Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: Systems, methods and media are shown for equitable job processing of asynchronous messages for multiple tenants in a multi-tenant platform that involve receiving messages of a given message type in an input buffer from at least one front end tier (FET) device, providing messages of the given message type from an output buffer to at least one back end tier (BET) device, determining a priority weight W for each message in the input buffer based on a tenant identifier and message type for the message, and evaluating the priority weight W for the message and delaying the message if the priority weight W is below a priority threshold and moving the message to the output buffer if the priority weight W is not below the priority threshold.

Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: Systems, methods and media are shown for equitable job processing of asynchronous messages for multiple tenants in a multi-tenant platform that involve receiving messages of a given message type in an input buffer from at least one front end tier (FET) device, providing messages of the given message type from an output buffer to at least one back end tier (BET) device, determining a priority weight W for each message in the input buffer based on a tenant identifier and message type for the message, and evaluating the priority weight W for the message and delaying the message if the priority weight W is below a priority threshold and moving the message to the output buffer if the priority weight W is not below the priority threshold.

Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: Systems, methods and media are shown for equitable job processing of asynchronous messages for multiple tenants in a multi-tenant platform that involve receiving messages of a given message type in an input buffer from at least one front end tier (FET) device, providing messages of the given message type from an output buffer to at least one back end tier (BET) device, determining a priority weight W for each message in the input buffer based on a tenant identifier and message type for the message, and evaluating the priority weight W for the message and delaying the message if the priority weight W is below a priority threshold and moving the message to the output buffer if the priority weight W is not below the priority threshold.

Abstract: Systems, methods and media are shown for equitable job processing of asynchronous messages for multiple tenants in a multi-tenant platform that involve receiving messages of a given message type in an input buffer from at least one front end tier (FET) device, providing messages of the given message type from an output buffer to at least one back end tier (BET) device, determining a priority weight W for each message in the input buffer based on a tenant identifier and message type for the message, and evaluating the priority weight W for the message and delaying the message if the priority weight W is below a priority threshold and moving the message to the output buffer if the priority weight W is not below the priority threshold.

Abstract: Shown is single sign-on support access to tenant accounts in a multi-tenant service platform involving a proxy user account in an identity provider for a tenant account on the service platform having security metadata associated therewith, mapping in the identity provider maps a support user to a proxy user identifier, a corresponding security endpoint in the service platform and mapping of the proxy user account identifier to the tenant account and security metadata. The identity provider authenticates a request to access the tenant account on the service platform, obtains the security credentials for the proxy user identifier, and sends a security assertion with the proxy user identifier and the security metadata to the security endpoint. The endpoint receives and validates the security assertion against the mapping for the proxy user identifier to the tenant account and the security metadata in the service platform, and permits access by the support user to the tenant account in the service platform.

Abstract: A method, apparatus, and computer instructions are provided for inlining native functions into compiled Java code. A conversion engine is provided by the present invention for converting the intermediate representation of native functions to the just-in-time (JIT) compiler's intermediate representation. With the converted intermediate representation, an inliner recursively inlines the converted JIT compiler's intermediate representation into the native callsite to remove the need of invoking the native function and subsequent native calls made by the function. The inlining process continues until either a call to an opaque function is encountered or until a JIT compiler intermediate representation growth limits are reached. The inliner also replaces calls to most native functions that are non-inlineable or opaque with calls to synthesized native functions that provide access to native libraries containing implementations of the original non-inlineable calls.

Abstract: A method, apparatus, and computer instructions are provided for transforming Java Native Interface function calls to constants, internal just-in-time compiler operations or simpler intermediate representation. A compiler generates a plurality of intermediate representations for a plurality of native interface function calls. During inlining of native code, matching is performed on each native function call (against this list) and a list of native interface function calls is generated. For each native interface function call, a JIT call transformer attempts to replace the native interface function call with a constant, internal just-in-time compiler operation or a simpler intermediate representation depending on the type of native interface function call.