CN109815683B - Authority verification method and related device - Google Patents

Authority verification method and related device Download PDF

Info

Publication number
CN109815683B
CN109815683B CN201811640222.4A CN201811640222A CN109815683B CN 109815683 B CN109815683 B CN 109815683B CN 201811640222 A CN201811640222 A CN 201811640222A CN 109815683 B CN109815683 B CN 109815683B
Authority
CN
China
Prior art keywords
sub
function module
micro
service instance
authority
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811640222.4A
Other languages
Chinese (zh)
Other versions
CN109815683A (en
Inventor
李春林
莫中平
蓝深
钟斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Intellifusion Technologies Co Ltd
Original Assignee
Shenzhen Intellifusion Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Intellifusion Technologies Co Ltd filed Critical Shenzhen Intellifusion Technologies Co Ltd
Priority to CN201811640222.4A priority Critical patent/CN109815683B/en
Publication of CN109815683A publication Critical patent/CN109815683A/en
Priority to PCT/CN2019/121604 priority patent/WO2020134838A1/en
Application granted granted Critical
Publication of CN109815683B publication Critical patent/CN109815683B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Facsimiles In General (AREA)

Abstract

The embodiment of the application discloses a permission verification method and a related device, wherein the method comprises the following steps: when a starting request aiming at a first micro service instance is detected, calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance through the main function module to acquire an authority identifier; calling a second sub-function module corresponding to the authority verification function through the first sub-function module, and verifying whether the authority identification is valid according to the second sub-function module; and when the authority identification is detected to be valid, executing the first micro service instance through the first sub-function module. The method and the device are beneficial to improving the convenience of the permission verification in the micro service mode and reducing the redundancy of the permission verification code.

