CN102054203A - Processing method and device for enterprise-oriented information resource application integration - Google Patents
Processing method and device for enterprise-oriented information resource application integration Download PDFInfo
- Publication number
- CN102054203A CN102054203A CN2009102106442A CN200910210644A CN102054203A CN 102054203 A CN102054203 A CN 102054203A CN 2009102106442 A CN2009102106442 A CN 2009102106442A CN 200910210644 A CN200910210644 A CN 200910210644A CN 102054203 A CN102054203 A CN 102054203A
- Authority
- CN
- China
- Prior art keywords
- enterprise
- resource platform
- unified resource
- resources
- user side
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to a processing method for enterprise-oriented information resource application integration. In the method, enterprise uniform resources comprising enterprise global users, enterprise global roles and enterprise internal information system access resources are defined, and integration application is carried out on such basis. The method comprises the following concrete steps: (1) a uniform resource platform is registered; (2) a client logs on the uniform resource platform, and the uniform resource platform verifies the identity of the client in combination with an enterprise directory server; (3) after the client logs on the uniform resource platform, the uniform resource platform displays resources which are accessible for an information system, and a first front end interceptor captures URL (uniform resource locator) information of the client; and (4) the limits of authority of the client for the resources, and the like are verified. Compared with the prior art, the invention has the advantages of enhancing the work efficiency of the personnel, solving the management drawback in the enterprise informatization progress, and the like.
Description
Technical field
The present invention relates to the management method of Enterprise Resource, especially relate to a kind of disposal route and device that is applicable to the application integration of To enterprises information resources.
Background technology
Along with effectively carrying out of enterprises informatization, can build various infosystems successively in enterprises.Use along with these systems, there is the situation of inconvenience in the infosystem of a plurality of dispersions in information management, as: during certain employee's registration, need to give this employee to divide number of the account, password and the authority of each infosystem that is arranged, when employee's transfer-position, promotion or leaving office, need do corresponding user right adjustment in each application system, similarly these problems all can have been brought certain obstruction and be stranded rich the further developing of information construction of company.In addition, enterprise staff is for self requirements of one's work, and the employee has to be faced with gradation and enters different systems and operate, repeatedly carry out the application system authentication, and this will also come very big inconvenience to company personnel's work.
Current general employing door (Portal) technology addresses this problem, but more polymerization and each the system's single-sign-on problems that only realize the information content of door can not effectively solve centralized mandate and resource management.
Summary of the invention
Purpose of the present invention is exactly to provide a kind of disposal route and device that is applicable to the application integration of To enterprises information resources for the defective that overcomes above-mentioned prior art existence.
Purpose of the present invention can be achieved through the following technical solutions:
A kind of disposal route that is applicable to the application integration of To enterprises information resources, it is characterized in that this method has defined enterprise's unified resource, comprise the overall situation user of enterprise, enterprise's global role and enterprises information system access resource, and integrate application on its basis, concrete steps are as follows:
1) unified resource platform registration;
2) user side login unified resource platform, the unified resource platform is verified its identity in conjunction with the enterprise content server zone;
3) behind the user side login unified resource platform, the addressable resource of unified resource platform display and information system, the first front end blocker is caught the URL information of user side;
4) verify the authority of this user side to this resource;
5) if yes, execution in step 6), if deny execution in step 10)
6) whether the second front end blocker judges this visit for visiting first, if yes, and execution in step 7), if deny execution in step 8);
7) create user session, and enter step 8);
8) page of request access resources is played up;
9) use the resource of this infosystem;
10) the prompting resource is had no right visit information.
Described step 1) unified resource platform registration may further comprise the steps:
1) the front end blocker is tackled transformation to internal enterprise resources;
2) internal enterprise resources through transforming is registered in the unified resource platform;
3) the unified resource platform distributes the resource after registering according to user account different rights grade.
The user side identity is verified described step 2) may further comprise the steps:
1) user side carries out encryption with password, and the password after user name and the encryption is input to the unified resource platform;
2) the unified resource platform is decrypted the password after encrypting, and is transferred to the enterprise content server zone together with user name;
3) the enterprise content server zone accept user name and the deciphering after password, by with enterprise content data in server storehouse in information mate;
4), handle relevant return message according to user side credential match result;
5) obtain user side identity documents checking result and relevant information.
This device comprises user terminal, unified resource platform, enterprise content server zone, infosystem, described unified resource platform is provided with the first front end blocker, described infosystem is provided with the second front end blocker, described user side is connected with the first front end blocker, described unified resource platform is connected with the enterprise content server zone, and described unified resource platform is connected with the second front end blocker.
