Multiple user credentials
Abstract
A login shell and file/directory access checking supporting multiple user credentials are provided. The login shell receives user input from a particular user including login information for a plurality of user accounts for that particular user. The login shell authenticates the plurality of user accounts using the login information and retrieves a plurality of user credentials corresponding to the plurality of user accounts. This plurality of user credentials forms a multi-user credential. In response to a request for access to a file, the access rights to the file for the user are verified by verifying the access rights of the multi-user credential.
Claims
exact text as granted — not AI-modified1 . A computer implemented method for supporting multiple user credentials, the method comprising:
receiving user input from a given user including login information for a plurality of user accounts for the given user; authenticating the plurality of user accounts based on the login information; retrieving a plurality of credentials for the plurality of user accounts to form a multi-user credential; and responsive to a request for access to a file, verifying access rights to the file by verifying access rights of the multi-user credential.
2 . The method of claim 1 , wherein the login information includes a primary user identification, a primary password, a secondary user identification, and a secondary password.
3 . The method of claim 1 , wherein the plurality of credentials include a primary user identification, a primary group identification, a secondary user identification, and a plurality of secondary group identifications.
4 . The method of claim 3 , wherein verifying the access rights of the multi-user credential includes:
comparing the primary user identification to a file owner identification associated with the file; and responsive to the primary user identification matching the file owner identification associated with the file, providing access to the file based on permissions associated with the file owner identification.
5 . The method of claim 4 , wherein verifying the access rights of the multi-user credential further includes:
responsive to the primary user identification not matching the file owner identification associated with the file, comparing the secondary user identification with the file owner identification associated with the file; and responsive to the secondary user identification matching the file owner identification associated with the file, providing access to the file based on permissions associated with the file owner identification.
6 . The method of claim 5 , wherein verifying the access rights of the multi-user credential further includes:
responsive to the secondary user identification not matching the file owner identification associated with the file, comparing the primary group identification with the file group identification associated with the file; and responsive to the primary group identification matching the file group identification associated with the file, providing access to the file based on permissions associated with the file group identification.
7 . The method of claim 6 , wherein verifying the access rights of the multi-user credential further includes:
responsive to the primary group identification not matching the file group identification associated with the file, comparing the plurality of secondary group identification with the file group identification associated with the file; and responsive to one of the plurality of secondary group identifications matching the file group identification associated with the file, providing access to the file based on permissions associated with the file group identification.
8 . The method of claim 1 , wherein access includes execution.
9 . The method of claim 8 , wherein execution takes place on a remote data processing system.
10 . A computer program product comprising:
a computer usable medium including computer usable program code for supporting multiple user credentials, said computer program product including:
computer usable program code for receiving user input from a given user including login information for a plurality of user accounts for the given user;
computer usable program code for authenticating the plurality of user accounts based on the login information;
computer usable program code for retrieving a plurality of credentials for the plurality of user accounts to form a multi-user credential; and
computer usable program code, responsive to a request for access to a file, for verifying access rights to the file by verifying access rights of the multi-user credential.
11 . The computer program product of claim 10 , wherein the login information includes a primary user identification, a primary password, a secondary user identification, and a secondary password.
12 . The computer program product of claim 10 , wherein the plurality of credentials include a primary user identification, a primary group identification, a secondary user identification, and a plurality of secondary group identifications.
13 . The computer program product of claim 12 , wherein the computer usable program code for verifying access rights to the file by verifying the access rights of the multi-user credential includes:
computer usable program code for comparing the primary user identification to a file owner identification associated with the file; and computer usable program code, responsive to the primary user identification matching the file owner identification associated with the file, for providing access to the file based on permissions associated with the file owner identification.
14 . The computer program product of claim 13 , wherein the computer usable program code for verifying access rights to the file by verifying the access rights of the multi-user credential further includes:
computer usable program code, responsive to the primary user identification not matching the file owner identification associated with the file, for comparing the secondary user identification with the file owner identification associated with the file; and computer usable program code, responsive to the secondary user identification matching the file owner identification associated with the file, for providing access to the file based on permissions associated with the file owner identification.
15 . The computer program product of claim 14 , wherein the computer usable program code for verifying access rights to the file by verifying the access rights of the multi-user credential further includes:
computer usable program code, responsive to the secondary user identification not matching the file owner identification associated with the file, for comparing the primary group identification with the file group identification associated with the file; and computer usable program code, responsive to the primary group identification matching the file group identification associated with the file, for providing access to the file based on permissions associated with the file group identification.
16 . The computer program product of claim 15 , wherein the computer usable program code for verifying access rights to the file by verifying the access rights of the multi-user credential further includes:
computer usable program code, responsive to the primary group identification not matching the file group identification associated with the file, for comparing the plurality of secondary group identification with the file group identification associated with the file; and computer usable program code, responsive to one of the plurality of secondary group identifications matching the file group identification associated with the file, for providing access to the file based on permissions associated with the file group identification.
17 . A data processing system for supporting multiple user credentials, the data processing system inlcluding:
a login shell that receives user input from a given user including login information for a plurality of user accounts for the given user and authenticates the plurality of user accounts based on the login information; an operating system component that retrieves a plurality of credentials for the plurality of user accounts to form a multi-user credential; and a file access checking component that verifies access rights to the file by verifying access rights of the multi-user credential.
18 . The data processing system of claim 17 , wherein the login information includes a primary user identification, a primary password, a secondary user identification, and a secondary password.
19 . The data processing system of claim 17 , wherein the plurality of credentials include a primary user identification, a primary group identification, a secondary user identification, and a plurality of secondary group identifications.Join the waitlist — get patent alerts
Track US2007022471A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.