SFDC 1005
`SFDC 1005
`
`
`
`
`
`
`
`
`
`

`
`United States Patent [19J
`Haverstock et al.
`
`111111
`
`1111111111111111111111111111111111111111111111111111111111111
`US006064977 A
`[11] Patent Number:
`[45] Date of Patent:
`
`6,064,977
`May 16,2000
`
`[54] WEB SERVER WITH INTEGRATED
`SCHEDULING AND CALENDARING
`
`"Fulcrum's Surfboard-Search Technology for Internet",
`Newsbytes Inc., Mar. 23, 1995.
`
`[75]
`
`Inventors: Paul Haverstock, Acton, Mass.;
`Miguel Estrada, Nashua, N.H.; Julio
`Estrada, Carlisle, Mass.
`
`[73] Assignee: International Business Machine
`Corporation, Armonk, N.Y.
`
`[21] Appl. No.: 09/100,119
`
`[22] Filed:
`
`Jun. 19, 1998
`
`Related U.S. Application Data
`[ 60] Provisional application No. 60/050,153, Jun. 19, 1997, and
`provisional application No. 60/050,155, Jun. 19, 1997.
`Int. Cl? ...................................................... G06F 17/60
`[51]
`[52] U.S. Cl . ................................... 705/9; 705/8; 345/963;
`707/513
`[58] Field of Search ....................... 705/9, 8, 1; 345/963,
`345/334; 707/513
`
`[56]
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`5,299,304
`5,513,323
`5,530,852
`5,745,360
`5,842,177
`5,867,822
`
`3/1994 Williams et al. ....................... 707/523
`4/1996 Williams et al. ....................... 709/246
`6/1996 Meske, Jr. et al. ..................... 709/206
`4/1998 Leone et al. ............................ 707/513
`11/1998 Haynes et al. .............................. 705/8
`2/1999 Sankar ........................................ 705/8
`
`OTHER PUBLICATIONS
`
`Oski, Jonathan A., "Lotus Notes 4.5 Branches into Internet,
`Intranets", MacWeek, vol. 11, No. 8, Feb. 24, 1997.
`Balderston, Jim, "Fulcrum Boosts Middleware Links to
`Web", InfoWorld, vol. 18, No. 25, Jun. 17, 1996.
`
`Kramer, Matt, "Tests Find Notes Client Will Ease Wander(cid:173)
`ing, Database Access", PC Week, vol. 14, No. 21, May 26,
`1997.
`
`Gage, Deborah, ''Fulcrum Technologies Tries to Stay Ahead
`of Microsoft", Computer Reseller News, 1996.
`
`Nadile, Lisa, "PC Expo To Get Software Infusion", PC
`Week, vol. 13, No. 24, Jun. 17, 1996.
`
`Gustavson, Ron, ''Compact Disc and Portable Webs", E
`Media Professional, vol. 9, No. 12, Dec., 1996.
`
`Primary Examiner-Stephen R. Tkacs
`Assistant Examiner--George D. Morgan
`Attorne}\ Agent, or Firm---Hunton & Williams
`
`[57]
`
`ABSTRACT
`
`A system for enabling access to non-HTML objects from a
`web browser. The system includes a database for storing
`non-HTML objects. A system user requests a non-HTML
`object from a database using a web browser. The web
`browser transmits the request to a server via a HTTP server
`and module. The server locates and retrieves the document
`requested. The module translates the document to a format
`supported by the web browser. The HTTP server commu(cid:173)
`nicates the translated object to the web browser over a
`network. The web browser then presents the translated
`object to the system user. The server also includes a schedule
`and calendar application which provides electronic sched(cid:173)
`uling and calendaring capabilities directly from the browser
`without having to open another application or display win(cid:173)
`dow.
`
`20 Claims, 3 Drawing Sheets
`
`r- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ,
`
`'
`
`SERVER
`14
`
`'
`'
`
`NON-HTML
`SERVER
`MODULE
`24
`
`'
`'
`'
`' ' '
`' '
`'
`'
`
`'
`
`L--- --- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -----'
`
`CLIENT
`12
`
`NEWvORK
`54
`
`TERMINAL
`26
`
`NON-HTML
`DATABASE
`16
`18a-18n
`I 62a-62n I
`
`B
`\
`
`10
`
`HTML
`OBJECTS
`50a-50n
`
`SFDC 1005
`
`

`
`CLIENT
`12
`
`J
`
`NETWORK,
`54
`
`TERMINAL
`26
`BROWSER
`28
`
`-
`
`----------- --
`---------- ~~-----------------~
`SERVER
`14
`
`r - -
`I
`I
`I
`I
`I
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`Cj
`•
`\J'J. •
`
`8::
`I'--
`
`~
`::::::--
`NON-HTML
`DATABASE
`16
`18a-18n
`
`8
`8
`
`20
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`I
`
`.....
