Abstract: Techniques are disclosed for using a multi-tenant framework for microservices in a microservices-based application to handle tenant-specific circuit breaking. The microservices-based application can include at least one microservice that incorporates the multi-tenant framework. The multi-tenant framework includes software components configured to provide multi-tenant functionality for the microservice. A first microservice may receive an indication associated with a tenant that a second microservice is overloaded. The first microservice can then receive a request containing tenant context data at an interface. A first software component of the multi-tenant framework can extract the tenant context data from the request. The first microservice may determine whether the tenant context data corresponds to the tenant. The first microservice can then trigger a circuit breaker for the second microservice.

Abstract: A custom client authenticator is installed on non-server entity. The custom client authenticator authorizes communication between a client application of a client and requested entities of a server. A native authentication technology for the client is different than a native authentication technology for the server. The custom client authenticator is registered in a descriptor file that is accessible by the server. The custom client authenticator generates an authorization token for the client. The authorization token is transmitted as part of a request message for the client application to the server. The custom client authenticator validates the authorization token on behalf of the server. The request message is forwarded to the requested entities executing on the server based on the validating.

Abstract: Techniques are disclosed for implementing a multi-tenant framework for microservices in a microservices-based application. A distributed computing system can execute a cluster on which the microservices-based application is hosted. The microservices-based application can include at least one microservice that incorporates the multi-tenant framework. The multi-tenant framework includes modules configured to provide multi-tenant functionality for the microservice. The microservice may receive a request containing tenant context data at an interface. A first module of the multi-tenant framework can extract the tenant context data from the request. In response to the request, the microservice may generate microservice data. A second module of the multi-tenant framework can use the extracted tenant context data to obtain a data store connection for the tenant. The microservice can use the data store connection to access the tenant's data store and store the microservice data.

Abstract: A system and method for facilitating establishing a secure connection between a client application and a content provider. An example method includes employing a security gateway to authenticate a client for communications therewith; maintaining, for the client, security credentials for a data provider via a security configuration module, wherein the security credentials are associated with a description of data, which is associated with a data provider; using the gateway to determine which of the security credentials to use to fulfill the request message received by the security gateway from the client based on the request; and employing the selected security credentials to selectively retrieve data from and deliver the data to the client application. The example method may further include generating the request message when a User Interface (UI) control displayed in a UI display screen of a browser client is selected or activated.

Abstract: Techniques are disclosed for implementing a multi-tenant framework for microservices in a microservices-based application. A distributed computing system can execute a cluster on which the microservices-based application is hosted. The microservices-based application can include at least one microservice that incorporates the multi-tenant framework. The multi-tenant framework includes modules configured to provide multi-tenant functionality for the microservice. The microservice may receive a request containing tenant context data at an interface. A first module of the multi-tenant framework can extract the tenant context data from the request. In response to the request, the microservice may generate microservice data. A second module of the multi-tenant framework can use the extracted tenant context data to obtain a data store connection for the tenant. The microservice can use the data store connection to access the tenant's data store and store the microservice data.

Abstract: A custom client authenticator is installed on non-server entity. The custom client authenticator authorizes communication between a client application of a client and requested entities of a server. A native authentication technology for the client is different than a native authentication technology for the server. The custom client authenticator is registered in a descriptor file that is accessible by the server. The custom client authenticator generates an authorization token for the client. The authorization token is transmitted as part of a request message for the client application to the server. The custom client authenticator validates the authorization token on behalf of the server. The request message is forwarded to the requested entities executing on the server based on the validating.

Abstract: A system and method for facilitating establishing a secure connection between a client application and a content provider. An example method includes employing a security gateway to authenticate a client for communications therewith; maintaining, for the client, security credentials for a data provider via a security configuration module, wherein the security credentials are associated with a description of data, which is associated with a data provider; using the gateway to determine which of the security credentials to use to fulfill the request message received by the security gateway from the client based on the request; and employing the selected security credentials to selectively retrieve data from and deliver the data to the client application. The example method may further include generating the request message when a User Interface (UI) control displayed in a UI display screen of a browser client is selected or activated.

Abstract: A system and method for facilitating authenticating a client application to enable communications with another server-side application running on a server in communication with the client application (client). An example embodiment involves providing an authenticator for the client to a shared library that is accessible to the client and server, and then registering the authenticator for the client at the server. After registration, the client sends a request message (addressed to a server-side application) and token to the server. The token is derived using the authenticator at the shared library. The server then uses the token to check that the authenticator associated with the received token is registered. The server then communicates with the shared library to authenticate the client by verifying that the received token identifies the client that has provided the authenticator to the shared library. Client identity is then set to enable communications with the server-side application.

Abstract: A system and method for facilitating establishing a secure connection between a client application and a content provider. An example method includes employing a security gateway to authenticate a client for communications therewith; maintaining, for the client, security credentials for a data provider via a security configuration module, wherein the security credentials are associated with a description of data, which is associated with a data provider; using the gateway to determine which of the security credentials to use to fulfill the request message received by the security gateway from the client based on the request; and employing the selected security credentials to selectively retrieve data from and deliver the data to the client application. The example method may further include generating the request message when a User Interface (UI) control displayed in a UI display screen of a browser client is selected or activated.