Description

Authority verification method and related device
Technical Field
The present application relates to the field of electronic technologies, and in particular, to a method and a related apparatus for verifying a permission.
Background
With the rise of micro-service architecture, the challenge of identity authentication and authorization under the traditional single application scenario is getting bigger and bigger. In a single application system, the application is a whole, and generally, permission verification is performed on all requests.
However, under the micro service architecture, an application is split into a plurality of micro applications, each micro application needs to authenticate access, each micro application needs to determine a current access user and the authority of the current access user, and a code needs to be implanted into each micro service to acquire authority information, so that code redundancy is caused, and the method is very suitable for the authentication mode under the single application architecture.
Disclosure of Invention
The embodiment of the application provides a permission verification method and a related device, aiming at improving the convenience of permission verification in a micro service mode and reducing the redundancy of permission verification codes.
In a first aspect, an embodiment of the present application provides an authority verification method, which is applied to an electronic device, where a target application is installed on the electronic device, the target application includes a main function module and a plurality of sub-function modules, and the method includes:
when a starting request aiming at a first micro service instance is detected, calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance through the main function module to acquire an authority identifier;
calling a second sub-function module corresponding to the authority verification function through the first sub-function module, and verifying whether the authority identification is valid according to the second sub-function module;
and when the authority identification is detected to be valid, executing the first micro service instance through the first sub-function module.
In a second aspect, an embodiment of the present application provides an authorization verifying apparatus, which is applied to an electronic device, on which a target application is installed, the target application including a main function module and a plurality of sub-function modules, the authorization verifying apparatus including an obtaining unit, a verifying unit, and an executing unit, wherein,
the obtaining unit is configured to, when a start request for a first micro service instance is detected, call, by the main function module, a first sub-function module of the plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier;
the verification unit is used for calling a second sub-function module corresponding to the authority verification function through the first sub-function module and verifying whether the authority identification is valid according to the second sub-function module;
and the execution unit is used for executing the first micro service instance through the first sub-function module when the authority identification is detected to be valid.
In a third aspect, an embodiment of the present application provides an electronic device, including a processor, a memory, a communication interface, and one or more programs, where the one or more programs are stored in the memory and configured to be executed by the processor, and the program includes instructions for executing steps in any method of the first aspect of the embodiment of the present application.
In a fourth aspect, the present application provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program for electronic data exchange, where the computer program makes a computer perform part or all of the steps described in any one of the methods of the first aspect of the present application.
In a fifth aspect, the present application provides a computer program product, wherein the computer program product includes a non-transitory computer-readable storage medium storing a computer program, and the computer program is operable to cause a computer to perform some or all of the steps as described in any one of the methods of the first aspect of the embodiments of the present application. The computer program product may be a software installation package.
It can be seen that, in the embodiment of the present application, when a start request for a first micro service instance is detected, an electronic device first calls, through a main function module, a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier, then calls, through the first sub-function module, a second sub-function module corresponding to an authority verification function, and verifies whether the authority identifier is valid according to the second sub-function module, and finally, when the authority identifier is detected to be valid, executes the first micro service instance through the first sub-function module. Therefore, under the micro-service architecture, the electronic equipment does not need to add an authority verification code into the sub-function module of each micro-service, only intercepts the authority identification to call the sub-module of the authority verification function for verification when verification is needed, can avoid the code of the authority verification of each micro-service application, is beneficial to reducing the redundancy of each micro-service application code, and improves the convenience of the authority verification under the micro-service mode.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic architecture diagram of a micro service architecture according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a method for verifying a right according to an embodiment of the present application;
FIG. 3 is a flowchart illustrating another method for verifying authority according to an embodiment of the present application;
FIG. 4 is a flowchart illustrating another method for verifying authority according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device provided in an embodiment of the present application;
fig. 6 is a block diagram of functional units of a rights verification apparatus according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first," "second," and the like in the description and claims of the present application and in the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.
The electronic device according to the embodiments of the present application may include various handheld devices, vehicle-mounted devices, wearable devices, computing devices or other processing devices connected to a wireless modem, and various forms of User Equipment (UE), Mobile Stations (MS), electronic devices (terminal device), and the like.
The embodiments of the present application will be described in detail below with reference to the accompanying drawings.
The purpose of the Microservices Architecture Pattern (Microservices Architecture Pattern) is to build large, complex, long-running applications as a set of interworking services, each of which can be easily locally improved.
In short, the microservice architecture is a method for developing a single Application as a suite of small services, each running in its own process and communicating with a lightweight mechanism (typically an Application Programming Interface (API) for HTTP resources). The services are built around business functions and can be independently deployed through a full-automatic deployment mechanism. Centralized management of these services is minimal and they can be written in different programming languages and use different data storage technologies.
A microservice-based architecture may have 5 to 100 or more services. The API gateway may provide a uniform entry point for external consumers regardless of the number and composition of internal micro services, for example, as shown in fig. 1, an application a based on a micro service architecture is composed of a plurality of micro service applications, each micro service corresponds to a different function in the application a, specifically, a function 1 corresponding to a micro service 1, a function 2 corresponding to a micro service 2, a function 3 corresponding to a micro service 3, a function 4 corresponding to a micro service 4, a function 5 corresponding to a micro service 5, and the like, each micro service may be designed and completed by a different design team, that is, each micro service is independent, and each micro service may be written using a different programming language.
The following describes embodiments of the present invention in detail.
Referring to fig. 2, fig. 2 is a schematic flowchart of a method for rights verification provided in an embodiment of the present application, and is applied to an electronic device, where a target application is installed on the electronic device, and the target application includes a main function module and a plurality of sub-function modules, as shown in the figure, the method for rights verification includes:
s201, when the electronic device detects a starting request for a first micro-service instance, the electronic device calls a first sub-function module in a plurality of sub-function modules corresponding to the first micro-service instance through the main function module to obtain an authority identifier.
The specific implementation manner of the electronic device when detecting the start request for the first micro service instance may be that the electronic device detects a selection operation of a user for the first micro service instance, where the selection operation may be a touch operation, a voice operation, and the like, and is not limited herein.
The authority identifier is Token, and the main function module and the plurality of sub-function modules belong to the relation between calling and called.
S202, the electronic equipment calls a second sub-function module corresponding to the authority verification function through the first sub-function module, and verifies whether the authority identification is valid according to the second sub-function module.
