Browse Prior Art Database

Application Interface for Retrieving User-Accessible List of Resources

IP.com Disclosure Number: IPCOM000112320D
Original Publication Date: 1994-Apr-01
Included in the Prior Art Database: 2005-Mar-27
Document File: 2 page(s) / 32K

Publishing Venue

IBM

Related People

Corn, VE: AUTHOR [+4]

Abstract

Disclosed is an interface for retrieving a list of user-accessible server resources.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 97% of the total text.

Application Interface for Retrieving User-Accessible List of Resources

      Disclosed is an interface for retrieving a list of
user-accessible server resources.

      Access to resources on a server machine are kept in an entity
called an Access Control Profile (ACP).  Each profile contains a list
of users and groups with their respective privileges to a given
resource.  Any access attempt to a server resource is validated
against the ACP, if any exists, for that resource.

      It is easy in any LAN product for a user to determine whether
they have access to a given resource, if the resource is known.
However, there is no way for a user to enumerate a list of resources
on a server that they have privilege to.

      The problem is solved in the following manner.  An Application
Programming Interface (API) "NetAccessGetUserResources" is created to
allow programmatic enumeration of user-accessible resources on a
server.  The API can be used in command-line and graphical-type
programs.

      The API works in three passes on the target server machine.
First, it enumerates the list of groups that the user belongs to.
Second, it enumerates the ACPs for each resource type on the server:
file, print, and serial device.   Finally, it scans through each
access list and selects those resources that the user has privilege
to.  The privilege may be for the user or for a group that the user
belongs to.  The list of resources and associated privileges is
r...