DETAILED ACTION
1. 	This is in response to an amendment filed on 12/28/2020. Claims 1-20 are pending and claims 1, 8 and 15 are independent. Each independent claim is amended. As the result of examiner’s amendment shown below, the independent claims 1, 8 and 15 are further amended. 
Notice of Pre-AIA  or AIA  Status
2.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

3.	On March 9, 2021, applicant's representative Kenneth I. McAusland, Reg. No. 37,980 and examiner conducted examiner initiated telephone interview. The summary of the interview is attached. 
4. 	The amendment made to claims 2, 9 and 16 overcomes the objection set forth in the previous office action. Thus, this objection is withdrawn. 

EXAMINER’S AMENDMENT
An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.
Authorization for this examiner’s amendment was given in a telephone interview with Kenneth I. McAusland, Reg. No. 37,980, on March 9th, 2021.

	The application has been amended as follows:


1. (Currently Amended) A system for supporting object-based security in an application server environment, comprising:
one or more microprocessors; 
an application server environment executing on the one or more microprocessors, wherein the application server provides Java message service (JMS) resources for consumption by a client application; 
a security subject stored in an object associated with the client application configured to access one or more of the JMS resources, wherein the object associated with the client application is 
wherein the security subject in the JNDI context is created based on either anonymous credentials or credentials provided by a current thread used to create the JNDI initial context , and wherein the JNDI context is created from a JNDI context factory enabled to support object-based security using a property in the JNDI context factory;
wherein the security subject stored in said object is configured to be used in each of a plurality of calls from the client application to access the one or more the JMS resources. 

2. (Currently Amended) The system of claim 1, wherein the current thread 

3. (Currently Amended) The system of claim 1, wherein the security subject in the JNDI context is created based on anonymous credentials. 

4. (Currently Amended) The system of claim 1, wherein a lookup call from the JNDI initial context uses the security subject in the JNDI initial context regardless of a security subject attached to a current thread of the lookup call. 

5. (Currently Amended) The system of claim 3, wherein all subsequent operations on the JNDI initial context can be performed on behalf of the security subject stored in the object. 

6. (Currently Amended) The system of claim 1,  wherein the security subject represents a grouping of related information for a single entity.

7. (Original) The system of claim 1, wherein the plurality of calls are Java Naming and Directory Interface (JNDI) lookup calls or calls for a Java Messaging Service (JMS) operation. 

8. (Currently Amended) A method for supporting object-based security in an application server environment, comprising:
providing an application server environment executing on one or more microprocessors, wherein the application server provides Java message service (JMS) resources for consumption by a client application; 
storing a security subject in an object associated with the client application configured to access one or more of the JMS resources, wherein the object associated with the client application is 
wherein the security subject in the JNDI context is created based on either anonymous credentials or credentials provided by a current thread used to create the JNDI initial context , and wherein the JNDI context is created from a JNDI context factory enabled to support object-based security using a property in the JNDI context factory; and
using, in each of a plurality of calls from the client application, the security subject stored in said object to access the one or more of the JMS resources. 

9. (Currently Amended) The method of claim 8, wherein the current thread 

10. (Currently Amended) The method of claim security subject in the JNDI context is created based on anonymous credentials. 

11. (Currently Amended) The method of claim 8, wherein a lookup call from the JNDI initial context uses the security subject in the JNDI initial context regardless of a security subject attached to a current thread of the lookup call. 

12. (Currently Amended) The method of claim 8, wherein all subsequent operations on the JNDI initial context can be performed on behalf of the security subject stored in the object.


8 wherein, represents a grouping of related information for a single entity.  

14. (Original) The method of claim 8, wherein the plurality of calls are Java Naming and Directory Interface (JNDI) lookup calls or calls for a Java Messaging Service (JMS) operation.

15. (Currently Amended) A non-transitory computer-readable storage medium storing a set of instructions for supporting object-based security in an application server environment, said instructions, when executed by one or more processors, causing the one or more processors to perform steps comprising:
providing an application server environment executing on the one or more microprocessors, wherein the application server provides Java message service (JMS) resources for consumption by a client application; 
storing a security subject in an object associated with the client application configured to access one or more of the JMS resources, wherein the object associated with the client application is a JMS connection or a Java Naming and Directory Interface (JNDI) context; 
wherein the security subject in the JNDI context is created based on either anonymous credentials or credentials provided by a current thread used to create the JNDI initial context , and wherein the JNDI context is created from a JNDI context factory enabled to support object-based security using a property in the JNDI context factory; and 
using, in each of a plurality of calls from the client application, the security subject stored in said object to access the one or more of the JMS resources. 

