CN104410604A - SaaS service system for achieving large scale of users to log in at the same time and method thereof - Google Patents

SaaS service system for achieving large scale of users to log in at the same time and method thereof Download PDF

Info

Publication number
CN104410604A
CN104410604A CN201410591276.1A CN201410591276A CN104410604A CN 104410604 A CN104410604 A CN 104410604A CN 201410591276 A CN201410591276 A CN 201410591276A CN 104410604 A CN104410604 A CN 104410604A
Authority
CN
China
Prior art keywords
user
cluster
enterprise
service
application server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410591276.1A
Other languages
Chinese (zh)
Inventor
张来卿
徐震宇
孙傲冰
季统凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
G Cloud Technology Co Ltd
Original Assignee
G Cloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by G Cloud Technology Co Ltd filed Critical G Cloud Technology Co Ltd
Priority to CN201410591276.1A priority Critical patent/CN104410604A/en
Publication of CN104410604A publication Critical patent/CN104410604A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention relates to the field of cloud computing, in particular, to an SaaS service system for achieving large scale of users to log in at the same time and a method thereof. The present invention system consists of a single sign-on concurrent cluster, a public library, an application server cluster, a service application server cluster and a database cluster; the deployment of the application server cluster is achieved through balancing loading and distributing technology; and the deployment of the database cluster through reading writing separating technology and database independent branch library. The present invention solves the problem of large scale of users logging in, accessing, storing server data at the same time; and can be used in concurrent processing in the SaaS service mode.