Under the micro service architecture, the permission verification program corresponds to a single micro service application, the same permission verification program does not need to be added in each other micro service application, the micro service application corresponds to the second sub-function module, and the permission verification function of the second sub-function module can verify the validity of any Token.
S203, when the electronic device detects that the authority identifier is valid, the first micro service instance is executed through the first sub-function module.
The permission identifier is used for the first sub-function module to verify the starting request, namely when the verification is successful, the target application program is proved to have the permission to call and access the first micro-service instance interface, then the functional page corresponding to the first micro-service instance is jumped to, if the verification is failed, the jump response is not executed, and when the corresponding first sub-function module can feed back a message of the verification failure to the main function module, the main function module can display information of the jump failure and the like on the page before the jump.
It can be seen that, in the embodiment of the present application, when a start request for a first micro service instance is detected, an electronic device first calls, through a main function module, a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier, then calls, through the first sub-function module, a second sub-function module corresponding to an authority verification function, and verifies whether the authority identifier is valid according to the second sub-function module, and finally, when the authority identifier is detected to be valid, executes the first micro service instance through the first sub-function module. Therefore, under the micro-service architecture, the electronic equipment does not need to add an authority verification code into the sub-function module of each micro-service, only intercepts the authority identification to call the sub-module of the authority verification function for verification when verification is needed, can avoid the code of the authority verification of each micro-service application, is beneficial to reducing the redundancy of each micro-service application code, and improves the convenience of the authority verification under the micro-service mode.
In one possible example, before the detecting the launch request for the first microservice instance, the method further comprises:
when a login request aiming at a target application program is detected, acquiring a login identifier in the login request through the main function module;
logging in the target application program when receiving a message that the login identification is successfully verified by the server;
receiving the authority identifier from the server through the master function module, wherein the authority identifier is an authority identifier pre-configured by the server according to the login identifier.
The authority identification is distributed by the server, namely when the server logs in a user name and a password, the authority identification is obtained according to the user name, namely an account corresponds to an authority identification value.
And the main function module stores the authority identification when receiving the authority identification.
Therefore, in this example, when the electronic device logs in the target application program, the unique authority identifier for the login identifier can be acquired from the server, and the authority identifier is stored, so that convenience of acquiring the authority identifier when other micro-services use the authority identifier is promoted.
In one possible example, after detecting the launch request for the first microservice instance, the method further comprises:
calling a first sub-function module corresponding to the first micro-service instance through the main function module;
and preloading an interceptor and a fuse through the first sub-function module, wherein the interceptor is used for the first sub-function module to acquire the authority identifier, the fuse is used for enabling a third sub-function module to acquire the authority identifier, and a second micro-service instance corresponding to the third sub-function module is independent of the first micro-service instance.
The interceptor is used for intercepting before a certain method or field is accessed and then adding some operations before or after the method or field is accessed, and here, the first sub-function module preloads the interceptor so that the interceptor acquires the authority identifier before the first sub-function executes the corresponding first micro-service instance.
The fuse is a rewriting fuse, the interface rewriting method is realized by configuring a processing class, and the authority identification is transferred to the third subfunction.
The second micro-service instance corresponding to the third sub-function module is independent of the first micro-service instance, that is, the second micro-service instance and the first micro-service instance are two independent and unrelated micro-services, and it can be understood that a thread executing the second micro-service instance and a thread executing the first micro-service instance are different threads.
It can be seen that, in this example, after the electronic device calls the first sub-function module through the main function, the first sub-function module may load the interceptor and the fuse in advance, instead of loading after the interceptor and the fuse need to be used, which is beneficial to improving timeliness of the permission verification.
In one possible example, after the executing of the first micro-service instance by the first sub-function module, the method further includes:
determining a first relationship of a third microservice instance to the first microservice instance when a start request for the third microservice instance is detected;
calling the first sub-function module to send the authority identification to a fourth sub-function module corresponding to the third micro-service instance according to the first relation;
acquiring the authority identification through the fourth sub-function module, and verifying whether the authority identification is valid or not by calling the second sub-function module;
and when the authority identification is detected to be valid, executing the third micro-service instance through the fourth sub-function module.
The first relation comprises a mutually independent relation and an affiliation, wherein the affiliation is a micro-service instance which is carried out by two micro-service instances belonging to the same thread.
And the first sub-function module sends the authority identification to the fourth sub-function module through different methods according to different first relations, and the method is preset in the first sub-function module.
As can be seen, in this example, when the electronic device executes the first micro service instance and detects a start request of another micro service instance, the electronic device sends the permission identifier according to the corresponding relationship between the micro service instance and the first micro service instance, which is beneficial to ensuring that any micro service instance can obtain the permission identifier, and improves the guarantee of permission verification.
In this possible example, the first relationship is that the third micro service instance belongs to the first micro service instance, and the invoking the first sub-function module sends the permission identifier to a fourth sub-function module corresponding to the third micro service instance according to the first relationship includes:
when the first relation is a subordinate relation, calling the first sub-function module to inject the authority identification into the F client side in the main function module;
and sending the authority identification to the fourth sub-function module corresponding to the third micro-service instance through the F client.
The F client, namely Feign, is a declaration web service client, which is more convenient than writing of the web service client, an interface is created by using the Feign, and the interface binding of a service provider can be completed only by configuring and defining the interface by using an annotation method, so that the development amount of the self-encapsulation service calling client is simplified.
The first sub-function module can send the authority identification to the fourth sub-function module through the interface created by the F client.
And sending the permission identifier to the fourth sub-function module corresponding to the third micro-service instance through the F client, where the permission identifier may be set to a header of an http request to provide a basis for permission verification for the fourth sub-function module.
As can be seen, in this example, when the first relationship is the dependency relationship, the electronic device may directly send the permission identifier to the fourth sub-function module through the F client, and the F client is in an annotation manner, which is beneficial to reducing the code redundancy of the third micro-service instance and avoiding code intrusion on the third micro-service instance.
In one possible example, the first relationship is that the third micro service instance is independent of the first micro service instance, and the invoking the first sub-function module sends the permission identifier to a fourth sub-function module corresponding to the third micro service instance according to the first relationship includes:
and when the first relation is an independent relation, calling the first sub-function module to transfer the authority identifier to a fourth sub-function module corresponding to the third micro-service instance through a preset strategy of a fuse, so that the fourth sub-function module realizes starting a plurality of micro-service instances subordinate to the third micro-service instance through an F client in a mode of injecting the authority identifier into the F client.