16. (Currently Amended) The non-transitory computer-readable storage medium of claim 15, wherein the current thread used to create the JNDI context. 

17. (Currently Amended) The non-transitory computer-readable storage medium of claim 15, wherein the security subject in the JNDI context is created based on anonymous credentials. 

18. (Currently Amended) The non-transitory computer-readable storage medium of claim 15, wherein a lookup call from the JNDI initial context uses the security subject in the JNDI initial context regardless of a security subject attached to a current thread of the lookup call. 

15, wherein all subsequent operations on the JNDI initial context can be performed on behalf of the security subject stored in the object.  

20. (Currently Amended) The non-transitory computer-readable storage medium of claim 15, wherein the security subject represents a grouping of related information for a single entity. 

Allowable Subject Matter
5.	Claims 1-20 are allowed. 
6.	The following is an examiner’s statements of reasons for allowance:
7. 	 The following references/prior arts disclose the general subject matter/claim limitations recited in independent claims 1, 8 and 15 before the claims were amended.

8.	As per independent claims 1, 8 and 15, Patrick discloses a system for supporting object-based security in an application server environment [See at least figure 2, at least paragraph 0095, FIG. 2 shows an example of a security architecture in accordance with an embodiment of the invention. As shown therein, clients 202, 204 (which may be either physical hardware clients or software applications) may attempt to access a secured service or resource 206, such as a persistent directory server, via a transaction or application server 208 and see figure 2, ref. 222, “security services”], comprising: 
one or more microprocessors [See figure 2, where all the computing devices shown on figure 2, including the clients shown on figure 2, ref. 202 and 204 and application server 208 and the secured server shown on figure 2, 206 comprised of at least one or more processors/microprocessors]; 
an application server environment executing on the one or more microprocessors [See paragraph 0095, FIG. 2 shows an example of a security architecture in accordance with an embodiment of the invention. As shown therein, clients 202, 204 (which may be either physical hardware clients or software applications) may attempt to access a secured service or resource 206, such as a persistent directory server, via a transaction or application server 208], wherein the application server provide [See at least figure 2, paragraph 0095 and 0093, FIG. 2 shows an example of a security architecture in accordance with an embodiment of the invention. As shown therein, clients 202, 204 (which may be either physical hardware clients or software applications) may attempt to access a secured service or resource 206, such as a persistent directory server, via a transaction or application server 208. An example of such a transaction server is the Weblogic Server product from BEA Systems Inc., San Jose, Calif., although the invention may be used with any other server product or equivalent system. Internet CORBA clients will typically attempt to make such an access through an Internet Inter-ORB Protocol (IIOP) request 212. Web clients will typically attempt to make an access through a series of hypertext transfer protocol (http) requests 210, either directly via a Web server 214, or via a proxy plug-in 216 (in which case the proxy may also provide additional functionality. Furthermore on paragraph 0093, The pluggable framework architecture thus allows for the secure access control of enterprise resources, such as enterprise Java beans (EJB's), applications (including servlets and JSP's), and other networked resources (such as RMI, JNDI, and (Java Messaging Service) JMS destinations)], 
; a security subject stored in an object associated with the client application configured to access one or more of the [See figure 2, ref. 222, “security services” and paragraph 0095, Web clients will typically attempt to make an access through a series of hypertext transfer protocol (http) requests 210, either directly via a Web server 214, or via a proxy plug-in 216 (in which case the proxy may also provide additional functionality, such as, for example, secure socket layer (SSL) encryption 218). In any case, the connection attempt is received by the transaction server, often via an initial connection filter 220, and is passed to the security service 222. In accordance with the invention, the security service 222 is the focal point for security determination, including client and user level resource access, authorization, certification, privilege assessment and entitlement determination. Enterprise Java Beans (EJB's) 224, Web applications (WebApp's) 226, and other forms of applications may all use the security service through the use of containers. The security service handles calls from these containers to the protected resource, which in the case of FIG. 2. The calls may be handled by, for example, a plurality of managed beans (MBeans) 230, or the Java Named Directory Interface (JNDI) 232 and see also paragraph 0095.]