Description

Realize SaaS service system that large-scale consumer logs in simultaneously and method thereof
Technical field
The present invention relates to field of cloud calculation, especially a kind ofly realize SaaS service system that large-scale consumer logs in simultaneously and method thereof.
Background technology
Cloud computing (Cloud Computing) is virtual (Virtualization), effectiveness calculates the mixing evolution of the concept such as (UtilityComputing), IaaS (namely infrastructure serve), PaaS (namely platform serves), SaaS (namely software serve) and the result risen to.Cloud computing describes a kind of new computation schema: application, data and IT resource are supplied to user in the mode of service by network and use.
SaaS and Software-as-a-service, is meant to software and namely serves, and is the software application pattern providing software service based on the Internet, therefore needs the software service providing solution concurrent greatly.
The subject matter faced at present has:
1, SaaS software lacks the concurrent method of effective support, cannot support large-scale concurrent access.
2, the concurrent problem of SaaS business model be the topic of Technical Development Area hot topic, but the company really handling concurrent problem well is very few always, particularly cannot solve large-scale consumer and log in the concurrent of the concurrent and digital independent that brings and storage.
Summary of the invention
One of technical problem that the present invention solves is to provide a kind of SaaS service system realizing large-scale consumer and log in simultaneously, solves large-scale consumer and logs in the concurrent problem that SaaS software service brings simultaneously.
Two of the technical problem that the present invention solves is to provide a kind of SaaS service system to realize method concurrent greatly, and solution large-scale consumer logs in the concurrent problem that SaaS software service brings simultaneously.
The technical scheme that the present invention one of solves the problems of the technologies described above is:
Described system is made up of the concurrent cluster of single-sign-on, public library, application server cluster, service application service device cluster and data-base cluster;
The concurrent cluster of described single-sign-on, core is CAS authentication center and ldap directory service, and CAS authentication center realizes unifying user authentication, for user logs in the entrance that multi-application system provides unified; Ldap directory is served, and realizes personnel arrangement framework and stores, realized the load balancing of CAS authentication center by the mode of software; Served by distributed deployment ldap directory, realize the synchronous of the user data of multiple LDAP service;
Described public library, realizes the distribution of access to public library by read and write abruption technology; For storing the public information of all users, mainly store the information such as user name, password, enterprise's numbering, subdata base IP and connection string; And be used for authentication of users log in legitimacy, judge the identity information of login user;
Described application server cluster and service application service device cluster, realize the load balancing of SaaS software application based on software mode by multiple servers;
Described data-base cluster, wherein each enterprise storehouse represents an enterprise, and be used for storing user data and the creation data of this user, each database is separate, only access the database of oneself enterprise when realizing an accessed enterprise, bring impact can not to other enterprise customers access.
The present invention solve the problems of the technologies described above two technical scheme be:
Described system login step comprises:
Step one, user submits access request to;
Step 2, system accepts request, Requests routing to the concurrent cluster login interface of single-sign-on;
Step 3, user inputs user name, password, submits logging request to;
Step 4, logging request has been implemented the CAS authentication center of load balancing, is automatically distributed to idle application server logs according to loading condition;
Step 5, application server reads user profile automatically according to the rule of configuration from LDAP cluster;
Step 6, user name, password are correct, login successfully; As user name, password bad then repeat abovementioned steps;
Service data visitation and the storing step of described system are as follows:
Step one, user name, password are by checking;
Step 2, access application server cluster;
Step 3, application server request public library acquires IP address and the DataBase combining character string at place, user owned enterprise storehouse;
Step 4, user, according to the IP obtained and DataBase combining character string, accesses corresponding enterprise database by business event cluster;
Step 5, user's access service application server cluster, dispatch user access again after service application service device cluster load balance;
Step 6, application server access data-base cluster.
Described LDAP is a kind of hierarchical data storehouse, according to tree organizational information, to browsing and searching catalogue and reading of content is optimized.
The present invention realizes unifying user authentication by single-sign-on concurrent cluster CAS authentication center, for user logs in the entrance that multi-application system provides unified; Ldap directory is served, and realizes personnel arrangement framework and stores, realized the load balancing of CAS authentication center, served by distributed deployment ldap directory by the mode of software, realizes the synchronous of the user data of multiple LDAP service.Public library, realizes the distribution of access to public library by read and write abruption technology.Application server cluster and service application service device cluster are all the load balancing being realized SaaS software application by multiple servers based on software mode.Data-base cluster, wherein each enterprise storehouse represents an enterprise, is used for storing user data and the creation data of this user, each database is separate, when also just achieving an accessed enterprise, only access the database of oneself enterprise, bring impact can not to other enterprise customers access.Therefore, present invention efficiently solves the concurrent problem that large-scale consumer is brought.