The specific implementation manner of the first sub-function module transferring the authority identifier to the fourth sub-function module corresponding to the third micro-service instance through the preset policy of the fuse may be that an interface is created through the rewrite fuse, and the authority identifier is transferred to the fourth sub-function module through the interface, where the preset policy may be an isolation policy of the rewrite fuse.
When the first micro-service instance and the third micro-service instance which are in independent relation need to be started simultaneously, the permission identification transmission between the two micro-service instances of the non-identical thread can be realized through the isolation strategy of the rewriting fuse.
As can be seen, in this example, when the electronic device needs to start a third micro service instance that does not belong to the same thread as the first micro service instance in the process of executing the first micro service instance, the fourth sub-function module obtains the permission identifier by rewriting the isolation policy of the fuse, which is beneficial to improving the permission verification and the start reliability of each micro service instance.
In one possible example, the invoking, by the main function module, a first sub-function module in the plurality of sub-function modules corresponding to the first micro-service instance to obtain the permission identifier includes:
calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro-service instance through the main function module to acquire a request header of a starting request aiming at the first micro-service instance;
and determining the authority identification in the request header.
And the request header is an http request header.
As can be seen, in this example, when the electronic device needs to start the first micro-service instance, the permission identifier can be obtained only by obtaining the request header of the start request through the first sub-function, which is beneficial to improving the realizability and convenience of verification of each micro-service permission under the micro-service architecture.
The embodiment shown in fig. 2 is described as a specific embodiment, where the target application is an application a, the application a includes a micro-service instance 1 and a micro-service instance 2, and the permission verification micro-service, the micro-service instance 1 includes a sub-instance 3, the micro-service instance 2 includes a sub-instance 4, when a user logs in the application a and inputs an account and a password, the server simultaneously gives a permission identifier corresponding to the account in the process of determining whether the login is successful or not through the account and the password, when a start request for the micro-service instance 1 is detected, a first sub-function corresponding to the micro-service instance 1 obtains the permission identifier through a request header, simultaneously preloads an interceptor and a fuse, and when the permission verification permission identifier is valid through invoking the permission verification micro-service, executes the micro-service instance 1, and the execution of the micro-service instance 1 is divided into two cases, the first condition is as follows: when a starting request of a subinstance 3 is detected, the permission identifier is injected to an F client side in the main function module by calling the first sub-function module, and the permission identifier is sent to a sub-function module corresponding to the subinstance 3 by the F client side, so that the sub-function module corresponding to the subinstance 3 can call a permission verification micro-service to verify the permission identifier and further execute the subinstance 3; case two: when a start request of the micro-service instance 2 is detected, the permission identifier is injected to the F client in the sub-function module corresponding to the micro-service instance 2 through the isolation policy of the rewriting fuse, and the permission identifier is sent to the sub-function module corresponding to the sub-instance 3 through the F client, so that the sub-function module corresponding to the micro-service instance 2 can call the permission verification micro-service to verify the permission identifier and then execute the micro-service instance 2, and the execution of the micro-service instance 2 can be divided into the two cases in the same way, which is not described herein again.
Referring to fig. 3, fig. 3 is a schematic flowchart of a method for verifying permission according to an embodiment of the present application, and is applied to an electronic device, where the electronic device is installed with a target application, and the target application includes a main function module and a plurality of sub-function modules, as shown in the figure, the method for verifying permission includes:
s301, when the electronic device detects a login request for a target application program, the electronic device obtains a login identifier in the login request through the main function module.
S302, when the electronic device receives the message that the login identification is successfully verified by the server, the electronic device logs in the target application program.
S303, the electronic device receives the authority identifier from the server through the master function module, wherein the authority identifier is the authority identifier pre-configured by the server according to the login identifier.
S304, when the electronic device detects a starting request for a first micro-service instance, the electronic device calls a first sub-function module in a plurality of sub-function modules corresponding to the first micro-service instance through the main function module to obtain the authority identifier.
S305, the electronic device calls a second sub-function module corresponding to the authority verification function through the first sub-function module, and verifies whether the authority identification is valid according to the second sub-function module.
S306, when the electronic device detects that the authority identifier is valid, the first micro service instance is executed through the first sub-function module.
S307, when the electronic device detects a starting request for a third micro-service instance, determining a first relation between the third micro-service instance and the first micro-service instance.
S308, when the first relation is a subordinate relation, the electronic device calls the first sub-function module to inject the permission identifier into the F client side in the main function module.
S309, the electronic device sends the permission identifier to a fourth sub-function module corresponding to the third micro-service instance through the F client.
S310, the electronic device obtains the authority identifier through the fourth sub-function module, and verifies whether the authority identifier is valid or not by calling the second sub-function module.
S311, when the electronic device detects that the authority identifier is valid, the electronic device executes the third micro-service instance through the fourth sub-function module.
It can be seen that, in the embodiment of the present application, when a start request for a first micro service instance is detected, an electronic device first calls, through a main function module, a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier, then calls, through the first sub-function module, a second sub-function module corresponding to an authority verification function, and verifies whether the authority identifier is valid according to the second sub-function module, and finally, when the authority identifier is detected to be valid, executes the first micro service instance through the first sub-function module. Therefore, under the micro-service architecture, the electronic equipment does not need to add an authority verification code into the sub-function module of each micro-service, only intercepts the authority identification to call the sub-module of the authority verification function for verification when verification is needed, can avoid the code of the authority verification of each micro-service application, is beneficial to reducing the redundancy of each micro-service application code, and improves the convenience of the authority verification under the micro-service mode.
In addition, when the electronic equipment logs in the target application program, the unique authority identification aiming at the login identification can be obtained from the server, and the authority identification is stored, so that the convenience of obtaining the authority identification is facilitated when other micro-services use the authority identification.
In addition, under the condition that the electronic equipment executes the first micro service instance, when the starting request of other micro service instances is detected, the permission identification is sent according to the corresponding relation between the micro service instance and the first micro service instance, so that the permission identification can be obtained by any micro service instance, the guarantee of permission verification is promoted, and when the first relation is an affiliation relation, the permission identification can be directly sent to the fourth sub-function module through the F client, and the F client is in an annotation mode, so that the code redundancy of the third micro service instance is reduced, and the code invasion of the third micro service instance is avoided.
Referring to fig. 4, fig. 4 is a schematic flowchart of a method for verifying permission according to an embodiment of the present application, and is applied to an electronic device, where the electronic device is installed with a target application, and the target application includes a main function module and a plurality of sub-function modules, as shown in the figure, the method for verifying permission includes:
s401, when the electronic device detects a starting request for a first micro-service instance, the electronic device calls a first sub-function module of a plurality of sub-function modules corresponding to the first micro-service instance through the main function module.
S402, the electronic device preloads an interceptor and a fuse through the first sub-function module, wherein the interceptor is used for the first sub-function module to obtain the authority identifier, the fuse is used for enabling a third sub-function module to obtain the authority identifier, and a second micro-service instance corresponding to the third sub-function module is independent of the first micro-service instance.
