CN109858257A - Access control method and device - Google Patents
Access control method and device Download PDFInfo
- Publication number
- CN109858257A CN109858257A CN201811616248.5A CN201811616248A CN109858257A CN 109858257 A CN109858257 A CN 109858257A CN 201811616248 A CN201811616248 A CN 201811616248A CN 109858257 A CN109858257 A CN 109858257A
- Authority
- CN
- China
- Prior art keywords
- service
- mentioned
- file destination
- file
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Stored Programmes (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a kind of access control method and devices.Wherein, this method comprises: being introduced into file destination to being based in item objects model file using target tool, wherein, above-mentioned file destination is provided with the uniform service code for controlling external service interface in advance, above-mentioned to be used to manage above-mentioned file destination based on item objects model file;According to the method annotating data in above-mentioned file destination, controls different above-mentioned external service interfaces and externally service is provided, wherein above method annotating data is used to explain the implementation method of above-mentioned uniform service code.The technical issues of present invention solves the prior art and externally provides in the system of network service, can not be managed collectively interface service.
Description
Technical field
The present invention relates to field of computer technology, in particular to a kind of access control method and device.
Background technique
In the system for externally providing network service, need the distinct interface of basis that the access authority control of different stage is set
The service such as system, flow control.Different degrees of demand is arranged according to distinct interface for above-mentioned service, if realized by system oneself
If service, at least there is following disadvantage:
(1) duplicated code is more and can not be multiplexed, the waste to human resources, and code, which is write, repeatedly increases the general of logical mistake
Rate increases exploitation, testing cost, can not be managed collectively interface service.
(2) inflexible, online, offline service can not be facilitated by way of configuring, increase every time or delete function all
Need to develop modification code, so that change cycle is long, not sensitive enough.
(3) code logic couples, and the uniform service code of interface and business logic codes adhesion influence the readable of code
Property.
For above-mentioned problem, currently no effective solution has been proposed.
Summary of the invention
The embodiment of the invention provides a kind of access control method and devices, externally provide net at least to solve the prior art
In the system of network service, the technical issues of interface service can not be managed collectively.
According to an aspect of an embodiment of the present invention, a kind of access control method is provided, comprising: draw using target tool
Enter file destination to being based in item objects model file, wherein above-mentioned file destination is provided in advance for controlling external clothes
The uniform service code of business interface, it is above-mentioned to be used to manage above-mentioned file destination based on item objects model file;According to above-mentioned mesh
The method annotating data in file is marked, different above-mentioned external service interfaces is controlled and externally service is provided, wherein above method note
Solution data are used to explain the implementation method of above-mentioned uniform service code.
Further, file destination is being introduced to after being based on item objects model file using target tool, above-mentioned side
Method further include: the blocker in above-mentioned file destination is configured based on target configuration documentation, wherein above-mentioned blocker is for monitoring clothes
Be engaged in request data, above-mentioned requests of packets of data includes at least one of: request amount, the request processing time, request number of success,
Request the frequency of failure;The target logic parameter in above-mentioned file destination is configured in such a way that assignment explains parameter field, wherein
Above-mentioned target logic parameter includes at least one of: access control logic parameter, parameter verification logic parameter, con current control are patrolled
Collect parameter.
Further, file destination is being introduced to after being based on item objects model file using target tool, above-mentioned side
Method further include: personalized function interface is configured based on the frame structure that above-mentioned file destination provides, wherein above-mentioned personalized function
Interface includes at least one of: realization interface, con current control interface, the permission control interface of distributed lock;Configuration parameter school
Test file and interface to be monitored, wherein verify the return parameters of the above-mentioned external service interface of file verification by above-mentioned parameter, lead to
It crosses and monitors the service stability that above-mentioned interface to be monitored determines above-mentioned external service interface.
Further, it according to the method annotating data in above-mentioned file destination, controls different above-mentioned external services and connects
Before mouth provides externally service, the above method further include: obtain the above method annotating data in above-mentioned file destination;In addition
Method annotating data is stated into local control layer program, wherein above-mentioned control layer program is used to explain number according to the above method
According to controlling different above-mentioned external service interfaces and provide above-mentioned external service.