Accompanying drawing explanation
Below in conjunction with accompanying drawing, the present invention is further described:
Fig. 1 is structured flowchart of the present invention;
Tu2Shi public library enterprise shows;
Fig. 3 is public library subscriber's meter.
Embodiment
As shown in Figure 1, concrete steps of the present invention are:
One, concurrent step is logged in
1) large-scale consumer submits access request to.
2) system accepts request, Requests routing to the concurrent cluster login interface of single-sign-on.
3) user inputs user name, password, submits logging request to.
4) logging request has been implemented the CAS authentication center of load balancing, is automatically distributed to idle application server logs according to loading condition.
5) then application server reads user profile automatically according to the rule of configuration from LDAP cluster, LDAP is a kind of hierarchical data storehouse, according to tree organizational information, LDAP is to browsing and search catalogue and reading of content has carried out special optimization, there is extraordinary reading data capability, read the fast order of magnitude of data than from relevant database.Take LDAP as the authentication database of single-node login system, a large number of users Concurrency Access can well be processed, and directory tree structure is also convenient to the management to personnel arrangement framework.
6) user name, password correctly, login successfully.
7) user name, password bad repeat 1-6 process.
Two, the concurrent step of service data visitation and storage
1) user name, password are by checking.
2) access application server cluster, application server cluster is the load balancing being realized SaaS software application by multiple servers based on software mode.
3) application server request public library acquires IP address and the DataBase combining character string at place, user owned enterprise storehouse.Public library solves the concurrent of access by read and write abruption technology.Wherein public library is used for storing the public information of all users, mainly stores the information such as user name, password, enterprise's numbering, subdata base IP and connection string, and is used for the legitimacy that authentication of users logs in, and judges the identity information of login user.
4) user is according to the IP obtained and DataBase combining character string, accesses corresponding enterprise database by business event cluster.
5) user's access service application server cluster, service application service device cluster realizes the load balancing dispatch user access again of SaaS software application based on software mode by multiple servers.
6) application server access data-base cluster, wherein each enterprise storehouse represents an enterprise, be used for storing user data and the creation data of this user, each database is separate, when also just achieving an accessed enterprise, only access the database of oneself enterprise, bring impact can not to other enterprise customers access, thus solve the concurrent problem of database access.
7) user just operates for this enterprise storehouse service data visitation and storage like this, can not be with and visit impact, solve the access of business datum and the concurrent problem of storage to other enterprise customers.
One, in the inventive method, public library specifically describes as Fig. 2, Fig. 3;
1) public library described in, realizes the distribution of access to public library by read and write abruption technology.
2) Fig. 2 is public library enterprise table, main storage be the information such as enterprise's numbering, enterprise name, domain name, subdata base IP and connection string, subdata base IP and connection string DbConnectionStr adopts cipher mode to store herein, the same enterprise of representative that wherein domain name is identical.
3) Fig. 3 is public library subscriber's meter, mainly stores user name (mailbox), password, enterprise ID.Wherein enterprise ID is the external key of public library enterprise table.
4) when user accesses, input user name, password public library subscriber's meter come authentication of users log in legitimacy, judge the identity information of login user.If identity is correct, inquired the information such as subdata base IP in enterprise storehouse and connection string by the enterprise ID in subscriber's meter.
5) just enterprise business data storehouse can be accessed by information such as subdata base IP and connection strings.
6) in business library redundancy a set of oneself enterprise's table and subscriber's meter, each enterprise is when Adding User, also by background service program newly-increased user data, can be synchronized in government enterprise table and subscriber's meter, in such public library, store all information needing login user.
Two, the detailed description of LDAP, CAS
1) structure constructing the Schema of LDAP according to the field of public library is as follows:
2) called after gcloudPersion.schema, in configuration file, includes this schema, allows this schema come into force.Beginning in the middle of configuration file slapd.conf adds one: include/usr/local/openldap/etc/openldap/schema/gcloudPer such sion.schema.So just can store common user's data.
3) served by user data synchronization, store in the directory tree of synchronous for common data OpenLDAP, different application servers configures identical OpenLDAP, and mutually connects.User data public so just can in OpenLDAP cluster automatic synchronization, keep data consistent.
4) user is when logging in application server cluster, can first jump to identifying user identity in single-sign-on application cluster, CAS authentication center is by the load balancing dispersion user access pressure of cluster, if be proved to be successful, and then jump to application server cluster, from public library, obtain IP and the DataBase combining character string of this enterprise customer access, finally enter business library cluster.

