1. Field of the Invention
The present invention relates to computer applications. More specifically, the present invention relates to a method and apparatus for providing access to an application-resource.
2. Related Art
Large organizations often use enterprise application-systems that include a large number of application-resources, such as application-screens and data. Typically, these large organizations want to be able to exert fine-grained control over their enterprise application-systems and their associated application-resources. Existing methods for providing this type of control are cumbersome and obtrusive.
For example, one commonly used method for exerting fine-grained control over enterprise application-systems involves maintaining several endpoints (e.g. URLs), wherein each end-point is associated with an authentication-level and a set of application-resources, which have the same authentication-level as the end-point. Furthermore, a different server typically hosts each end-point. Unfortunately, maintaining multiple end-points makes it hard to efficiently administer such a system. In addition, users who want to access multiple application-resources, which are associated with different end-points, are usually required to authenticate several times—once for each end-point. Furthermore, a user is often required to re-authenticate at an end-point that the user previously accessed because a session associated with the end-point expired while the user was accessing another end-point. This can create further frustration for the user.
Moreover, each time an organization wants to integrate a new application into an enterprise application-system, an administrator is typically required to configure each associated end-point to handle the new set of application-resources associated with the new application. This may also require new end-points to be created, which further increases the amount of effort involved in maintaining the enterprise application-system.
Hence, what is needed is a method and an apparatus for controlling access to application-resources without the problems listed above.