Further, according to the method annotating data in above-mentioned file destination, different above-mentioned external service interfaces is controlled
There is provided externally service, comprising: call the above-mentioned uniform service generation in above-mentioned file destination by reading above method annotating data
Code;Different above-mentioned external service interfaces is controlled according to above-mentioned uniform service code, and above-mentioned external service is provided.
Further, above-mentioned target tool includes at least: software project management and automatic the build tool, above-mentioned file destination
It includes at least: software package file;Above-mentioned external service includes at least one of: safe access control service, encrypting and decrypting control
Uniform business plus sign test service, con current control service, flow control service, various dimensions monitoring service, are visited at the service of various dimensions current limliting
Ask permission control service, parameter verification service.
According to another aspect of an embodiment of the present invention, a kind of access control apparatus is additionally provided, comprising: introduce module, use
In being introduced into file destination to being based in item objects model file using target tool, wherein above-mentioned file destination is pre-configured with
There is the uniform service code for controlling external service interface, it is above-mentioned to be used to manage above-mentioned target based on item objects model file
File;Control module, for controlling different above-mentioned external service interfaces according to the method annotating data in above-mentioned file destination
There is provided externally service, wherein above method annotating data is used to explain the implementation method of above-mentioned uniform service code.
Further, above-mentioned apparatus further include: obtain module, explained for obtaining the above method in above-mentioned file destination
Data;Adding module, for adding above method annotating data into local control layer program, wherein above-mentioned control layer journey
Sequence is used to control different above-mentioned external service interfaces according to above method annotating data and provides above-mentioned external service.
According to another aspect of an embodiment of the present invention, a kind of storage medium is additionally provided, above-mentioned storage medium includes storage
Program, wherein equipment where controlling above-mentioned storage medium in above procedure operation executes the above-mentioned access control of any one
Method processed.
According to another aspect of an embodiment of the present invention, a kind of processor is additionally provided, above-mentioned processor is used to run program,
Wherein, any one above-mentioned access control method is executed when above procedure is run.
In embodiments of the present invention, file destination is introduced to being based on item objects model file by using target tool
In, wherein above-mentioned file destination is provided with the uniform service code for controlling external service interface in advance, above-mentioned to be based on project
Object model file is for managing above-mentioned file destination;According to the method annotating data in above-mentioned file destination, control different
Above-mentioned external service interface provides externally service, wherein above method annotating data is for explaining above-mentioned uniform service code
Implementation method has achieved the purpose that the external system for providing network service realizes unified management interface service, has mentioned to realize
Reliability, the technical effect of safety, flexibility of the high system that network service is externally provided, and then solve the prior art pair
In the outer system that network service is provided, the technical issues of interface service can not be managed collectively.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes part of this application, this hair
Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is a kind of flow chart of access control method according to an embodiment of the present invention;
Fig. 2 is a kind of flow chart of optional access control method according to an embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of access control apparatus according to an embodiment of the present invention.
Specific embodiment
In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention
Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is only
The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people
The model that the present invention protects all should belong in member's every other embodiment obtained without making creative work
It encloses.
It should be noted that description and claims of this specification and term " first " in above-mentioned attached drawing, "
Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that using in this way
Data be interchangeable under appropriate circumstances, so as to the embodiment of the present invention described herein can in addition to illustrating herein or
Sequence other than those of description is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that cover
Cover it is non-exclusive include, for example, the process, method, system, product or equipment for containing a series of steps or units are not necessarily limited to
Step or unit those of is clearly listed, but may include be not clearly listed or for these process, methods, product
Or other step or units that equipment is intrinsic.
Firstly, understand the embodiment of the present invention for convenience, below will to part term involved in the present invention or noun into
Row illustrates:
Application framework Spring Framework: being the Java/Java EE global function stack (full- of an open source
Stack application framework), the framework provides an easy development schemes, can may cause bottom to avoid some
Code becomes a large amount of property file of many and diverse confusion and helps class.
Software project management and automatic the build tool Apache Maven: especially a Java software project management and from
Dynamic the build tool, is provided by Apache Software Foundation, and Maven can manage a project using a central information segment
Building, report and document etc..