Abstract: A system and method for facilitating sharing of credentials and other secret data in a networked computing environment. An example embodiment provides for access to data of an external data source by a software application, wherein the external data source requires use of credentials to allow access to the data, but where the credentials themselves are not to be supplied to the software application. An example method includes storing the credentials in a secure data store; providing a token to the application, the token associated with the credentials and with an indication of the external data source; transferring the token from the application to a secure connector; using the secure connector and the token to retrieve the credentials from the secure data store to the secure connector; using the secure connector and the credentials to request data from the external data source to the secure connector before transfer of the requested data to the application via the secure connector.

Abstract: A system and method for facilitating authenticating a client application to enable communications with another server-side application running on a server in communication with the client application (client). An example embodiment involves providing an authenticator for the client to a shared library that is accessible to the client and server, and then registering the authenticator for the client at the server. After registration, the client sends a request message (addressed to a server-side application) and token to the server. The token is derived using the authenticator at the shared library. The server then uses the token to check that the authenticator associated with the received token is registered. The server then communicates with the shared library to authenticate the client by verifying that the received token identifies the client that has provided the authenticator to the shared library. Client identity is then set to enable communications with the server-side application.

Abstract: A system and method for facilitating sharing of credentials and other secret data in a networked computing environment. An example embodiment provides for access to data of an external data source by a software application, wherein the external data source requires use of credentials to allow access to the data, but where the credentials themselves are not to be supplied to the software application. An example method includes storing the credentials in a secure data store; providing a token to the application, the token associated with the credentials and with an indication of the external data source; transferring the token from the application to a secure connector; using the secure connector and the token to retrieve the credentials from the secure data store to the secure connector; using the secure connector and the credentials to request data from the external data source to the secure connector before transfer of the requested data to the application via the secure connector.

Abstract: A system and method for facilitating interaction between computing sessions. An example method provides for first web application to use a same session as a user session of a second web application that is external to the first web application. The first web application can replicate portions of a session Uniform Resource Locator (URL) and submit one or more modified URLs to the second web application. The second web application then handles communications with both the browser and the first web application as a single session. In a particular embodiment, the second web application need not be modified to handle this type of 3-way single session.

Abstract: A system and method for facilitating sharing of credentials and other secret data in a networked computing environment. An example embodiment provides for access to data of an external data source by a software application, wherein the external data source requires use of credentials to allow access to the data, but where the credentials themselves are not to be supplied to the software application. An example method includes storing the credentials in a secure data store; providing a token to the application, the token associated with the credentials and with an indication of the external data source; transferring the token from the application to a secure connector; using the secure connector and the token to retrieve the credentials from the secure data store to the secure connector; using the secure connector and the credentials to request data from the external data source to the secure connector before transfer of the requested data to the application via the secure connector.

Abstract: A system and method for facilitating authenticating a client application to enable communications with another server-side application running on a server in communication with the client application (client). An example embodiment involves providing an authenticator for the client to a shared library that is accessible to the client and server, and then registering the authenticator for the client at the server. After registration, the client sends a request message (addressed to a server-side application) and token to the server. The token is derived using the authenticator at the shared library. The server then uses the token to check that the authenticator associated with the received token is registered. The server then communicates with the shared library to authenticate the client by verifying that the received token identifies the client that has provided the authenticator to the shared library. Client identity is then set to enable communications with the server-side application.

Abstract: A system and method for facilitating authenticating a client application to enable communications with another server-side application running on a server in communication with the client application (client). An example embodiment involves providing an authenticator for the client to a shared library that is accessible to the client and server, and then registering the authenticator for the client at the server. After registration, the client sends a request message (addressed to a server-side application) and token to the server. The token is derived using the authenticator at the shared library. The server then uses the token to check that the authenticator associated with the received token is registered. The server then communicates with the shared library to authenticate the client by verifying that the received token identifies the client that has provided the authenticator to the shared library. Client identity is then set to enable communications with the server-side application.

Abstract: A system and method for facilitating interaction between computing sessions. An example method provides for first web application to use a same session as a user session of a second web application that is external to the first web application. The first web application can replicate portions of a session Uniform Resource Locator (URL) and submit one or more modified URLs to the second web application. The second web application then handles communications with both the browser and the first web application as a single session. In a particular embodiment, the second web application need not be modified to handle this type of 3-way single session.

Abstract: A system and method for facilitating sharing of credentials and other secret data in a networked computing environment. An example embodiment provides for access to data of an external data source by a software application, wherein the external data source requires use of credentials to allow access to the data, but where the credentials themselves are not to be supplied to the software application. An example method includes storing the credentials in a secure data store; providing a token to the application, the token associated with the credentials and with an indication of the external data source; transferring the token from the application to a secure connector; using the secure connector and the token to retrieve the credentials from the secure data store to the secure connector; using the secure connector and the credentials to request data from the external data source to the secure connector before transfer of the requested data to the application via the secure connector.

Abstract: A system and method for facilitating establishing a secure connection between a client application and a content provider. An example method includes employing a security gateway to authenticate a client for communications therewith; maintaining, for the client, security credentials for a data provider via a security configuration module, wherein the security credentials are associated with a description of data, which is associated with a data provider; using the gateway to determine which of the security credentials to use to fulfill the request message received by the security gateway from the client based on the request; and employing the selected security credentials to selectively retrieve data from and deliver the data to the client application. The example method may further include generating the request message when a User Interface (UI) control displayed in a UI display screen of a browser client is selected or activated.