Legal claims defining the scope of protection, as filed with the USPTO.
1. A method of providing messages securely, the method comprising: receiving a request message at a cloud server that provides a cloud service to a plurality of tenants, the message complying with a protocol other than HyperText Transfer Protocol (HTTP); putting the request message on a Java Messaging Service (JMS) tenant request message queue for a first tenant of the plurality of tenants, wherein the JMS tenant request message queue resides on the cloud server; establishing an HTTP connection between the cloud server and a connector server in response to a request from the connector server to establish the HTTP connection between the connector server and the cloud server, wherein the connector server is located within an enterprise that is associated with the first tenant; receiving, at the cloud server from the connector server over the HTTP connection, an HTTP request for a message for the first tenant; accessing the request message from the JMS tenant request message queue for the first tenant; and providing the request message from the cloud server to the connector server over the HTTP connection in response to the cloud server determining that the connector server is authorized to receive messages for the first tenant.
2. The method of claim 1 , further comprising: the cloud server challenging the connector server for credentials for the first tenant in response to the request from the connector server to establish the HTTP connection; and the cloud server verifying credentials provided by the connector server in response to the challenge as a condition of establishing the HTTP connection.
3. The method of claim 1 , further comprising: the cloud server challenging the connector server for credentials for the first tenant in response to the request from the connector server for a message for the first tenant; and the cloud server verifying credentials provided by the connector server in response to the challenge as a condition of providing the message for the first tenant to the connector server.
4. The method of claim 1 , further comprising the cloud server converting the HTTP request to a request format that is compliant with a protocol associated with the message queue in order to remove the message from the message queue.
5. The method of claim 4 , wherein the converting the HTTP request to a request format that is compliant with the message queue comprises converting the HTTP request to a JMS request.
6. The method of claim 1 , wherein the receiving a message at the cloud server that provides a cloud service a plurality of tenants comprises: receiving a message having a protocol that is not allowed through a firewall associated with the connector server.
7. The method of claim 1 , wherein the receiving a message at the cloud server that provides a cloud service to a plurality of tenants comprises receiving the message at a Lightweight Directory Access Protocol (LDAP) server.
8. The method of claim 1 , wherein the HTTP connection is an HTTP/S connection.
9. The method of claim 1 , wherein the request message is a request made by an identity management service provided through the cloud service.
10. The method of claim 1 , further comprising: receiving a response message at the cloud server from the connector server over the HTTP connection; and placing the response message on a JMS tenant response message queue for the first tenant, wherein the JMS tenant response message queue resides on the cloud server.
11. The method of claim 1 , further comprising: synchronizing a clock of the cloud server with a clock of the connector server; establishing a time to live parameter for the request message based on the clock of the cloud server; and determining by the connector server whether the request message has timed out based on the time to live parameter and the clock of the connector server after it has been synchronized to the clock of the cloud server.
12. A system for securely providing messages, the system comprising: a processor that is configured to: provide a cloud service for a plurality of tenants via a cloud server; receive a request message having a protocol other than HyperText Transfer Protocol (HTTP); put the request message on a Java Messaging Service (JMS) tenant request message queue for a first tenant of the plurality of tenants, wherein the JMS tenant request message queue resides on the cloud server; receive a request at the cloud server from a connector server to open an HTTP connection between the cloud server and the connector server, wherein the connector server is located within an enterprise that is associated with the first tenant; receive, at the cloud server from the connector server, an HTTP request for a message for the first tenant; validate that the connector server is authorized to receive messages for the first tenant; access the request message from the JMS tenant request message queue for the first tenant; and provide the request message to the connector server over the HTTP connection in response to validating the connector server.
13. The system of claim 12 , wherein the processor is further configured to: challenge the connector server for credentials for the first tenant in response to the request to open the HTTP connection; and check credentials provided by the connector server in response to the challenge as a condition of providing the message.
14. The system of claim 12 , wherein the processor is further configured to: challenge the connector server for credentials for the first tenant in response to the request from the connector server for a message for the first tenant; and verifying credentials provided by the connector server in response to the challenge as a condition of providing the message for the first tenant to the connector server.
15. The system of claim 12 , wherein the processor being configured to receive the message comprises the processor being configured to receive a Lightweight Directory Access Protocol (LDAP) message, the processor is configured to convert the LDAP message to a Java Messaging Service (JMS) message.
16. The system of claim 12 , wherein the processor is further configured to convert the HTTP request to a request format that is compliant with the JMS tenant request message queue to remove the message from the message queue.
17. The system of claim 12 , wherein the processor is further configured to convert the HTTP request to an ActiveMQ request to remove the message from the JMS tenant request message queue.
18. The system of claim 12 , wherein the cloud service is an identity management service, the request message is from the identity management service.
19. A computer program product comprising: a non-transitory computer readable storage medium comprising computer readable program code embodied therewith, the computer readable program code comprising: computer readable program code configured to provide a cloud service for a plurality of tenants via a cloud server; computer readable program code configured to receive a request message at the cloud server having a protocol other than HyperText Transfer Protocol (HTTP); computer readable program code configured to put the request message on a Java Messaging Service (JMS) tenant request message queue for a first tenant of the plurality of tenants, wherein the JMS tenant request message queue resides on the cloud server; computer readable program code configured to receive a request from a connector server to open an HTTP connection between the connector server and the cloud server wherein the connector server is located within an enterprise that is associated with the first tenant, wherein the connector server is a tenant consumer of the JMS tenant request message queue; computer readable program code configured to receive, at the cloud server from the connector server, an HTTP request for a message for the first tenant; computer readable program code configured to validate that the connector server is authorized to receive messages for the first tenant; computer readable program code configured to access the request message from the JMS tenant request message queue for the first tenant; and computer readable program code configured to provide the request message from the cloud server to the connector server over the HTTP connection in response to validating the connector server.
20. The computer program product of claim 19 , wherein the request message is an LDAP message, the computer readable program code is configured to convert the LDAP to a Java Messaging Service (JMS) message.
21. The computer program product of claim 19 , wherein the computer readable program code is configured to convert the HTTP request to an ActiveMQ request to remove the request message from the JMS tenant request message queue.
Unknown
February 23, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.