| CPC H04L 63/102 (2013.01) [H04L 63/105 (2013.01)] | 14 Claims |
|
1. A method comprising:
receiving a request for a workflow execution from a requestor at a workflow service;
generating a snapshot of a security context generated for the requestor to generate an immutable security context by a security service;
obtaining the immutable security context from the security service, wherein the immutable security context is read-only during the workflow execution;
persisting the immutable security context in a database accessible by the security service;
accessing the database using a workflow execution identifier by an activity execution container to make the security context available to a runtime environment of an activity associated with the workflow execution;
binding the immutable security context to the workflow context, wherein the workflow is cancelled in response to changes in authorizations of the requestor;
dispatching the request for the workflow execution to a workflow engine;
when restoring a workflow context for an activity, accessing the immutable security context to validate that the activity is authorized; and
transferring control to activity code of the activity, where a security context associated with the immutable security context is isolated and separated from the workflow context managed by the workflow engine.
|