Compared with prior art, the present invention has the following advantages:
1, more effectively realizes the enterprises information system management, can better solve the isolated separately each other problem of enterprises infosystem;
2, the employee repeatedly logins different infosystems, repeatedly carries out the application system Authentication Questions;
3, simplified the application system of right assignment problem enterprise information management person causes to(for) job transfers such as employee's registration, transfer-position and leaving office;
4, based on the uniform authorization service, the IT managerial personnel can easily manage concentratedly and safeguard for the employee's of intra-company account number;
5, the self-defined classification of resource and unified visit have made things convenient for employee's using system, have improved employee work efficient, have solved the management drawback of bringing in the IT application in enterprises progress.
Description of drawings
Fig. 1 is a kind of disposal route of To enterprises information resources application integration and process flow diagram of device of being applicable to of the present invention;
Fig. 2 is a kind of disposal route of To enterprises information resources application integration and hardware configuration synoptic diagram of device of being applicable to of the present invention;
Fig. 3 is a kind of disposal route of To enterprises information resources application integration and authentication process flow diagram of device of being applicable to of the present invention.
Embodiment
The present invention is described in detail below in conjunction with the drawings and specific embodiments.
As shown in Figure 1 and Figure 2, a kind of disposal route and device that is applicable to the application integration of To enterprises information resources, it is characterized in that, this method comprises unified resource platform 2, enterprise content server zone 3, infosystem 4, described unified resource platform 2 comprises the first front end blocker, authorization module, described infosystem 4 is provided with the second front end blocker, described authorization module carries out uniform authorization to user account, carry out the Permission Levels setting by the personnel's responsibility that inserts the unified resource platform, this disposal route may further comprise the steps:
Step 101,2 registrations of unified resource platform;
Step 102, user side 1 login unified resource platform 2, unified resource platform 2 is verified its identity in conjunction with enterprise content server zone 3;
Step 103, behind the user side 1 login unified resource platform 2, the addressable resource of unified resource platform 2 display and information systems, the first front end blocker is caught the URL information of user side;
Step 104 is verified the authority of this user side to this resource;
Step 105, if yes, execution in step 106 is if deny execution in step 110
Whether step 106, the second front end blocker judge this visit for visiting first, and if yes, execution in step 107 is if deny execution in step 108;
Step 107 is created user session, and is entered step 108;
Step 108 is played up the page of request access resources;
Step 109 is used the resource of this infosystem 4;
Step 110, the prompting resource is had no right visit information.
Described step 101 unified resource platform 2 registrations may further comprise the steps:
1) the front end blocker is tackled transformation to internal enterprise resources;
2) internal enterprise resources through transforming is registered in the unified resource platform 2;
3) unified resource platform 2 distributes the resource after registering according to user account different rights grade.
As shown in Figure 3, the user side identity is verified in the described step 102 may further comprise the steps:
The present invention is incorporated into the operation system of a plurality of independent utility on the uniform platform, realizes the integration of enterprise's internal information application resource, the loaded down with trivial details process when solving the isolated separately each other problem of enterprise operation system, employee and using a plurality of enterprise operation system.The employee just can easily visit authorized resource, and need not repeatedly to login and authenticate as long as once sign in on this platform, these authorization resources, and what the employee can be according to oneself likes self-defined organizing together.
System adopts the development language of JAVA as system based on the J2EE platform, realizes unified resource platform personnel, institutional unified management in conjunction with enterprise content bundle of services 3 (LDAP), realizes the number of the account uniqueness of each infosystem of enterprises employee.
Unified resource platform 2 provides following major function:
1) provides organization of unity mechanism of enterprise interface;
2) provide enterprise to unify personnel's view and Account Administration;
3) provide the Unified Identity checking;
4) provide the unified resource service;
5) provide the uniform authorization service.
System provides the licensing scheme of the access control (RBAC) based on the role, according to different duties, adopts different authority measures; Personnel to all access information systems carry out the Permission Levels setting, delimit necessary minimum authorization scope by its responsibility, limit the different system function that each Permission Levels operating personnel can carry out in detail.Based on the uniform authorization service, the IT managerial personnel can easily manage concentratedly and safeguard for enterprises employee's number of the account.
Embodiment 2
The unified resource platform of my company is mainly in Shanghai Jiulong Information Technology Engineering Co., Ltd. at present, and Shanghai Jiulong Electric Power group uses.Along with effectively carrying out of intra-company's informatization, various infosystems have been built successively in intra-company.There is the situation of inconvenience in the infosystem of a plurality of dispersions in information management, and also comes very big inconvenience for employee's work, for the further developing of informatization of company brought certain obstruction and be stranded rich.