Claims (3)

1. can realize the SaaS service system that large-scale consumer logs in simultaneously, it is characterized in that: described system is made up of the concurrent cluster of single-sign-on, public library, application server cluster, service application service device cluster and data-base cluster;
The concurrent cluster of described single-sign-on, core is CAS authentication center and ldap directory service, and CAS authentication center realizes unifying user authentication, for user logs in the entrance that multi-application system provides unified; Ldap directory is served, and realizes personnel arrangement framework and stores, realized the load balancing of CAS authentication center by the mode of software; Served by distributed deployment ldap directory, realize the synchronous of the user data of multiple LDAP service;
Described public library, realizes the distribution of access to public library by read and write abruption technology; For storing the public information of all users, mainly store the information such as user name, password, enterprise's numbering, subdata base IP and connection string; And be used for authentication of users log in legitimacy, judge the identity information of login user;
Described application server cluster and service application service device cluster, realize the load balancing of SaaS software application based on software mode by multiple servers;
Described data-base cluster, wherein each enterprise storehouse represents an enterprise, and be used for storing user data and the creation data of this user, each database is separate, only access the database of oneself enterprise when realizing an accessed enterprise, bring impact can not to other enterprise customers access.
2. a large concurrent method for SaaS service system according to claim 1, is characterized in that: described system login step comprises:
Step one, user submits access request to;
Step 2, system accepts request, Requests routing to the concurrent cluster login interface of single-sign-on;
Step 3, user inputs user name, password, submits logging request to;
Step 4, logging request has been implemented the CAS authentication center of load balancing, is automatically distributed to idle application server logs according to loading condition;
Step 5, application server reads user profile automatically according to the rule of configuration from LDAP cluster;
Step 6, user name, password are correct, login successfully; As user name, password bad then repeat abovementioned steps;
Service data visitation and the storing step of described system are as follows:
Step one, user name, password are by checking;
Step 2, access application server cluster;
Step 3, application server request public library acquires IP address and the DataBase combining character string at place, user owned enterprise storehouse;
Step 4, user, according to the IP obtained and DataBase combining character string, accesses corresponding enterprise database by business event cluster;
Step 5, user's access service application server cluster, dispatch user access again after service application service device cluster load balance;
Step 6, application server access data-base cluster.
3. the large concurrent method of SaaS service system according to claim 2, is characterized in that: described LDAP is a kind of hierarchical data storehouse, according to tree organizational information, to browsing and searching catalogue and reading of content is optimized.
CN201410591276.1A 2014-10-28 2014-10-28 SaaS service system for achieving large scale of users to log in at the same time and method thereof Pending CN104410604A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410591276.1A CN104410604A (en) 2014-10-28 2014-10-28 SaaS service system for achieving large scale of users to log in at the same time and method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410591276.1A CN104410604A (en) 2014-10-28 2014-10-28 SaaS service system for achieving large scale of users to log in at the same time and method thereof

Publications (1)

Publication Number Publication Date
CN104410604A true CN104410604A (en) 2015-03-11

Family

ID=52648202

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410591276.1A Pending CN104410604A (en) 2014-10-28 2014-10-28 SaaS service system for achieving large scale of users to log in at the same time and method thereof

Country Status (1)

Country Link
CN (1) CN104410604A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105471965A (en) * 2015-11-17 2016-04-06 国云科技股份有限公司 Method for multiple heterogeneous systems to synchronize user data to one LDAP
CN106936582A (en) * 2015-12-31 2017-07-07 航天信息股份有限公司 Electronic Seal System and method
CN107483475A (en) * 2017-09-06 2017-12-15 上海尚渝网络科技有限公司 Network authentication system and its method under large concurrent
CN107818448A (en) * 2017-09-29 2018-03-20 北京博泰创智科技有限公司 A kind of integrated service system and method for human resources
CN108293045A (en) * 2015-11-12 2018-07-17 微软技术许可有限责任公司 Single-sign-on Identity Management between local and remote system
CN108737527A (en) * 2018-05-11 2018-11-02 重庆工商职业学院 One kind being suitable for platform large-scale consumer access method and system
CN109067785A (en) * 2018-09-19 2018-12-21 新华三大数据技术有限公司 Cluster authentication method, device
CN109417557A (en) * 2016-06-06 2019-03-01 伊鲁米那股份有限公司 The aware distributed application authorization of tenant

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102868744A (en) * 2012-09-10 2013-01-09 北京用友政务软件有限公司 Automated integrated management method for realizing SaaS (Software as a Service) and IaaS (Infrastructure as a Service)
CN102981440A (en) * 2012-11-02 2013-03-20 武汉理工大学 Intelligent device monitoring and managing system based on software as a service (SaaS)
US20130117195A1 (en) * 2011-03-07 2013-05-09 Tata Consultancy Services Limited Collaborative platform for it service and vendor management
CN103685537A (en) * 2013-12-20 2014-03-26 国云科技股份有限公司 Data read-write method for realizing SaaS service mode
US8856527B1 (en) * 2011-02-07 2014-10-07 Symantec Corporation Graphical user interface for digital certificate profile configuration