S403, the electronic device calls the first sub-function module to obtain a request header of a starting request for the first micro-service instance through the interceptor.
S404, the electronic device determines the authority identifier in the request header.
S405, the electronic device calls a second sub-function module corresponding to the authority verification function through the first sub-function module, and verifies whether the authority identification is valid according to the second sub-function module.
S406, when the electronic device detects that the authority identifier is valid, the first micro service instance is executed through the first sub-function module.
It can be seen that, in the embodiment of the present application, when a start request for a first micro service instance is detected, an electronic device first calls, through a main function module, a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier, then calls, through the first sub-function module, a second sub-function module corresponding to an authority verification function, and verifies whether the authority identifier is valid according to the second sub-function module, and finally, when the authority identifier is detected to be valid, executes the first micro service instance through the first sub-function module. Therefore, under the micro-service architecture, the electronic equipment does not need to add an authority verification code into the sub-function module of each micro-service, only intercepts the authority identification to call the sub-module of the authority verification function for verification when verification is needed, can avoid the code of the authority verification of each micro-service application, is beneficial to reducing the redundancy of each micro-service application code, and improves the convenience of the authority verification under the micro-service mode.
In addition, after the electronic equipment calls the first sub-function module through the main function, the interceptor and the fuse are loaded in advance by the first sub-function module instead of being loaded after the interceptor and the fuse are used, and the timeliness of authority verification is improved.
In addition, when the electronic device needs to start the first micro-service instance, the permission identifier can be obtained only by obtaining the request header of the start request through the first sub-function, which is beneficial to improving the realizability and convenience of each micro-service permission verification under the micro-service architecture.
In accordance with the embodiments shown in fig. 2, fig. 3, and fig. 4, please refer to fig. 5, and fig. 5 is a schematic structural diagram of an electronic device 500 provided in an embodiment of the present application, where the electronic device 500 has a target application installed thereon, the target application includes a main function module and a plurality of sub-function modules, and as shown in fig. 5, the electronic device 500 includes an application processor 510, a memory 520, a communication interface 530, and one or more programs 521, where the one or more programs 521 are stored in the memory 520 and configured to be executed by the application processor 510, and the one or more programs 521 include instructions for performing the following steps:
when a starting request aiming at a first micro service instance is detected, calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance through the main function module to acquire an authority identifier;
calling a second sub-function module corresponding to the authority verification function through the first sub-function module, and verifying whether the authority identification is valid according to the second sub-function module;
and when the authority identification is detected to be valid, executing the first micro service instance through the first sub-function module.
It can be seen that, in the embodiment of the present application, when a start request for a first micro service instance is detected, an electronic device first calls, through a main function module, a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier, then calls, through the first sub-function module, a second sub-function module corresponding to an authority verification function, and verifies whether the authority identifier is valid according to the second sub-function module, and finally, when the authority identifier is detected to be valid, executes the first micro service instance through the first sub-function module. Therefore, under the micro-service architecture, the electronic equipment does not need to add an authority verification code into the sub-function module of each micro-service, only intercepts the authority identification to call the sub-module of the authority verification function for verification when verification is needed, can avoid the code of the authority verification of each micro-service application, is beneficial to reducing the redundancy of each micro-service application code, and improves the convenience of the authority verification under the micro-service mode.
In one possible example, the one or more programs 521 further include instructions for performing the steps of: before the starting request for the first micro-service instance is detected, when a login request for a target application program is detected, a login identifier in the login request is obtained through the main function module; when receiving a message that the server successfully verifies the login identification, logging in the target application program; and receiving the authority identifier from the server through the master function module, wherein the authority identifier is an authority identifier pre-configured by the server according to the login identifier.
In one possible example, the one or more programs 521 further include instructions for performing the steps of: after the starting request aiming at the first micro service instance is detected, a first sub-function module corresponding to the first micro service instance is called through the main function module; and preloading an interceptor and a fuse through the first sub-function module, wherein the interceptor is used for the first sub-function module to acquire the authority identifier, the fuse is used for enabling a third sub-function module to acquire the authority identifier, and a second micro-service instance corresponding to the third sub-function module is independent of the first micro-service instance.
In one possible example, the one or more programs 521 further include instructions for performing the steps of: after the first micro-service instance is executed by the first sub-function module, when a starting request for a third micro-service instance is detected, determining a first relation between the third micro-service instance and the first micro-service instance; the first sub-function module is called to send the authority identification to a fourth sub-function module corresponding to the third micro-service instance according to the first relation; acquiring the authority identification through the fourth sub-function module, and verifying whether the authority identification is valid or not by calling the second sub-function module; and executing the third micro-service instance through the fourth sub-function module when the authority identification is detected to be valid.
In this possible example, the first relationship is that the third micro service instance belongs to the first micro service instance, and in terms of the invoking of the first sub-function module sending the permission identifier to a fourth sub-function module corresponding to the third micro service instance according to the first relationship, the instructions in the one or more programs 521 are specifically configured to perform the following operations: when the first relation is a subordinate relation, calling the first sub-function module to inject the authority identification into the F client side in the main function module; and the F client is used for sending the authority identification to the fourth sub-function module corresponding to the third micro-service instance.
In a possible example, the first relationship is that the third micro service instance is independent of the first micro service instance, and in terms of the invoking the first sub-function module sending the permission identifier to a fourth sub-function module corresponding to the third micro service instance according to the first relationship, the instructions in the one or more programs 521 are specifically configured to perform the following operations: and when the first relation is an independent relation, calling the first sub-function module to send the authority identification to a fourth sub-function module corresponding to the third micro-service instance through a preset strategy of a fuse, so that the fourth sub-function module realizes starting a plurality of micro-service instances subordinate to the third micro-service instance through an F client in a mode of injecting the authority identification to the F client.
In a possible example, in terms of obtaining the authority identifier by the main function module calling the first sub-function module in the plurality of sub-function modules corresponding to the first micro-service instance, the instructions in the one or more programs 521 are specifically configured to perform the following operations: calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro-service instance through the main function module to acquire a request header of a starting request aiming at the first micro-service instance; and for determining the permission identifier in the request header.