`
`HTIP
`SERVER
`MODULE
`30
`
`URL
`INTERFACE
`46
`INTERFACE
`MODULE
`32
`HTML
`TRANSLATOR
`44
`
`NON-HTML
`SERVER
`MODULE
`24
`
`L------
`
`•
`------------------ ---
`
`----------------
`
`!
`
`~.___---~ 10
`
`HTML DATABASE LINK
`INDEX 48
`66n
`~.------=-=-son 1~ HTML
`64
`l SOa
`!'-OBJECTS
`rs21
`50 50
`r-
`-r-
`a- n
`t..::.:.J
`
`0
`
`~
`50n
`g
`soa-
`o ~-~{~
`~
`LINK
`66a
`
`FIG. 1
`
`I
`
`

`
`---------------------------
`
`--------------------
`
`----------------
`
`-------1
`
`Cj
`•
`\J'J. •
`
`SERVER
`14
`
`HTTP
`SERVER
`30
`
`MAIL
`MODULE
`34
`
`SCHEDULE
`AND
`CALENDAR
`MODULE
`36
`
`INTERFACE
`MODULE
`32
`
`WORKFLOW
`MODULE
`38
`
`SECURITY
`MODULE
`40
`
`COMMAND
`CACHE
`42
`
`NON-HTML
`SERVER
`MODULE
`24
`
`I
`I
`I
`I
`I
`I
`
`_____________________________________________________________________ :
`FIG. 2
`
`I
`
`L
`
`

`
`~
`
`78
`;-----'
`
`Cj
`•
`\J'J. •
`
`~ = ~
`"""' ="
`"'
`N =
`= =
`
`('!;)
`
`'JJ. =-('!;)
`.....
`~
`Q
`""+=
`~
`
`PULL-DOWN MENUS
`72
`
`TOOL BAR
`74
`URL
`76
`
`[][]
`
`a
`
`18
`
`0
`0
`0
`
`n
`
`[][]
`ATIACHMENT 00
`ATIACHMENT 00
`
`a
`0
`0
`0
`
`n
`
`82a
`0
`0
`0
`
`82n
`
`I
`
`FIG. 3
`
`1 NAVIGATOR
`BOa
`
`0
`
`0
`
`0
`
`NAVIGATOR
`BOn
`
`I
`
`

`
`6,064,977
`
`1
`WEB SERVER WITH INTEGRATED
`SCHEDULING AND CALENDARING
`
`RELATED APPLICATIONS
`
`This application claims priority based on U.S. Provisional
`Patent Application Serial No. 60/050,153, entitled "Web
`Server Application" and U.S. Provisional Application Serial
`No. 60/050,155, entitled "Electronic Calendar With Group
`Scheduling," each filed Jun. 19, 1997. This application is
`also related to co-pending U.S. Patent Applications entitled, 10
`"Web Server Enabling Browser Access to H1ML and Non(cid:173)
`HTML Document<;," Ser. No. 09/100,131, filed herewith,
`''Web Server With Direct Mail Capability," Ser. No. 09/100,
`130, filed herewith, "Web Server With Automated
`Workflow," Ser. No. 09/100,129, filed herewith, "Web 15
`Server Providing Role-Based Multi-level Security," Ser. No.
`09/100,128, filed herewith, "Web Server With Unique Iden(cid:173)
`tification of Linked Objects," Ser. No. 09/100,118, filed
`herewith, "Web Server With Ability To Process URL With
`Action Commands," Ser. No. 09/100,117, filed herewith, 20
`"Web Server Providing HTML Pages Embedded With Non(cid:173)
`HTML Views," Ser. No. 09/100,120, filed herewith, and
`"Web Server Enabling Attachment of HTML and Non(cid:173)
`H1ML Files To Web Pages," Ser. No. 09/100,121, filed
`herewith.
