Abstract: An approach is provided that allows an administrator to set a new password at a wireless access point, such as a traditional WAP or a wireless router. The wireless access point creates a message that includes the new password. The message is encrypted using the old password that was previously set for the wireless network. The encrypted message is wirelessly transmitted from the wireless access point to the active client devices (those clients currently accessing the wireless network). The clients decrypt the message using the old password that was previously provided to the clients. The clients retrieve the new password from the message. The clients construct a new message that is encrypted using the new password. The new message is wirelessly transmitted from the clients to the wireless access device and serves as an acknowledgement.

Abstract: Access is controlled to managed resources in a stateless web server architecture including a stateless web server computing platform; a resource locator map portion of the stateless web server computing platform providing a unique resource locator code representing each managed resource in a stateless web server architecture, wherein the managed resource is assigned to a plurality of application program components; a set of servlet filters disposed in a portion of the stateless web server computing platform, each servlet filter associated with one of the application program components; a resource locator matcher portion of the stateless web server computing platform, responsive to a user request to a unique resource locator, matching a pattern in the user request to one or more of the application program components using a corresponding servlet filter; and a request dispatcher portion of the stateless web server computing platform sending the user request to the matched application program component, wherein

Abstract: Methods and systems are provided for dynamically altering the capabilities of a software application in response to a request from a user to perform an action in the application. Based on the user's security role, the software application is reconfigured by either granting access to the user to an existing component of the application, or if no suitable component is available, adding an external vendor component to the software application which is suitable for performing the requested action.

Abstract: A computer implemented method, apparatus, and computer usable program code for interactive mail management of physical mail. Physical mail is received in a mailbox. An identifier is read in response to receiving the physical mail in the mailbox. The physical mail contains the identifier. Information contained in the identifier is sent to the mail recipient. The mail recipient is able to identify instructions for communicating with a sender associated with the physical mail based on the information from the identifier.

Abstract: Methods, systems, and media are disclosed for determining access rights to a resource managed by an application. One embodiment includes receiving a request by the application, wherein the request comprises an action a user seeks to perform on the resource. Further, the embodiment includes locating, based on the request, the resource in a structure having groupings of resources, wherein the groupings include a grouping having the resource. Typically the groupings comprise files having mappings of resources to assigned groups, and each group has an associated authorization table mapping roles or policies to users. Further still, the embodiment includes reading an authorization table associated with the grouping having the resource, and determining whether to grant the access rights for performing the action on the resource.

Abstract: A method, computer program product, and apparatus for receiving a postal mail item. The postal mail item is received. The postal mail item contains a radio frequency identifier identifying the sender of the postal mail item. Responsive to receiving the postal mail item in the mailbox, the radio frequency identifier of the postal mail item is scanned with a scanner to identify the sender of the postal mail item. A determination is made whether the sender of the postal mail item is in a junk mail list. The junk mail list includes a list of senders accessible to a processor in the scanner.

Abstract: A method is presented for processing names by a naming service. A naming service obtains an application name for an application along with at least one deployment attribute for a deployment of an instance of the application within a data processing system. The naming service generates an application-based name for the instance of the application; the application-based name represents a context within a naming system that is supported by the naming service, and the application-based name is a compound name that includes the application name and at least one deployment name for a deployment attribute. A deployment attribute is a metadata value, such as a deployment identifier or version identifier, that characterizes a manner in which the instance of the application is deployed within the data processing system.

Abstract: An approach to handling integrated security roles is presented. An upstream application includes one or more role-mapping requirements that correspond to an upstream security role and a downstream security role. The upstream security role is expanded by adding an upstream security role identifier in a downstream application's role-mapping table or by adding upstream user-to-role mappings to a downstream application's role-mapping table. When an upstream security role is expanded, a user assigned to the upstream security role automatically has access to role-mapped downstream applications.

Abstract: A method for integrated security roles is presented. An upstream application includes one or more role-mapping requirements that correspond to an upstream security role and a downstream security role. The upstream security role is expanded by adding an upstream security role identifier in a downstream application's role-mapping table or by adding upstream user-to-role mappings to a downstream application's role-mapping table. When an upstream security role is expanded, a user assigned to the upstream security role automatically has access to role-mapped downstream applications.

