1. Field of the Invention
The invention relates generally to supporting a Web Based Enterprise Management (“WBEM”) environment and more specifically relates to providing unified support for a WBEM solution.
2. Discussion of Related Art
Web Based Enterprise Management (“WBEM”) comprises standard-based technologies for a client to communicate system/device management messages with a server. More specifically, a specially designed client application opens a port of the server and uses the Hypertext Transfer Protocol (“HTTP”) to exchange the management messages with the server. However, typically the specially designed client application needs to be installed and maintained at a client computer. For example, when a device of the server is updated with added capabilities, not only does the server need to be updated, but each client computer having the specially designed client application also needs to be updated to support the added capabilities.
One possible solution is to allow the client computer to launch a general purpose web browser to download an applet (or a small program, or part of a small program) from the server, and then execute the applet within the general purpose web browser. However, a security concept known as same origin policy, which specifies that an applet is not allowed to communicate with other than the applet's origin site and port, usually prevents the applet from being operational. For example, the origin port (e.g., port 80) from which the applet is downloaded is usually different from the port (e.g., WBEM port 5988 for a WBEM server) that the applet needs to communicate with to exchange management messages.
One possible method to circumvent the “same origin policy” is to use a proxy server. The applet would be downloaded from the proxy server (e.g., from port 80 of the proxy server), and the applet would communicate with the proxy server (e.g., still using port 80) such that, based on certain rules, the proxy server finally forwards management messages to the WBEM server (that may reside at WBEM port 5988 of the proxy server and/or on a different server). However, there would at least be two components (i.e., the proxy server and the WBEM server) that occupy server memory and resources, and need to be installed, configured, and supported. Importantly, having two components also opens up more possibilities (e.g., both ports 80 and 5988 are both open) for external network attacks with critical security ramifications.
Thus it is an ongoing challenge to provide unified support for a WBEM solution.