1. Field of the Invention
The present invention relates generally computer implemented methods. More specifically, the present invention relates to computer implemented methods for submitting web service data within a user's security context by using proxy content.
2. Description of the Related Art
Web services have become increasingly popular with application developers. Using web services to implement a distributed computing model allows application-to-application communication. For example, one purchase-and-ordering application could communicate to an inventory application that specific items need to be reordered. Because of this level of application integration, Web services have grown in popularity and are beginning to improve business processes.
However, because web services are based on application-to-application communication, security of the application-to-application communication has become increasingly important. The application-to-application interactions enabled by web services create a situation where web service security to address topics, such as access control, authentication, data integrity, and privacy, is increasingly important.
Problems often arise when web services request information or services that require a security authorization from a client. Because the web service request was not received by the web service directly from the client, the web service must trust the assertions made by the forwarding application server that the application server is entitled to act on behalf of the client. Thus, retrieval of information from the web service is not made using the client's own security context. The security context is the client's stored passwords and security settings contained locally on the client's data processing system. Thus, any secured information required to access the requested web services must be originally included in the request from the client to application server which then makes the request for the web service.