Based on above problem, unified resource platform construction requirement has been proposed by company, promptly realizes the unified menu of built-in system, unified user, uniform authorization management and unified identity authentication.
After adopting the unified resource platform, solved following problem:
1) OA system of company, mailing system, attendance checking system, reimbursement system, human resources platform, department's work centre, project information system, project cost control system, project management system, logistics service platform and inner website delivery system etc. have been integrated, and can in informatization subsequently, integrate more multisystem according to certain interface specification;
2) (Identity Management Domino) is unified configuration management to the user cipher of three directory services for AD, SUN iPlanet to have integrated three directory services;
3) after the user landed from unified inlet, addressable any integration system also switched between each system, need not to repeat to land;
4) use the Intranet network, the unified resource platform has used two HP blade servers on disposing, and directory service and each application system are kept deployed environment separately, do not adjust.In actual applications, the influence of the normal operation of existing system is accomplished to minimize.
Mainly run into the integration problem of authority in the application process, by gathering and redefining, technical employing role-security is inherited at last, finally the distribution that solves overall authority preferably.
This system has promoted the use of more than a year, during this, new registration employee, the employee is transferred and promoted, labor turnover brings operation system account number and the adjustment problem of authority have obtained good solution, implementing the new business system in the integration access of being undertaken by interface specification, progress also relatively smoothly.
Claims (4)
1. disposal route that is applicable to the application integration of To enterprises information resources, it is characterized in that, this method has defined enterprise's unified resource, comprise the overall situation user of enterprise, enterprise's global role and enterprises information system access resource, and integrate application on its basis, concrete steps are as follows:
1) unified resource platform registration;
2) user side login unified resource platform, the unified resource platform is verified its identity in conjunction with the enterprise content server zone;
3) behind the user side login unified resource platform, the addressable resource of unified resource platform display and information system, the first front end blocker is caught the URL information of user side;
4) verify the authority of this user side to this resource;
5) if yes, execution in step 6), if deny execution in step 10)
6) whether the second front end blocker judges this visit for visiting first, if yes, and execution in step 7), if deny execution in step 8);
7) create user session, and enter step 8);
8) page of request access resources is played up;
9) use the resource of this infosystem;
10) the prompting resource is had no right visit information.
2. a kind of disposal route that is applicable to the application integration of To enterprises information resources according to claim 1 is characterized in that, described step 1) unified resource platform registration may further comprise the steps:
1) the front end blocker is tackled transformation to internal enterprise resources;
2) internal enterprise resources through transforming is registered in the unified resource platform;
3) the unified resource platform distributes the resource after registering according to user account different rights grade.
3. a kind of disposal route that is applicable to the application integration of To enterprises information resources according to claim 1 is characterized in that described step 2) in the user side identity is verified be may further comprise the steps:
1) user side carries out encryption with password, and the password after user name and the encryption is input to the unified resource platform;
2) the unified resource platform is decrypted the password after encrypting, and is transferred to the enterprise content server zone together with user name;
3) the enterprise content server zone accept user name and the deciphering after password, by with enterprise content data in server storehouse in information mate;
4), handle relevant return message according to user side credential match result;
5) obtain user side identity documents checking result and relevant information.