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8856527B1 (en) * 2011-02-07 2014-10-07 Symantec Corporation Graphical user interface for digital certificate profile configuration
US20130117195A1 (en) * 2011-03-07 2013-05-09 Tata Consultancy Services Limited Collaborative platform for it service and vendor management
CN102868744A (en) * 2012-09-10 2013-01-09 北京用友政务软件有限公司 Automated integrated management method for realizing SaaS (Software as a Service) and IaaS (Infrastructure as a Service)
CN102981440A (en) * 2012-11-02 2013-03-20 武汉理工大学 Intelligent device monitoring and managing system based on software as a service (SaaS)
CN103685537A (en) * 2013-12-20 2014-03-26 国云科技股份有限公司 Data read-write method for realizing SaaS service mode

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郭一錡: "增强SAAS服务商与客户之间信任度的技术策略研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108293045A (en) * 2015-11-12 2018-07-17 微软技术许可有限责任公司 Single-sign-on Identity Management between local and remote system
US10749854B2 (en) 2015-11-12 2020-08-18 Microsoft Technology Licensing, Llc Single sign-on identity management between local and remote systems
CN108293045B (en) * 2015-11-12 2021-01-26 微软技术许可有限责任公司 Single sign-on identity management between local and remote systems
CN105471965A (en) * 2015-11-17 2016-04-06 国云科技股份有限公司 Method for multiple heterogeneous systems to synchronize user data to one LDAP
CN106936582A (en) * 2015-12-31 2017-07-07 航天信息股份有限公司 Electronic Seal System and method
CN109417557A (en) * 2016-06-06 2019-03-01 伊鲁米那股份有限公司 The aware distributed application authorization of tenant
US11683300B2 (en) 2016-06-06 2023-06-20 Illumina, Inc. Tenant-aware distributed application authentication
CN107483475A (en) * 2017-09-06 2017-12-15 上海尚渝网络科技有限公司 Network authentication system and its method under large concurrent
CN107818448A (en) * 2017-09-29 2018-03-20 北京博泰创智科技有限公司 A kind of integrated service system and method for human resources
CN108737527A (en) * 2018-05-11 2018-11-02 重庆工商职业学院 One kind being suitable for platform large-scale consumer access method and system
CN108737527B (en) * 2018-05-11 2021-07-09 重庆工商职业学院 Large-scale user access method and system suitable for platform
CN109067785A (en) * 2018-09-19 2018-12-21 新华三大数据技术有限公司 Cluster authentication method, device

Similar Documents

Publication Publication Date Title
CN104410604A (en) SaaS service system for achieving large scale of users to log in at the same time and method thereof
TWI473029B (en) Extensible and programmable multi-tenant service architecture
CN112166588B (en) Tenant replication bootstrapping for multi-tenant identity cloud services
US8200705B2 (en) Method and apparatus for applying database partitioning in a multi-tenancy scenario
CN104283875B (en) Cloud disk right management method
US8782762B2 (en) Building data security in a networked computing environment
US10157214B1 (en) Process for data migration between document stores
US20130238557A1 (en) Managing tenant-specific data sets in a multi-tenant environment
US8578460B2 (en) Automating cloud service reconnections
US10860604B1 (en) Scalable tracking for database udpates according to a secondary index
CN110413595B (en) Data migration method applied to distributed database and related device
US10467424B2 (en) File system content based security
RU2012155862A (en) ONLINE SURVEILLANCE CONTROLS USING EXTENDED SIGNS OF THE CATALOG
US10152239B1 (en) Migration to a multi-tiered data store
US11100125B2 (en) Migrating data between partitioned databases
CN106547646B (en) Data backup and recovery method and data backup and recovery device
US10262024B1 (en) Providing consistent access to data objects transcending storage limitations in a non-relational data store
CN109284322A (en) A kind of data center
CN107395711A (en) Heterogeneous system session access method and relevant apparatus
US9607072B2 (en) System and method for implementing nested relationships within a schemaless database
CN112653665A (en) Data isolation interaction method and system based on cloud service
US8862544B2 (en) Grid based replication
CN101916396A (en) Digital home government system and method
Chullipparambil Big data analytics using Hadoop tools
US9652308B2 (en) Sharing a partitioned data set across parallel applications

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150311