`
`FIELD OF THE INVENTION
`
`The invention relates to a web server providing direct
`integrated scheduling and calendaring functions.
`
`BACKGROUND OF THE INVENTION
`
`2
`requires using HTML to edit the original web page or link.
`One significant problem with HTML links is that if a web
`page (or other object is linked to it) is moved or deleted any
`links to that page or object needs to be manually changed or
`s a "file not found" message will appear when a user click<; on
`the link.
`One limitation of web browsers and web servers is that
`they were designed primarily to access H1ML documents.
`Browsers typically cannot cause a web server to retrieve and
`return non-H1ML documents. This inhibits a user from
`accessing non-HTMLdocuments, objects or databases from
`a web browser. Non-HTML objects, for example, may
`include non-H1ML documents, stored views for documents
`in a database, identification files stored in a user directorv
`and many other types of objects. Views provide a conveniedt
`way to index a plurality of documents. Identification files
`may comprise information about a system user (e.g., elec(cid:173)
`tronic mail address, role, profile, etc.).
`One example of a non-HTML database is Lotus Notes.
`Lotus Notes is a popular software system, rich with a
`number of well-knmvn functions. These functions, however,
`are typically accessed via a client terminal (loaded \vith
`Lotus Notes client software) communicating with a server
`(loaded with Lotus Notes server software). Because Notes is
`25 not an HTML-based application, it has not been practical to
`access objects in a Notes database via a standard web
`browser.
`Standard web servers typically do not provide scheduling
`and calendaring functions. Browsers/web servers with
`scheduling and calendaring capabilities generally provide
`these functions through an application supporting these
`functions. Standard browsers/web servers do not provide
`integrated scheduling and calendaring functions. This is a
`drawback.
`Other drawbacks exist.
`
`30
`
`Web browsers such as Netscape Navigator and Microsoft
`Internet Explorer are well known. Web browsers are soft(cid:173)
`ware residing on a client (e.g., a personal computer). Via the 35
`browser, the client can communicate with a web server to
`enable access to and viewing of Hypertext Markup Lan(cid:173)
`guage (H1ML) documents. A web server typically includes
`a server (e.g., a UNIX- or Windows NT-based computer)
`connected to a network (e.g., the Internet, an intranet or 40
`other network), web server software configured with the
`host name of the server and the location of HTML objects
`on the servers and the HTML objects stored by that server.
`In general operation, to access a web page, a user enters
`a request by specifying a uniform resource locator (URL) 45
`via the browser and hitting "Submit" (or another function
`key) and the URL is sent to the web server using HTTP. The
`web server responds by locating the requested HTML docu(cid:173)
`ment and returning it to the browser. The browser receives
`the HTML document, interprets the HTML codes, translates 50
`them into a web page, and displays the web page. In this
`way, web browsers enable access to the vast number of
`H1ML documents via the World Wide Web, the Internet or
`intranets. HTML generally is well known. A primary pur(cid:173)
`pose of H1ML is to describe how to format the text (and 55
`other content) of a web page. HTML uses tags to indicate
`how text of a web page should be displayed and to specify
`the URL of objects to which a page is linked. HTML objects
`are commonly stored on a web server as standard text files
`with a H1M or H1ML extension. Linking is a powerful 60
`feature of HTML. One drawback with HTML links is that
`link<; are created by coding a page with H1ML tags to link
`it to other objects (e.g., another document or a specific
`location within a document). Therefore creating web pages
`and links requires a working knowledge of H1ML and the
`time required to write H1ML code a create a page and any
`desired links. Editing an H1ML page or a link typically
`
`SUMMARY OF THE INVENTION
`An object of the invention is to overcome these and other
`drawbacks in existing systems.
`Another object of the invention is to provide a web server
`that can respond to requests from a web browser for either
`HTML or non-H1ML documents and return the requested
`documents to the web browser.
`Another object of the invention is to enable a web server
`to provide direct scheduling and calendaring capabilities
`from a web browser.
`Another object of the invention is to enable a web server
`to provide direct scheduling and calendaring capabilities
`from a web browser without having to open another sched(cid:173)
`uling and calendaring application or viewer window.
