1. Field of the Invention
The present invention relates to an improved data processing system and, in particular, to a method and apparatus for multicomputer data transferring. Still more particularly, the present invention provides a method and apparatus for performing authorization decisions for controlling access to computational resources.
2. Description of Related Art
A relatively new type of application, called a web service application, has been implemented by service providers within the World Wide Web. Specification documents for standardizing programmatic interfaces between web service applications have been promulgated by various organizations and institutions. For example, W3C®, or the World Wide Web Consortium, has drafted specifications for a Web Services Description Language (WSDL), which is an XML-based (extensible Markup Language) language for describing web services. According to W3C®, WSDL is an XML format for describing network services as a set of endpoints that operate on messages that contain either document-oriented or procedure-oriented information. A WSDL description of a service contains two parts: an abstract part and a concrete part. The abstract WSDL description of a resource describes the resource in the most generic terms. The concrete WSDL description provides a binding of this abstract WSDL to a particular message format and network protocol. For example, it is in the concrete WSDL description that a binding to SOAP/HTTP is made. A given abstract WSDL description can be bound to multiple formats, such as SOAP/HTTP, SOAP/JMS, and even RMI/IIOP. The operations and messages are described abstractly and then bound to a concrete network protocol and message format to define an endpoint. Related concrete endpoints are combined into services. WSDL is extensible to allow description of endpoints and their messages regardless of what message formats or network protocols are used to communicate.
A typical enterprise's data processing system contains robust support for security-related operations. Within a data processing system, enterprises often use support servers to provide authorization, authentication, and session management services as a front-end to application servers. It would be advantageous to have a method and a system within a computing environment to extend access management of computational resources to include web services as defined within WSDL documents.