4. treating apparatus that is applicable to the application integration of To enterprises information resources, it is characterized in that, this device comprises user terminal, unified resource platform, enterprise content server zone, infosystem, described unified resource platform is provided with the first front end blocker, described infosystem is provided with the second front end blocker, described user side is connected with the first front end blocker, described unified resource platform is connected with the enterprise content server zone, and described unified resource platform is connected with the second front end blocker.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102106442A CN102054203A (en) | 2009-11-05 | 2009-11-05 | Processing method and device for enterprise-oriented information resource application integration |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102106442A CN102054203A (en) | 2009-11-05 | 2009-11-05 | Processing method and device for enterprise-oriented information resource application integration |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102054203A true CN102054203A (en) | 2011-05-11 |
Family
ID=43958499
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009102106442A Pending CN102054203A (en) | 2009-11-05 | 2009-11-05 | Processing method and device for enterprise-oriented information resource application integration |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102054203A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970292A (en) * | 2012-11-20 | 2013-03-13 | 无锡成电科大科技发展有限公司 | Single sign on system and method based on cloud management and key management |
| CN103929325A (en) * | 2014-02-26 | 2014-07-16 | 浪潮软件股份有限公司 | Organization mechanism and user right uniform control method in information system integration |
| CN105721452A (en) * | 2016-01-28 | 2016-06-29 | 沈文策 | Unified login management method for multiple project management backgrounds |
| CN107493304A (en) * | 2017-09-30 | 2017-12-19 | 新奥(中国)燃气投资有限公司 | A kind of Current Authorization Management Platform and method |
| CN110674513A (en) * | 2019-09-02 | 2020-01-10 | 深圳数位传媒科技有限公司 | Enterprise employee information management method and device |
| CN111343168A (en) * | 2020-02-19 | 2020-06-26 | 深圳壹账通智能科技有限公司 | Identity authentication method and device, computer equipment and readable storage medium |
| CN112734389A (en) * | 2021-01-14 | 2021-04-30 | 上海尧信惠达信息科技有限公司 | Human resource management method, system, storage medium and electronic device |
-
2009
- 2009-11-05 CN CN2009102106442A patent/CN102054203A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970292A (en) * | 2012-11-20 | 2013-03-13 | 无锡成电科大科技发展有限公司 | Single sign on system and method based on cloud management and key management |
| CN103929325A (en) * | 2014-02-26 | 2014-07-16 | 浪潮软件股份有限公司 | Organization mechanism and user right uniform control method in information system integration |
| CN105721452A (en) * | 2016-01-28 | 2016-06-29 | 沈文策 | Unified login management method for multiple project management backgrounds |
| CN107493304A (en) * | 2017-09-30 | 2017-12-19 | 新奥(中国)燃气投资有限公司 | A kind of Current Authorization Management Platform and method |
| CN107493304B (en) * | 2017-09-30 | 2020-06-30 | 新奥(中国)燃气投资有限公司 | Authorization management platform and method |
| CN110674513A (en) * | 2019-09-02 | 2020-01-10 | 深圳数位传媒科技有限公司 | Enterprise employee information management method and device |
| CN111343168A (en) * | 2020-02-19 | 2020-06-26 | 深圳壹账通智能科技有限公司 | Identity authentication method and device, computer equipment and readable storage medium |
| CN112734389A (en) * | 2021-01-14 | 2021-04-30 | 上海尧信惠达信息科技有限公司 | Human resource management method, system, storage medium and electronic device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101207485B (en) | System and method of unification identification safety authentication for users | |
| CN102457507B (en) | Cloud computing resources secure sharing method, Apparatus and system | |
| CN101350717B (en) | Method and system for logging on third party server through instant communication software | |
| CN111314340B (en) | Authentication method and authentication platform | |
| CN1235379C (en) | Anomynous access to service | |
| CN102054203A (en) | Processing method and device for enterprise-oriented information resource application integration | |
| CN107508837A (en) | A kind of cross-platform heterogeneous system login method based on intelligent code key certification | |
| CN103152179A (en) | Uniform identity authentication method suitable for multiple application systems | |
| CN103986584A (en) | Double-factor identity verification method based on intelligent equipment | |
| CN1835438A (en) | Method of realizing single time accession between systems and system thereof | |
| CN105262780B (en) | A kind of authority control method and system | |
| CN103414684A (en) | Single sign-on method and system | |
| CN102984169A (en) | Single sign-on method, equipment and system | |
| CN1547343A (en) | A Single Sign On method based on digital certificate | |
| JP2007264835A (en) | Authentication method and system | |
| CN101626369A (en) | Method, device and system for single sign-on | |
| US8291214B2 (en) | Apparatus and method for secure remote processing | |
| CN106533693B (en) | Access method and device of railway vehicle monitoring and overhauling system | |
| CN100365974C (en) | Device and method for controlling computer access | |
| CN104753960B (en) | A kind of system configuration management method based on single-sign-on | |
| CN1588853A (en) | Uniform identication method and system based on network | |
| CN102209046A (en) | Network resource integration system and method | |
| CN105703910A (en) | Dynamic password verifying method based on Wechat service number | |
| CN102263784A (en) | SSO (signal sign on) method and system | |
| CN102420808B (en) | Method for realizing single signon on telecom on-line business hall |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: SHANGHAI JIULONG ELECTRIC POWER (GROUP) CO., LTD. |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20110610 Address after: 200070, No. 455, Changan Road, Shanghai, 3 Applicant after: Shanghai Jiulong Information Technology Engineering Co., Ltd. Co-applicant after: Shanghai Jiulong Electric Power (Group) Co., Ltd. Address before: 200070, No. 455, Changan Road, Shanghai, 3 Applicant before: Shanghai Jiulong Information Technology Engineering Co., Ltd. |
|
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110511 |