The above description has introduced the solution of the embodiment of the present application mainly from the perspective of the method-side implementation process. It is understood that the electronic device comprises corresponding hardware structures and/or software modules for performing the respective functions in order to realize the above-mentioned functions. Those of skill in the art will readily appreciate that the present application is capable of hardware or a combination of hardware and computer software implementing the various illustrative elements and algorithm steps described in connection with the embodiments provided herein. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiment of the present application, the electronic device may be divided into the functional units according to the method example, for example, each functional unit may be divided corresponding to each function, or two or more functions may be integrated into one processing unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit. It should be noted that the division of the unit in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
Fig. 6 is a block diagram showing functional units of a right authentication apparatus 600 according to an embodiment of the present application. The permission verification apparatus 600 is applied to an electronic device, the electronic device is provided with a target application program, the target application program comprises a main function module and a plurality of sub-function modules, the permission verification apparatus 600 comprises an obtaining unit 601, a verification unit 602 and an execution unit 603, wherein:
the obtaining unit 601 is configured to, when a start request for a first micro service instance is detected, call, by the main function module, a first sub function module in the plurality of sub function modules corresponding to the first micro service instance to obtain an authority identifier;
the verification unit 602 is configured to invoke a second sub-function module corresponding to an authority verification function through the first sub-function module, and verify whether the authority identifier is valid according to the second sub-function module;
the executing unit 603 is configured to execute, by the first sub-function module, the first micro service instance when it is detected that the authority identifier is valid.
It can be seen that, in the embodiment of the present application, when a start request for a first micro service instance is detected, an electronic device first calls, through a main function module, a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier, then calls, through the first sub-function module, a second sub-function module corresponding to an authority verification function, and verifies whether the authority identifier is valid according to the second sub-function module, and finally, when the authority identifier is detected to be valid, executes the first micro service instance through the first sub-function module. Therefore, under the micro-service architecture, the electronic equipment does not need to add an authority verification code into the sub-function module of each micro-service, only intercepts the authority identification to call the sub-module of the authority verification function for verification when verification is needed, can avoid the code of the authority verification of each micro-service application, is beneficial to reducing the redundancy of each micro-service application code, and improves the convenience of the authority verification under the micro-service mode.
In one possible example, the obtaining unit 601, before the detecting of the start request for the first microservice instance, is further configured to: when a login request aiming at a target application program is detected, acquiring a login identifier in the login request through the main function module;
the execution unit 603 is further configured to: logging in the target application program when receiving a message that the login identification is successfully verified by the server; and receiving the authority identifier from the server through the master function module, wherein the authority identifier is an authority identifier pre-configured by the server according to the login identifier.
In one possible example, after the detecting of the start request for the first microservice instance, the executing unit 603 is further configured to: calling a first sub-function module corresponding to the first micro-service instance through the main function module; and preloading an interceptor and a fuse through the first sub-function module, wherein the interceptor is used for the first sub-function module to acquire the authority identifier, the fuse is used for enabling a third sub-function module to acquire the authority identifier, and a second micro-service instance corresponding to the third sub-function module is independent of the first micro-service instance.
In a possible example, after the executing the first micro-service instance by the first sub-function module, the executing unit 603 is further configured to: determining a first relationship of a third microservice instance to the first microservice instance when a start request for the third microservice instance is detected; the first sub-function module is called to send the authority identification to a fourth sub-function module corresponding to the third micro-service instance according to the first relation;
the obtaining unit 601 is further configured to: acquiring the authority identification through the fourth sub-function module;
the verification unit 602 is further configured to: verifying whether the authority identification is valid by calling the second sub-function module;
the execution unit 603 is further configured to: and when the authority identification is detected to be valid, executing the third micro-service instance through the fourth sub-function module.
In this possible example, the first relationship is that the third micro service instance belongs to the first micro service instance, and in terms of the invoking of the first sub-function module sending the permission identifier to a fourth sub-function module corresponding to the third micro service instance according to the first relationship, the execution unit 603 is specifically configured to: when the first relation is a subordinate relation, calling the first sub-function module to inject the authority identification into the F client side in the main function module; and the F client is used for sending the authority identification to the fourth sub-function module corresponding to the third micro-service instance.
In a possible example, the first relationship is that the third micro service instance is independent of the first micro service instance, and in terms of the invoking of the first sub-function module sending the permission identifier to a fourth sub-function module corresponding to the third micro service instance according to the first relationship, the execution unit 603 is specifically configured to: and when the first relation is an independent relation, calling the first sub-function module to send the authority identification to a fourth sub-function module corresponding to the third micro-service instance through a preset strategy of a fuse, so that the fourth sub-function module realizes starting a plurality of micro-service instances subordinate to the third micro-service instance through an F client in a mode of injecting the authority identification to the F client.
In a possible example, in terms of obtaining the permission identifier by the first sub-function module of the plurality of sub-function modules corresponding to the first micro-service instance called by the main function module, the obtaining unit 601 is specifically configured to: calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro-service instance through the main function module to acquire a request header of a starting request aiming at the first micro-service instance; and for determining the permission identifier in the request header.
The obtaining unit 601 and the executing unit 603 may be a processor, a communication interface, or a transceiver, and the verifying unit 602 may be a processor.
Embodiments of the present application also provide a computer storage medium, where the computer storage medium stores a computer program for electronic data exchange, the computer program enabling a computer to execute part or all of the steps of any one of the methods described in the above method embodiments, and the computer includes an electronic device.
Embodiments of the present application also provide a computer program product comprising a non-transitory computer readable storage medium storing a computer program operable to cause a computer to perform some or all of the steps of any of the methods as described in the above method embodiments. The computer program product may be a software installation package, the computer comprising an electronic device.
It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present application is not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus may be implemented in other manners. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, the above-described division of the units is only one type of division of logical functions, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of some interfaces, devices or units, and may be an electric or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit may be stored in a computer readable memory if it is implemented in the form of a software functional unit and sold or used as a stand-alone product. Based on such understanding, the technical solution of the present application may be substantially implemented or a part of or all or part of the technical solution contributing to the prior art may be embodied in the form of a software product stored in a memory, and including several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the above-mentioned method of the embodiments of the present application. And the aforementioned memory comprises: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by associated hardware instructed by a program, which may be stored in a computer-readable memory, which may include: flash Memory disks, Read-Only memories (ROMs), Random Access Memories (RAMs), magnetic or optical disks, and the like.
The foregoing detailed description of the embodiments of the present application has been presented to illustrate the principles and implementations of the present application, and the above description of the embodiments is only provided to help understand the method and the core concept of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (8)

