VAULT CONTROLLER CONTEXT MANAGER AND METHODS OF OPERATION FOR SECURELY MAINTAINING STATE INFORMATION BETWEEN SUCCESSIVE BROWSER CONNECTIONS IN AN ELECTRONIC BUSINESS SYSTEM

摘要

A context manager supports creation, storage and retrieval of data toimplement statemaintenance in a vault process using "scoping" of multiple levels of storage.A user request isinitiated by invoking an URL with embedded Application Domain and InstanceContext. The URLrequest is processed by a Vault Supervisor to obtain a user ID and password toinitiate a vault processrunning in a secure vault for the user. On vault process start up, access tothe vaultencryption/decryption keys are made available to the request. A global contextfile stored on diskis decrypted and read in to memory. If the global context file does not exist,a new global context fileis created on disk. For each Application Domain, the application context isdecrypted and read into memory. If an application context file does not exist, a new applicationcontext file on disk iscreated based on the request. All Instance Context files are scanned todetermine if they have expired.If they have expired, they are deleted from the disk. At this point, the vaultprocess is in a steadystate ready to process the user request. A dispatcher running in the vaultresponds to a user requestafter all posted data as well as CGI variables are available. The dispatcherparses the URL anddetermines the Application Domain as well as the Instance Context. If noprevious Instance Contextexists, the dispatcher generates a new random value for the new instancecontext. If the InstanceContext does exist, the vault process will then attempt to load a "localvariable pool" from memoryor from disk. All CGI and post-data are stored in the local variable pool forthe given InstanceContext and Application domain. Any previous values will be overwritten sothat any CGI orpost-data needed across requests are stored in specific user variables. Thedispatcher will then find an idlevault process thread to service the request. This thread will be instantiatedwith the ApplicationDomain and the Instance Context. The context manager will process the threadand import theapplication function from disk after decryption. The local instance functionwill be imported fromdisk after decryption and loaded into the application function running in thevault process. Afterprocessing. a return code is generated by the application indicating whetherthe local instance shouldbe retained for the next user request.