`According to one embodiment of the invention, the sys-
`tem comprises a novel web server for a client/server
`network, where the client side is equipped with a standard
`browser. The server comprises standard web server func(cid:173)
`tionality (e.g., HTTP server), an HTML translator, a server
`side software (e.g., Lotus Notes server software) and a
`database (e.g. a Lotus Notes database). Significantly, the
`database does not need HTMLobjects. Preferably, the server
`receives a URL-based request from a browser via HTTP, the
`HTTP server and HTML translator determine the object
`(e.g., documents or databases) specified by the URL,
`retrieves that object, translates that object to HTML format
`and sends the HTML downloaded object to the client side
`65 browser for display.
`According to another aspect of the invention, the server
`comprises an integrated scheduling and calendaring appli-
`
`

`
`6,064,977
`
`3
`cation which provides a web browser \vith direct scheduling
`and calendaring capabilities. The system enables the server
`to provide scheduling and calendaring capabilities directly
`within a browser window without having to open another
`scheduling and calendaring application or display window.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is a block diagram illustrating an overall system in
`accordance with one embodiment of the invention.
`FIG. 2 is a block diagram illustrating an interface module
`in accordance \vith one embodiment of the invention.
`FIG. 3 is a view of a display in accordance with one
`embodiment of the invention.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`15
`
`4
`resources available in non-HTML databases 16 to a web
`browser 28 according to one embodiment of the invention.
`Preferably, the invention comprises a Lotus Notes server.
`Advantageously, even with this embodiment a standard
`s browser-based client may be used. A<> detailed below, Lotus
`Notes provides the non-HTML server module 24 a rich set
`of services that has made it a leading messaging and
`groupware platform. By expressing Notes capabilities to the
`Web (using a browser) via the present invention, Web
`10 developers can take advantage of an architecture that inte(cid:173)
`grates database, security, directory, messaging, workflow,
`replication, and application development technology in a
`single platform heretofore lacking in browser based systems
`using HTML objects.
`Lotus Notes, for example, is a robust system offering
`many features (e.g., forms, views, navigators, agents,
`folders, etc.). These resources in general are known,
`however, the ability to expose the features to a web browser
`is accomplished according to one aspect of the invention.
`20 Because Lotus Notes provides these and other features,
`Notes will be used to illustrate how features of a non-HTML
`database may be exposed to a web browser using the
`invention. Although Lotus Notes is used by way of example,
`the invention may be used with other non-HTML databases.
`One advantage of the invention is that it enables browser
`28 access to non-HTMLobjects (e.g., user objects 22a-22n)
`via a non-HTML server module 24. Through communica(cid:173)
`tion with the non-HTML server module 24, browser 28 is
`provided with additional functionality (i.e., functions sup-
`30 ported by non-HTML server module). For example, non(cid:173)
`HTML server module may comprise a security module.
`Because browser 28 retrieves non-HTML objects using
`non-HTML server module 24, the security module controls
`access to the non-HTML objects based on predetermined
`35 criteria. Therefore, this function is exposed to browsers.
`For example, system 10 retrieves non-HTML objects
`18a-18n via non-HTML server module 24. By communi(cid:173)
`cating with non-HTML server module 24, system 10 permits
`web browser 28 to utilize functions of non-HTML server
`module 24. For example, a system user may acce&<> non(cid:173)
`HTML objects 18 from non-HTML database 16 (e.g., a
`Lotus Notes database). When non-HTML object 18a is
`retrieved using non-HTML server module 24, functions
`associated with non-HTML object 18a become available to
`the system user. For example, non-HTML object 18a may
`comprise an agent which transmits a message or facsimile
`notifying another system user that non-HTML object 18a
`has been accessed. The invention exposes this and other
`functions provided by non-HTML server modules 24 to
`browsers 28.
`The system may use a bi-directional replication process to
`ensure that all system users are accessing the most recent
`versions of HTML objects 50a-50n. The replication process
`used is efficient because it is selective, can be scheduled, and
`55 can perform at the field-level. Selective replication enables
`administrators to replicate only a subset of data within the
`HTML database (for example, specific databases or HTML
`objects). Replication may be scheduled to run when net(cid:173)
`working costs are minimized. With field level replication,
`60 only those fields \vithin HTML object<> that are new or have
`been changed on either side of the replication process need
`to be replicated. With these sophisticated replication capa(cid:173)
`bilities as a part of the infrastructure, developers can focus
`on creating Web applications which enable business pro-
`65 cesses within and across lines of business and corporate
`boundaries. The benefit to the user is easier manageability of
`databases and data integrity in all sites.
