This application relates to the provision of services in a client-server context. More particularly, this application relates to securing inter-server services on behalf of a client over a network.
FIG. 1 illustrates a typical client-server environment within the World Wide Web. As one of ordinary skill in the art will readily appreciate, a user""s accessing a web page on the World Wide Web involves the cooperation of (at least) two pieces of software: the web browser 110, typically directly under the user""s control as software on the workstation 150, and the server 120 for the web page. Responding in a manner predetermined by the author of the web page to transactions initiated by the browser 110, the server 120 typically resides on a separate processor 140.
FIG. 2 sketches a processor 200 such as a workstation 150 or server 120. Such a processor includes a CPU 210 to which a memory 220 and I/O facilities 230 connect by a bus 240. The processor 200 connects to an external communications system 250 which is, for example, a network or modem communications link and memory 220 includes programs 260. Programs 260 may include one or more programs. Although programs 260 are depicted as being stored in memory 220, one skilled in the art will appreciate that all or part of programs 260 may be stored on or read from other computer readable media, such as secondary storage devices 270, like hard disks, floppy disks and CD-Rom, a digital signal received from a network such as the Internet, or other forms of RAM or ROM, either currently known or later developed.
As the HyperText Markup Language (HTML) is the preferred language for authoring web pages, the description below is in the terms of HTML. These terms are explained in, for example, I. S. Graham, The HTML Sourcebook, 1996 (John Wiley and Sons, Inc., 2d Edition). Graham is incorporated herein by reference to the extent necessary to explain these terms. However, Graham is not prior art.
In addition to text and static images for display on the user""s workstation 150 via the user""s browser 110, a web page can also include an applet. An applet is a program included in an HTML page, whose execution a user can observe via a browser 110 enabled to recognize, download and execute the applet and to display the results of the applet""s execution. The HotJava(copyright) browser, available from the assignee of the instant invention, is the preferred browser 110, and the Java(copyright) environment, also available from the assignee of the instant invention, is the preferred environment for encoding and executing applets.
The Java(copyright) environment is described in, for example, Java(copyright) Unleashed (Sams.net Publishing, 1996). Java(copyright) Unleashed is incorporated herein by reference to the extent necessary to explain the Java(copyright) environment. However, Java(copyright) Unleashed is not prior art.
An applet typically is a small program residing on a server 120. Some HTML document refers to the applet using the  less than applet greater than  tag. When a browser downloads the HTML document and recognizes the  less than applet greater than  tag, it also downloads the applet identified by the applet tag and executes that applet.
Written in a general purpose language such as Java(copyright), an applet is in this way unrestrained in its functionality. It can perform any function which a program written in any other general purpose language (such as C or PL1) can accomplish. The methodologies of applets, however, are constrained by the Java(copyright) environment in order to minimize the security risks an applet presents to the workstation 150. That is to say, an applet is restricted to xe2x80x9cplayxe2x80x9d within a bounded xe2x80x9csandbox.xe2x80x9d
While a security policy may suffice for the transfer of code from a server to a client, the transfer of code for execution from one server to another server presents greater security risks and requires a more stringent security policy. Accordingly, there is a need for a managing security on a server which receives code for execution.
Herein is disclosed, in a network environment, a security manager residing on a server and deciding whether to permit the execution of a servlet based on a characteristic of the servlet.