1. An authority verification method is applied to an electronic device, a target application program is installed on the electronic device, the target application program comprises a main function module and a plurality of sub-function modules, and the method comprises the following steps:
when a starting request aiming at a first micro service instance is detected, calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro service instance through the main function module to acquire an authority identifier;
calling a second sub-function module corresponding to a permission verification function through the first sub-function module, and verifying whether the permission identifier is valid according to the second sub-function module, wherein the permission verification function corresponds to an individual micro-service application, other micro-service applications except the second sub-function module do not comprise the same permission verification program, and the permission verification function of the second sub-function module can verify the validity of any permission identifier;
when the authority identification is detected to be valid, executing the first micro service instance through the first sub-function module;
determining a first relationship of a third microservice instance to the first microservice instance when a start request for the third microservice instance is detected;
the step of calling the first sub-function module to send the permission identifier to a fourth sub-function module corresponding to the third micro-service instance according to the first relationship comprises the following steps: when the first relation is an affiliation relation, calling the first sub-function module to inject the permission identifier into an F client in the main function module, and sending the permission identifier to a fourth sub-function module corresponding to the third micro-service instance through the F client, wherein the affiliation relation means that the third micro-service instance is affiliated to the first micro-service instance;
acquiring the authority identification through the fourth sub-function module, and verifying whether the authority identification is valid or not by calling the second sub-function module;
and when the authority identification is detected to be valid, executing the third micro-service instance through the fourth sub-function module.
2. The method of claim 1, wherein prior to detecting the initiation request for the first microservice instance, the method further comprises:
when a login request aiming at a target application program is detected, acquiring a login identifier in the login request through the main function module;
logging in the target application program when receiving a message that the login identification is successfully verified by the server;
receiving the authority identifier from the server through the master function module, wherein the authority identifier is an authority identifier pre-configured by the server according to the login identifier.
3. The method of claim 1 or 2, wherein after detecting the initiation request for the first microservice instance, the method further comprises:
calling a first sub-function module corresponding to the first micro-service instance through the main function module;
and preloading an interceptor and a fuse through the first sub-function module, wherein the interceptor is used for the first sub-function module to acquire the authority identifier, the fuse is used for enabling a third sub-function module to acquire the authority identifier, and a second micro-service instance corresponding to the third sub-function module is independent of the first micro-service instance.
4. The method of claim 1, wherein the first relationship is that the third micro service instance is independent of the first micro service instance, and the invoking the first sub-function module sends the permission identifier to a fourth sub-function module corresponding to the third micro service instance according to the first relationship comprises:
and when the first relation is an independent relation, calling the first sub-function module to send the authority identification to a fourth sub-function module corresponding to the third micro-service instance through a preset strategy of a fuse, so that the fourth sub-function module realizes starting a plurality of micro-service instances subordinate to the third micro-service instance through an F client in a mode of injecting the authority identification to the F client.
5. The method according to claim 1, wherein the obtaining, by the main function module, the permission identifier by calling a first sub-function module of the plurality of sub-function modules corresponding to the first micro-service instance, includes:
calling a first sub-function module in a plurality of sub-function modules corresponding to the first micro-service instance through the main function module to acquire a request header of a starting request aiming at the first micro-service instance;
and determining the authority identification in the request header.
6. An authority verification device, applied to an electronic device, wherein a target application program is installed on the electronic device, the target application program comprises a main function module and a plurality of sub-function modules, the authority verification device comprises an acquisition unit, a verification unit and an execution unit, wherein,
the obtaining unit is configured to, when a start request for a first micro service instance is detected, call, by the main function module, a first sub-function module of the plurality of sub-function modules corresponding to the first micro service instance to obtain an authority identifier;
the verification unit is used for calling a second sub-function module corresponding to a permission verification function through the first sub-function module and verifying whether the permission identifier is valid according to the second sub-function module, the permission verification function corresponds to an individual micro-service application, other micro-service applications except the second sub-function module do not comprise the same permission verification program, and the permission verification function of the second sub-function module can verify the validity of any permission identifier;
the execution unit is used for executing the first micro service instance through the first sub-function module when the authority identification is detected to be valid;
the execution unit is further configured to determine, after the execution of the first micro-service instance by the first sub-function module, a first relationship between a third micro-service instance and the first micro-service instance when a start request for the third micro-service instance is detected; and calling the first sub-function module to send the permission identifier to a fourth sub-function module corresponding to the third micro-service instance according to the first relation, wherein the fourth sub-function module comprises: when the first relation is an affiliation relation, calling the first sub-function module to inject the permission identifier into an F client in the main function module, and sending the permission identifier to a fourth sub-function module corresponding to the third micro-service instance through the F client, wherein the affiliation relation means that the third micro-service instance is affiliated to the first micro-service instance;
the obtaining unit is further configured to obtain the permission identifier through the fourth sub-function module;
the verification unit is further used for verifying whether the authority identifier is valid by calling the second sub-function module;
the execution unit is further configured to execute, by the fourth sub-function module, the third micro service instance when it is detected that the authority identifier is valid.
7. An electronic device comprising a processor, a memory, a communication interface, and one or more programs stored in the memory and configured to be executed by the processor, the programs comprising instructions for performing the steps in the method of any of claims 1-5.
8. A computer-readable storage medium, characterized in that a computer program for electronic data exchange is stored, wherein the computer program causes a computer to perform the method according to any one of claims 1-5.
CN201811640222.4A 2018-12-29 2018-12-29 Authority verification method and related device Active CN109815683B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201811640222.4A CN109815683B (en) 2018-12-29 2018-12-29 Authority verification method and related device
PCT/CN2019/121604 WO2020134838A1 (en) 2018-12-29 2019-11-28 Authority verification method and related device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811640222.4A CN109815683B (en) 2018-12-29 2018-12-29 Authority verification method and related device