`
`As schematically illustrated in the block diagram of FIG.
`1, one aspect of the invention relates to a client/server
`network system 10 enabling access to both HTML objects
`50a-50n (e.g., HTML documents) and non-HTML objects
`18a-18n using a web browser 28 residing on a terminal 26.
`Preferably, web browser 28 supports Internet and Web
`protocols (e.g., HyperText Transfer Protocol (HTTP) and
`TCP/IP). The system may further comprise a client 12 to 25
`enable a non-browser client access to non-HTML server
`module 24 to retrieve non-HTML objects 18a-18n from
`non-HTML database 16.
`A server 14 preferably comprises a HTTP server module
`30, interface module 32 and non-HTML server module 24.
`As further illustrated in FIG. 1, the server side of system 10
`may comprise a non-HTML database 16 in communication
`with server 14. Preferably, non-HTML database 16 stores
`one or more non-HTML objects 18a-18n, each at least some
`of which having one or more non-HTML fields 62a-62n,
`and a user directory 20. User directory 20 includes one or
`more user objects 22a-22n. User objects 22a-22n may
`include information about a user (e.g., electronic mail
`address, role, profile, etc.). Terminal26 and server 14 can be
`in communication via a network 54 (e.g., Internet, Intranet
`or other network).
`According to one aspect of the invention, a user submits
`a URL-based request for an object via browser 28. The
`request is passed to server 14 using HTTP (or other 45
`protocol). Server 14 receives the request via HTTP server
`module 30 and passes object location information to inter(cid:173)
`face module 32 via URL interface 46. URL interface 46
`transmits that information to non-HTML server module 24.
`Non-HTML server module 24 retrieves the requested object 50
`and passes it to interface module 32. A HTML translator
`portion 44 of interface module 32 translates the non-HTML
`object to a HTML representation of the requested object and
`the HTML representation is returned to browser 28 via
`HTTP server module 30.
`Svstem 10 also enables browser 28 to access HTML
`obj;cts 50a-50n using HTTP server 30 or a conventional
`web server 56 in a known manner. A conventional editor
`may be used to edit HTML objects within the system. A
`conventional technique (e.g., a computer gateway interface
`(CGI)) may be used to store the edited HTML objects in the
`HTML database.
`Thus, one advantage of the invention is that server 14
`enables a browser 28 to request both HTML objects
`50a-50n and non-HTML objects 18a-18n. Additional
`advantages derive from this capability. For example, one
`significant advantage is that the invention exposes powerful
`
`40
`
`

`
`6,064,977
`
`35
`
`6
`5
`During replication, directory changes are also replicated,
`processes for managing customer issues. Issue status
`because the directory is simply another database in the
`requests may be routed to the appropriate Company A
`invention, with the same structure and properties as a Web
`service representative based on a combination of parameters
`page library. Therefore, for example, discussion forums can
`including the inquirer's company, his or her service level
`be replicated, because discussions are simply another 5
`agreement, and the priority of the inquiry. The invention can
`instance of a database.
`efficiently handle non-routine occurrences such as re-routing
`messages destined for absent service representatives by
`In addition to the above features, system 10 also provides
`examining their schedules. Also, issue status requests that
`other functions. For example, system 10 provides integrated
`exceed a specific time threshold can automatically trigger
`mail application module 34 and scheduling and calendaring
`escalation to managers via e-mail or pager.
`application module 36. System 10 uses web browser 28 to 10
`permit reading, creating, editing, etc. of electronic mail
`The system also provides role-based, multi-level security
`messages and calendaring and scheduling of events. The
`module 40 for controlling access to objects within the
`calendaring and scheduling application module 36 permits
`system. The system enables an authorized individual to
`the system user to invite other invitees to the event (e.g.,
`assign users a defined role. Each role may have various
`privileges based on the priority level of the role. Priority
`system users, conference rooms, audio/visual equipment,
`etc.). For example, using the calendaring and scheduling 15
`levels may comprise a read only privilege, read and edit
`privileges, read public information only privileges, etc. For
`feature, a system user schedules an event. The system user
`example, a system administrator may have complete privi(cid:173)
`may then retrieve a form which serves as a template for
`leges to all objects within the system. A law level employee
`creating an electronic mail message (e-mail). The e-mail is
`user, however, may have read only privileges for some
`composed in cooperation with the scheduling application
`and therefore identifies information concerning the event 20
`objects an/or no access to others. These security features
`may extend to fields within a document. For example, a
`(e.g., date, time, location, etc.). The system user addresses
`document containing a person's sales records may include a
`the e-mail to the invitees using electronic mail addresses
`buyer field. A system user accessing the document may be
`stored in a user directory. The user directory may include
`required to have a certain priority level to view the buyer
`additional information (e.g., user role, profile, etc.). The
`e-mail may be provided with a view inquiring whether the 25
`field. If the system user does not have this priority level, the
`system user will not be permitted access to that information
`invitee accepts, declines, etc. If an invitee accepts, the
`(e.g., the buyer field may not be displayed). This permits
`system will automatically schedule the event in the invitee's
`system user's access to be unrestricted controlled on a
`calendar. The system user may also input additional infor(cid:173)
`field-by-field bases whereas prior browser-based systems
`mation (e.g., textual information, attachments, etc.).
