The present invention relates to multiplatform computer system networks, and more particularly to the grouping of computer systems in the networks.
In distributed computer networks, many operating system platforms may be employed on server and client systems within the network. Each different platform utilizes its own administrative rules for user login procedures. Thus, each platform typically has characteristic techniques for assigning user identifiers and passwords to control access to the resources and services of the system. In large, heterogeneous network environments, difficulty exists in providing user access to resources on a platform that is different than the one the user is logged into. Thus, the user is restricted from effectively and efficiently utilizing the resources of the network.
One method and system of providing a common user identify and to integrate the user""s experience among different platforms without being intrusive is developed by International Business Machines Corporation(trademark). This method and system is described in co-pending U.S. Patent Application entitled, xe2x80x9cMethod and System for a Heterogeneous Computer Network System with Unobtrusive Cross-Platform User Accessxe2x80x9d, Ser. No. 09/165,368, filed on Oct. 2, 1998. In an exemplary system aspect, a plurality of computer systems are coupled in a network, each of the computer systems operating according to one of a plurality of operating system platforms. Each of the operating system platforms has an associated security mechanism. The network further includes an enterprise directory included on at least one server system of the computer systems. The Enterprise Directory is configured for security interception to allow an authorized user access among the services of the computer systems without affecting the associated security mechanisms of the operating system platforms.
Through this network, local security procedures and policies apply on each platform, thus allowing users to log-on to a single network operating system according to that system""s known log-in procedures. A user object is achieved that, when spanning all systems, provides a distributed user context that is useful in unobtrusively achieving access to separate platforms. However, this network may be inefficient in that each user object has access to all systems in the network. It may be unnecessary or undesirable for a user object to have such broad access.
Difficulty also exists for user access through the Internet to large heterogeneous network environments. For example, XYZ Corporation may build a web site and provide application logic behind the web site on one system on a particular platform. The same corporation may build another web site on another system with a different platform. The web sites may not be linked to one another. The effect of the lack cooperation between XYZ Corporation""s web sites is Internet user aggravation and an inability for XYZ Corporation to collect coordinated data on their Internet customers. For example, and Internet user interacts with a web application on one of the systems. This system asks the Internet user for his or her name, address, credit-card information, and many others things. The Internet user also interacts with a web application on another system. Since these systems do not share any user context information, the second system asks the Internet user to enter the same information again. The Internet user is thus aggravated, because XYZ Corporation does not behave as one company, making the user perform extra typing for no obvious benefit.
In addition to aggravating the Internet user, XYZ Corporation also deprives itself of coordinated customer data across its divisions. At a minimum, coordinating customer data is difficult since XYZ Corporation will need to mine data from several sources and to cross check for duplicated customers.
Accordingly, there exists in need for a method and system for providing cross-platform access to an Internet user in a heterogeneous network environment. The present invention addresses such a need.
The present invention provides a method and system for providing cross-platform access to Internet users of a heterogeneous grouping of computers. In a system aspect, the system includes a plurality of heterogeneous computer systems, at least one of the plurality of computer systems including an Internet user identity; and an enterprise directory service, the enterprise directory service being shared by the plurality of computer systems, the enterprise directory including at least one enterprise role which is associated with the Internet user identity, the at least one enterprise role capable of being used to access the plurality of computer systems independently of any specific operating system user identification. By allowing enterprise roles to be defined independently of any specific operating system user identification, flexibility is injected into the network configuration and Internet user aggravation is reduced. Enterprise roles may also be provided in the context of enterprise groups, allowing access to systems in the network by Internet users to be more readily controlled.