Abstract: According to one aspect of the invention, a computing system capable of communicating with first and second user managers, the first user manager to perform authentication and authorization services for a first resource and the second user manager to perform authentication and authorization services for a second resource, is provided. The computing system comprises a container having an application, a first user store associated with the first user manager, and a second user store associated with the second user manager stored therein, the application to send a first user manager command to the first user store in a first format and a second user manager command to the second user store in the first format, the first user store to translate the first format into a second format and send the second format to the first user manager, the second user store to translate the second format into a third format and send the third format to the second user manager.

Abstract: According to one aspect of the invention, a hierarchy of security domains and a method for granting a user access to the security domains are provided. The hierarchy of security domains includes multiple security levels and relationships between particular security domains. When a user is authenticated and/or authorized for access to a first security domain, the user is tagged as having been granted access to that security domain. If the user attempts to access a related security domain with a lower security level, the user is granted access without having to be re-authenticated and/or re-authorized. If the user attempts to access a related security domain with a higher security level, the user must be re-authenticated and/or re-authorized be access is granted to the security domain with the higher security level.