`The messaging, calendaring and scheduling function are 30
`typically either deny or grant access to a web page or site
`area.
`performed directly through the web browser. A separate
`Additionally, the system provides for high-level security
`window or application does not need to be opened. Prior
`authentication. Before a system user is granted access to an
`browser-based systems require separate mail, schedule and
`object within the system, the system may authenticate the
`calendar applications to be opened in a separate "windows."
`system user. This may be done by assigning an identification
`One advantage of the server 14 of the present invention as
`and password to the system user. A system user attempting
`compared with other Web servers is that it exploits the Web
`to enter the system must first enter the user identification and
`to handle the activity that is driven by the information that
`password. If the identification and password do not match
`is posted on the Web site. Two core services of the invention
`the identification and password stored in the system, the
`that make this possible are messaging and workflow.
`40 system user is not authenticated and access is denied.
`The server supports major industry messaging protocols
`Another feature is dynamic generation of content based
`and Application Programmer's Interfaces (APis). The inven(cid:173)
`on a who the system user is. Dynamic generation occurs
`tion provides a backbone messaging platform with robust
`because each time a user requests a non-HTML object, that
`message transfer agents (MTAs) for SMTP, X.400, cc:Mail,
`object is translated (even if the object has been requested and
`and Notes Mail. Messaging services support e-mail clients 45
`translated previously). For example, a non-HTML object
`using industry standards, including Post Office Protocol v3
`may contain a date field. Therefore, to update the field, the
`(POP3) and Internet Mail Access Protocol v4 (IMAP4). The
`system translates the non-HTML object each time it is
`invention also supports other broadly deployed protocols,
`requested.
`including Vendor Independent Mail (VIM), and Messaging
`Dynamic generation may also apply to security. For
`API (MAPI).
`example, a document may contain certain fields that are
`The invention also includes group calendaring and sched(cid:173)
`access controlled, whereby, depending on who the user is
`uling functionality, and will support standard calendar and
`(e.g., based on the user's role) one or another field may be
`schedule protocols as they emerge.
`displayed. If a user's role changes (e.g., access privileges
`The combination of messaging with calendaring and
`scheduling functionality provides developers with the tools 55 revoked), dynamic generation allows the system to update a
`user's role with the current privileges and restrict access as
`to create Web applications incorporating workflow. Business
`required.
`processes that have time-sensitive actions and tasks associ(cid:173)
`There are at least three different ways to describe security,
`ated with multiple users can be rapidly enabled. For
`each having its own access methods and protocol. One
`example, a Web application can intelligently route messages
`embodiment of the invention provides a solution for each of
`and forms to users based on a variety of business relevant 60
`these different security levels. These are:
`conditions (for example, user, schedule, time, priority).
`Authentication: Confirming who a user is with user names
`Also, a Web application can be designed to examine a group
`and passwords via a directory;
`of users' calendars, determine the optimal schedule to ensure
`business processes are completed, and notify each user of
`Authorization: Allowing you to do certain things through
`Access Control Lists ("ACL"); and
`impending work.
`Company A can take advantage of this messaging and
`Encryption: Protecting what you do through Secure Sock(cid:173)
`workflow functionality to enable a sophisticated set of
`ets Layer ("SSL").
