Mohammed - Gilbert AZ, US Saivendra Kayal - Irvine CA, US Ron Tielke - Phoenix AZ, US Mark Brown - Chandler AZ, US Nathan Dolly - Battle Ground WA, US
Assignee:
MICROSOFT CORPORATION - Redmond WA
International Classification:
H04L 9/32
US Classification:
726 21
Abstract:
An authorization framework located external to an application may be invoked to determine user authorization for a requested application component. Small amounts of supplemental authentication code are added to application code to invoke provider modules within the authentication framework. The provider modules perform authorization functions outside of the application and return authorization results to the application. The functions include determining a user role, determining the permissions associated with the user role, comparing the role permissions to the security defined on the requested application component by a rule, and returning an authorization state to the authentication framework. The supplemental authentication code may invoke one or more providers through provider interfaces that translate requests to a particular provider. Using the provider based authorization framework, authorization for an application component is achieved externally without hard-coding authorization code within the application itself.