Abstract: Methods, systems, and media are disclosed for determining access rights to a resource managed by an application. One embodiment includes receiving a request by the application, wherein the request comprises an action a user seeks to perform on the resource, and locating, based on the request, the resource in both a containment relationship graph and in a structure having groupings of resources, wherein the groupings comprise a grouping having the resource. Further, the embodiment includes traversing a vertex of the containment relationship graph, wherein the vertex comprises a generational resource of the resource, and reading an authorization table associated with a grouping having the generational resource in the groupings. Further still, the embodiment includes determining whether to grant the access rights for performing the action on the resource.

Abstract: An approach is provided that allows an administrator to set a new password at a wireless access point, such as a traditional WAP or a wireless router. The wireless access point creates a message that includes the new password. The message is encrypted using the old password that was previously set for the wireless network. The encrypted message is wirelessly transmitted from the wireless access point to the active client devices (those clients currently accessing the wireless network). The clients decrypt the message using the old password that was previously provided to the clients. The clients retrieve the new password from the message. The clients construct a new message that is encrypted using the new password. The new message is wirelessly transmitted from the clients to the wireless access device and serves as an acknowledgement.

Abstract: Methods and systems are provided for dynamically altering the capabilities of a software application in response to a request from a user to perform an action in the application. Based on the user's security role, the software application is reconfigured by either granting access to the user to an existing component of the application, or if no suitable component is available, adding an external vendor component to the software application which is suitable for performing the requested action.

Abstract: A computer implemented method, apparatus, and computer usable program code for mail notification. Physical mail is received in a mailbox. The physical mail includes an identifier indicating information about the physical mail. A presence of the physical mail is detected in the mailbox. The identifier is read in response to detecting the presence of the physical mail. A notification is sent to a mail recipient including the information in response to reading the identifier.

Abstract: A computer implemented method, apparatus, and computer usable program code for interactive mail management of physical mail. Physical mail is received in a mailbox. An identifier is read in response to receiving the physical mail in the mailbox. The physical mail contains the identifier. Information contained in the identifier is sent to the mail recipient. The mail recipient is able to identify instructions for communicating with a sender associated with the physical mail based on the information from the identifier.

Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.

Abstract: A method is presented for managing applications using application-based names. A naming service registers an alias name; the alias name represents a first compound name that includes an application name that is associated with an application and a deployment name that is associated with a deployment attribute that characterizes a deployment of an instance of the application. The naming service is also able to generate an application-based name associated with an application; the application-based name represents a context within a naming system, and the application-based name is a second compound name that includes the alias name. Applications are managed within a data processing system using application-based names. The first compound name can be associated with a first topology-based name that represents a first context for organizing files that are related to the instance of the application.

Abstract: Methods, systems, and media are disclosed for managing a resource managed by a mbean server having an mbean. One embodiment includes receiving a request by the application, wherein the request constitutes an action a user seeks to perform on the resource, and adding a number of instance identifier fields to an mbean descriptor file associated with the mbean. Further, the embodiment includes populating the number of instance identifier fields with an equivalent number of properties from an objectname of the resource, thereby producing a populated mbean descriptor file that identifies the resource among resources. Further still, the embodiment includes reading the mbean descriptor file after the populating, and determining, based on the reading, whether the user has an authority to perform the request. If authority exists, then an mbean method performs the action on the resource, and filters the obtained results to coincide with the user's authority.

Abstract: A method and system to allow multiple users of a client computer to establish a secure connection for each of the multiple users between the client computer and a server computer. Each user is allowed to unlock a keyfile unique to that user. The unique keyfile is able to authenticate the user's identity to the server computer. Access to the users unique keyfile is accomplished by the user inputting into the client computer a unique user password for the user's unique keyfile. A Graphical User Interface (GUI) is provided to allow the user to input the unique user password for that user's unique keyfile. Upon input of the password, the selected keyfile is opened to enable a user authentication process to authenticate the user's identity to the server computer, thus creating an authenticated secure connection between the server computer and the client computer for the specific user.

Abstract: A method and system for providing security protection to Common Object Request Broker Architecture (CORBA) objects located on a server. An EJB shadow object is created for the CORBA object. The EJB shadow object invokes an EJB security mechanism on behalf of the CORBA object, thus protecting the CORBA object from unauthorized object requesters. In a preferred embodiment, requesters are categorized and identified by their roles in the enterprise. Only those requesters having a proper role are authorized to access the requested object.

Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.