; wherein the security subject is configured to be used in each of a plurality of calls from the client application to access the See figure 2, ref. 222, “security services” and paragraph 0095, Web clients will typically attempt to make an access through a series of hypertext transfer protocol (http) requests 210, either directly via a Web server 214, or via a proxy plug-in 216 (in which case the proxy may also provide additional functionality, such as, for example, secure socket layer (SSL) encryption 218). In any case, the connection attempt is received by the transaction server, often via an initial connection filter 220, and is passed to the security service 222. In accordance with the invention, the security service 222 is the focal point for security determination, including client and user level resource access, authorization, certification, privilege assessment and entitlement determination. Enterprise Java Beans (EJB's) 224, Web applications (WebApp's) 226, and other forms of applications may all use the security service through the use of containers. The security service handles calls from these containers to the protected resource, which in the case of FIG. 2. The calls may be handled by, for example, a plurality of managed beans (MBeans) 230, or the Java Named Directory Interface (JNDI) 232.]

Patrick doesn’t explicitly disclose the limitation the resources as “messaging service resources”

However, in the same field of endeavor, Xiao on at least abstract discloses the (JSM) resources or Java messaging service resources. In particular Xiao on at least abstract discloses the following which meets the above claim limitation.

“..A system and method provides a messaging service in a multitenant application server environment. Deployable resources are usable within the multitenant application server environment and groupings of resources are defined by resource group templates within a domain. One or more partitions are provided, with each partition providing an administrative and runtime subdivision of the domain that can be associated with a tenant. Java message service (JMS) resources are defined within a resource group template or a resource group, and instantiated within a partition from the one or more 

Furthermore, with respect to independent claims 1, 8 and 15, a new updated search revealed the following prior arts that generally describes the general subject matter of these claims. 

A. 	US Publication No. 2005/0240663 A1 to Wolber on at least figure 6a-6b discloses a conceptual illustration of the administered objects stored in JNDI namespace 600. FIG. 6 b is a conceptual illustration of internal configuration entities 611 that define logical JMS server instances. FIG. 6 a is a conceptual illustration of selected elements of the JNDI namespace of a node. One or more administered objects may be bound to JNDI proxy base 602 via, for example, a connector service. JMS connection factory 604 may specify the settings and driver libraries that are used to connect to a JMS provider (e.g., JMS provider 612, shown in FIG. 6 b).

B.  	US Patent No. 8,316,083 B2 to XIAO disclose a method for client interoperability comprises establishing a network connection between a client and a proxy. The client requests a connection factory from the proxy. The proxy then obtains the connection factory from an application server using a Java Naming and Directory Interface JNDI. Using the connection factory, a connection to a connection host from the client is created. When the client sends a message, the proxy receives the message and routes the message to a destination server. Similarly, when the client receives a message, the proxy receives the message from a destination server and passes the message to the client. The client can be 

C.  US Publication No. 2013/0290524 A1 to Liu discloses a system that has at least one requesting application residing upon a requesting application server, a cluster of processing message servers, a resource adapter in the form of executable code being executed by a processor on a first computer, the resource adapter to receive a request from the requesting application; transmit the request to the cluster of processing message servers; monitor processing of the request on the cluster of processing message servers; handling any exception in the processing of the request; and responding to the requesting application when the processing is complete. The system also includes an interposed transaction manager in the form of executable code being executed by a processor, the interposed transaction manager to receive transactional operations associated with the requests, and providing transaction guarantees related to the transactional operations.
D. 	US Publication No. 2015/0271121 A1 to Wells on at least figure 1 discloses an illustration of supporting communication between software components in a computing environment, in accordance with an embodiment of the invention. As shown in FIG. 1, an event system 110, e.g. a HK2 event service, which is based on a dependency injection (DI) framework in a computing environment 100, can provide a pluggable mechanism that allows the delivery of different messages 104-105. For example, the messages 104-105 can be JAVA objects, which are delivered from a publisher 101 to a subscriber 102.
E.	See the other cited prior arts. 	


For this reason, the specific claim limitations recited in the amended independent claims 1, 8 and 15 taken as whole are allowed.

9.	The dependent claims 2-7, 9-14 and 16-20 which are dependent on the above independent claims 1, 8 and 15 being further limiting to the independent claim, definite and enabled by the specification are also allowed.

10.	Any comments Applicants considers necessary must be submitted no later than the payment of the Issue Fee and to avoid processing delays, should preferable accompany the Issue Fees. Such submission should be clearly labeled "Comments on Statement of Reasons for Allowance". In event of any post-allowance papers (e.g. IDS, 312 amendment, petition, etc.), Applicant is exhorted to mail papers to the Production Control branch in Publications or faxed to post-allowance papers correspondence branch at (703) 308-5864 to expedite issuing process or call PUB's Customer Service if any questions at (703) 305-8497. 

Conclusion

11.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to SAMSON B LEMMA whose telephone number is 571-272-3806.  The examiner can normally be reached on M-F 8am-10pm.

Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

/SAMSON B LEMMA/Primary Examiner, Art Unit 2498