The present invention relates to web applications.
The Internet has now become the primary global digital information distribution service. The World Wide Web (Web) allows users to navigate Internet resources in an exploratory way, without using internet protocol (IP) addresses or other special technical knowledge. The Web is made up of interconnected web pages, or web documents stored on web servers. These pages are accessed with the use of a web browser. Web browsers use URL addresses to access resources on the Internet.
The Web uses a transfer protocol known as Hypertext Transfer Protocol (HTTP). HTML and other types of web pages are made up of content text as well as formatting codes that indicate how the page should be displayed. A web browser interprets these codes in order to display the page.
The HTML, or other, code that makes up each web page may be dynamically generated by an event-driven program that is running on the server hardware. This type of program is known as a web application. In the following, the term “web server” will be used to refer to the logical entity that provides a web page in response to an http request and “web application” to the set of components that provide this function using general-purpose computing platforms within general-purpose operating environments such as are provided by the Microsoft Windows, Linux or HP-UX operating systems and their related programming libraries and tools.
Web applications are generally event-driven programs which react to HTTP requests from the client, the http request being directed to a web address (a URL). The web application will generate and return a web page to the browser. The difference between this type of arrangement and a simple “static” site is that each action the user takes can have some semantics associated with it. In other words, the resulting web page can differ according to the user, the current time or other factors prevailing in the system.
Thus, when the web application receives an event, it is arranged to evaluate the received event and decide how to respond to the client. This evaluation process may involve interaction with business logic of some kind. The interaction with the business logic can take place independently of the screen design or user interface and often involves transactions with back-end systems, such as remote databases. In web applications, the server side code that is responsible for the user interface (ie generation of the web pages to be served) is sometimes referred to as the presentation layer. For instance, in order to generate a web page, the presentation layer may need to access business data, such as a list of names and addresses. This can be obtained from the business logic, which can request the list from a database. The retrieved data can then be used by the presentation layer to build an appropriate HTML table for display, or rendering, by the browser.
Thus a web application can naturally be separated into a presentation layer, a business and a data layer. This separation is often referred to in web application server literature as the 3-tier model. Physically, the 3 tiers can be implemented separately and on different servers, a feature that can lead to greater scalability and an ability to process more client requests simultaneously.
One well-established architecture for user interfaces which facilitates event driven systems such as this is known as the Model-View-Controller or MVC architecture. The role of the controller in the MVC architecture is to determine the control flow of the system. It must process an incoming event from the user interface and determine the next state of the user interface. In addition, the controller generally must use the model component to carry out any actions required. This can change the state of the underlying business system. With this approach, the state of the underlying business system and the state of the user interface are two different, though often related, things. Thus, the presentation layer of a typical web application can be seen to comprise the view and controller elements. The model element, on the other hand, is separate from the presentation layer views and controllers. It is there to provide services to the presentation layer including access to persistent storage and thus represents the business logic and data layers.
It is possible to use a state machine for controlling a web application. For instance, a deterministic presentation layer can be achieved by modeling the User Interface using statecharts and then implementing the statechart design as part of a Model-View-Controller (MVC) engine that includes a State machine.
A further example of the use of a state machine for controlling a web application can be found in US2002/0080200 which describes a web application in which a state machine is provided to manage execution and display of a web site. The state machine includes display states and action states. In addition, the Perl module CGI::MxScreen uses a state machine to express its processing logic.
Due to their increasing size and complexity, web applications, and the service packages they are being used to provide, are to an ever-greater extent being developed as general purpose items that are configurable for deployment in a particular application. However, in the business of services offered through the web, all the customers don't necessarily buy the whole set of services that can be offered. Nevertheless, the web application they access may be capable of delivering all of them, and therefore a way is needed to deny access to the features of the application the customer has not purchased.
However, many conventional web applications do not explicitly provide for user authentication or for defining a security policy, including, for instance, which features of the application are accessible by which users. Such access control functions are often added as an after-thought, or implemented redundantly by having the business logic check for the suitable permissions before conducting an operation. US2002/0080200, for instance, proposes to use state transition permissions to determine whether a state transition is allowable on the basis of a user or system from which a request originates.
The present invention is directed to mitigating the above mentioned drawbacks with the prior art.