`
`50
`
`65
`
`

`
`6,064,977
`
`5
`
`10
`
`7
`Building upon such standard Web security as Secure
`Sockets Layer, the invention has the ability to granularly
`control a Web application's delivery of content based on
`how a user will participate with the application: this is
`referred to as roles-based access. This feature provides great
`value to organizations that require secure Web application
`functionality to enable sensitive business processes. The
`invention supports SSL which complements ACL. Using its
`integrated ACL, web server 14 (e.g., a Lotus Domino
`Server) can control the access and authorization to sensitive
`HTML objects to only those with the appropriate privileges.
`For even greater access control granularity, specific fields in
`a page can be secured and delivered only to specified users.
`Access to a page or a field is only part of the security
`model of the invention. ACL technology also controls the 15
`level of functionality each user has. That is, some users are
`able to modify or update information on an existing Web
`page directly from a browser. Depending on the page or field
`that a user is reading, the invention determines the appro(cid:173)
`priate role:
`No Access: A user at this level has no access to the
`database on the Web site or its associated views and
`HTML objects. This allows Web developers to easily
`hide sensitive information as a default function of the
`Web site. Developers can also hide functionality (for
`example, buttons, menu items).
`Depositor: A depositor can only write to a database. This
`level is useful for Web-based anonymous ballot boxes
`or surveys.
`Reader: A reader has read-only access to pages on the Web
`site.
`Author: In addition to reading pages, authors can create
`and post new pages to the Web site. Typically, authors
`can also edit and delete those Web pages they them(cid:173)
`selves created.
`Editor: Editors can read, write, update and delete pages
`created by others.
`Through tight integration of security and directory
`services, developers can easily apply access controls by an
`individual user or group of users. This role-dependent con(cid:173)
`tent delivery is transparent to the user.
`The value of roles-based access functionality can be
`illustrated with an application common to most organiza(cid:173)
`tions. A Human Resources department wishes to develop a
`Web application to post job opportunities. Most employees
`\vill have reader access to these pages. In addition, hiring
`managers will have author access so that they can also post
`new jobs to the database, as well as go back and modify
`postings that they themselves have authored. Human
`Resource staff might enjoy editor access, which gives them
`the ability to make changes to any posting on the site. And
`perhaps, Finance Department staff might have reader access
`to all pages, but also have editor access to the salary field,
`giving them the ability to make changes to just one part of
`each page. The invention exposes this and other functions
`provided by non-HTML server modules 24 to browsers 28.
`The system also allows system users to design features
`(e.g., databases, forms, views, etc.) in a visual integrated
`development environment (IDE) using a browser. For
`example, a system user may create an employment appli(cid:173)
`cation form. The form comprises various fields requiring
`system user input. To facilitate the creation of this form,
`another form having similar fields (e.g., work history form)
`may be used. For example, the system user may display both
`forms using Web browser 28. The work history form may
`have a field which the system user requires in the employ-
`
`8
`ment application form. To input the field from the work
`history form into the employment application form, the
`system user may simply select and "drag" the field (e.g., by
`using a conventional computer mouse) into the location in
`the employment application form and "drop" the field into
`the employment application form. Other known features of
`an integrated development environment may also be per(cid:173)
`formed from a web browser due to the present invention.
`For example, the Lotus Notes IDE provides developers
`with a forms-based metaphor that exploits the inventions
`object store, directory, security, workflow, and replication
`services. That is, developers using Notes have direct, pro(cid:173)
`grammatic access to these robust services, instead of resort(cid:173)
`ing to limited interfaces between a scripting language and a
`set of services found in separate products and/or servers.
`Moreover, the Notes development metaphor lends itself
`well to the types of business applications deployed on the
`Internet or on an intranet. For example, if a Notes designer
`client employs a set of intuitive and flexible application
`design elements (for example, forms, fields and views) that
`20 have great synergy with the page and link paradigms of the
`Web. Specifically, developers create forms and populate
`them with a variety of fields which interact with the user
`through agents, scripting language, and formulas. The layout
`and content of the form is automatically translated to HTML
`25 and delivered by the invention to the user for vie\ving in his
`or her Web browser. Once a form has been populated and
`saved, it is stored and processed as a page in the database,
`which can then be linked to other pages using the same
`hypertext linking mechanism so successfully exploited by
`the HTTP/HTML protocol set. The use of forms and fields
`lends itself to rapid application prototyping and develop-
`ment in at least three specific ways.
`First, new views can be created on the fly. Because forms
`consist of fields, developers can sort pages based on the
`values of those fields on each page. For example, a Human
`35 Resources intranet app