Publications (2)

Publication Number Publication Date
CN109815683A CN109815683A (en) 2019-05-28
CN109815683B true CN109815683B (en) 2021-09-14

Family

ID=66603052

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811640222.4A Active CN109815683B (en) 2018-12-29 2018-12-29 Authority verification method and related device

Country Status (2)

Country Link
CN (1) CN109815683B (en)
WO (1) WO2020134838A1 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109815683B (en) * 2018-12-29 2021-09-14 深圳云天励飞技术有限公司 Authority verification method and related device
CN110381285B (en) * 2019-07-19 2021-05-28 视联动力信息技术股份有限公司 Conference initiating method and device
CN110708298A (en) * 2019-09-23 2020-01-17 广州海颐信息安全技术有限公司 Method and device for centralized management of dynamic instance identity and access
CN110912901A (en) * 2019-11-27 2020-03-24 中国银行股份有限公司 Application login verification method, device and system
CN112333272B (en) * 2020-11-06 2023-05-26 杭州安恒信息技术股份有限公司 Micro-service data access method, device, equipment and readable storage medium
CN112364338B (en) * 2020-11-30 2024-04-09 杭州安恒信息技术股份有限公司 Management method and device of micro-service framework, electronic device and storage medium
CN112487405B (en) * 2020-12-18 2023-07-28 中国农业银行股份有限公司 Authority information processing method and device
CN113472794B (en) * 2021-07-05 2023-08-15 福州数据技术研究院有限公司 Multi-application system authority unified management method based on micro-service and storage medium
CN113688343B (en) * 2021-07-23 2023-11-03 济南浪潮数据技术有限公司 Page authority control method, device, equipment and readable storage medium
CN113556357A (en) * 2021-07-30 2021-10-26 平安普惠企业管理有限公司 Authentication method, device, equipment and storage medium based on registration center
CN116980182B (en) * 2023-06-21 2024-02-27 杭州明实科技有限公司 Abnormal request detection method and device and electronic equipment

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106470184B (en) * 2015-08-14 2020-06-26 阿里巴巴集团控股有限公司 Security authentication method, device and system
CN107528853A (en) * 2017-09-12 2017-12-29 上海艾融软件股份有限公司 The implementation method of micro services control of authority
CN108306877B (en) * 2018-01-30 2020-11-10 泰康保险集团股份有限公司 NODE JS-based user identity information verification method and device and storage medium
CN108901022B (en) * 2018-06-28 2021-08-20 深圳云之家网络有限公司 Micro-service unified authentication method and gateway
CN108810029B (en) * 2018-07-23 2021-08-31 宏桥高科技集团有限公司 Authentication system and optimization method between micro-service architecture services
CN109815683B (en) * 2018-12-29 2021-09-14 深圳云天励飞技术有限公司 Authority verification method and related device

Also Published As

Publication number Publication date
CN109815683A (en) 2019-05-28
WO2020134838A1 (en) 2020-07-02

Similar Documents

Publication Publication Date Title
CN109815683B (en) Authority verification method and related device
CN109542518B (en) Chip and method for starting chip
CN103457738B (en) Method and system for login processing based on browser
US9198026B2 (en) SIM lock for multi-SIM environment
CN108810894A (en) Authorization terminal method, apparatus, computer equipment and storage medium
US10419900B2 (en) Method and apparatus for managing application terminal remotely in wireless communication system
CN112131021B (en) Access request processing method and device
CN106911714B (en) Mobile application single sign-on method based on interprocess communication for Android device
CN107484152B (en) Management method and device for terminal application
CN110417730B (en) Unified access method of multiple application programs and related equipment
MX2014009822A (en) Mobile apparatus supporting a plurality of access control clients, and corresponding methods.
US9838379B1 (en) Security tiering in a mobile communication device application framework
CN114745431B (en) Non-invasive authority authentication method, system, medium and equipment based on side car technology
CN104717648A (en) Unified authentication method and device based on SIM card
CN113221093B (en) Single sign-on system, method, equipment and product based on block chain
CN103152351A (en) Network equipment and AD (Active Directory) domain single sign on method and system
US9877190B1 (en) System and method for authentication and sharing of subscriber data
CN112448956A (en) Authority processing method and device of short message verification code and computer equipment
CN112637167A (en) System login method and device, computer equipment and storage medium
US11228586B2 (en) Method for automating user authentication on a mobile application
CN116094814A (en) VPN access method, device, electronic equipment and storage medium
CN112543194B (en) Mobile terminal login method and device, computer equipment and storage medium
EP2452478B1 (en) Method of managing an application embedded in a secured electronic token
CN113055186B (en) Cross-system service processing method, device and system
CN112597118B (en) Shared file adding method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant