Security is an important feature of any server-based product that automates processes and managed data. In particular, with an enterprise resource planning (ERP) system, there is often a need to provide users with access to business systems and business applications in a secure manner. For example, in a traditional perimeter network (TPN) topology, two connected networks separated by a firewall are provided: a demilitarized zone (DMZ), also referred to as a perimeter network, and a secure intranet, also referred to as an internal network. The perimeter network is accessible from an extranet, such as the Internet, and access between the perimeter network and the extranet is controlled by a firewall. The secure intranet hosts a business application and/or a business database. Because unauthorized access may occur between an extranet user and the perimeter network, there is a one-way trust relationship from the perimeter network to the intranet, such that the perimeter network trusts the intranet, but the intranet does not trust the perimeter network. As a result, while the secure intranet may authenticate and authorized internal users, such as users having an intranet business application account and identification, the secure intranet does not authenticate and authorize extranet clients accessing the secure intranet via the perimeter network even if the extranet client is also a business application user.
Although client-side authentication, such as Windows authentication from a Windows domain account, may be used to access a secure intranet business application, the intranet business application may inherently limit the extent to which an authenticated client's credentials may be subsequently reused for authorization purposes in the intranet business application. As a result, in a TPN topology, an extranet client may authenticate against the perimeter network using client-side authentication, but because the intranet does not cross the perimeter network, the intranet does not authenticate the extranet client based on the client-side authentication because the identity of the extranet client is maintained in the perimeter network.
In addition, an extranet client may submit a request to be processed by the intranet business application in an off-line scenario, such that the extranet user is no longer available. In other words, a live user context no longer exists for authentication and authorization in order to process the request.