Embodiment 1
According to embodiments of the present invention, a kind of embodiment of access control method is provided, it should be noted that in attached drawing
The step of process illustrates can execute in a computer system such as a set of computer executable instructions, although also,
Logical order is shown in flow chart, but in some cases, it can be to be different from shown by sequence execution herein or retouch
The step of stating.
Fig. 1 is a kind of flow chart of access control method according to an embodiment of the present invention, as shown in Figure 1, this method includes
Following steps:
Step S102 is introduced into file destination to being based in item objects model file using target tool, wherein above-mentioned mesh
Mark file is provided with the uniform service code for controlling external service interface in advance, above-mentioned to be used based on item objects model file
In the above-mentioned file destination of management;
Step S104 controls different above-mentioned external service interfaces according to the method annotating data in above-mentioned file destination
There is provided externally service, wherein above method annotating data is used to explain the implementation method of above-mentioned uniform service code.
In an alternative embodiment, above-mentioned target tool includes at least: software project management and automatic the build tool,
Above-mentioned file destination includes at least: software package file;Above-mentioned external service includes at least one of: safe access control clothes
Business, encrypting and decrypting control service plus sign test service, the service of various dimensions current limliting, con current control service, flow control service, multidimensional
Spend monitoring service, access privilege control service, parameter verification service.
Optionally, the processor blocker that the embodiment of the present application passes through realization application framework Spring Framework
The external service interface of Handler Interceptor Adapter carries out control logic, by reading control layer program (that is, control
Preparative layer method) on method annotating data execute customization safe access control, parameter verification, con current control, monitoring, Flow Limit
The logics such as system.
In the embodiment of the present application, user of the system of network service as uniform service code is externally provided, is being controlled
It makes before different above-mentioned external service interfaces provide externally service, introduces file destination to being based on item by using target tool
The form of mesh object model file, and the method annotating data in control layer program in addition file destination, control different
Above-mentioned external service interface provides externally service.
In embodiments of the present invention, file destination is introduced to being based on item objects model file by using target tool
In, wherein above-mentioned file destination is provided with the uniform service code for controlling external service interface in advance, above-mentioned to be based on project
Object model file is for managing above-mentioned file destination;According to the method annotating data in above-mentioned file destination, control different
Above-mentioned external service interface provides externally service, wherein above method annotating data is for explaining above-mentioned uniform service code
Implementation method has achieved the purpose that the external system for providing network service realizes unified management interface service, has mentioned to realize
Reliability, the technical effect of safety, flexibility of the high system that network service is externally provided, and then solve the prior art pair
In the outer system that network service is provided, the technical issues of interface service can not be managed collectively.
In an alternative embodiment, file destination is being introduced to being based on item objects model file using target tool
Later, the above method further include:
Step S202 configures the blocker in above-mentioned file destination based on target configuration documentation, wherein above-mentioned blocker is used
In monitoring service request data, above-mentioned requests of packets of data includes at least one of: request amount, request processing time, request
Number of success, the request frequency of failure;
Step S204 configures the target logic parameter in above-mentioned file destination in such a way that assignment explains parameter field,
Wherein, above-mentioned target logic parameter includes at least one of: access control logic parameter, parameter verification logic parameter, concurrent
Control logic parameter.
Optionally, the configuration documentation web.xml that above-mentioned target configuration documentation can be, but not limited to as network service, above-mentioned mesh
Mark file can be, but not limited to as software package file, for example, jar APMB package;Specifically, the parameter in blocker can be configured,
To realize the monitoring to service data by blocker.
It optionally, can also be in control layer program (that is, the system external for externally providing network service provides the one of business
A control layer method) on introduce jar APMB package method annotating data, by assignment explain parameter field come configuration access control
The target logics parameters such as logic parameter, parameter verification logic parameter, con current control logic parameter.
In an alternative embodiment, file destination is being introduced to being based on item objects model file using target tool
Later, the above method further include:
Step S302 configures personalized function interface based on the frame structure that above-mentioned file destination provides, wherein above-mentioned
Property functional interface includes at least one of: realization interface, con current control interface, the permission control interface of distributed lock;
Step S304, configuration parameter verify file and interface to be monitored, wherein are verified in file verification by above-mentioned parameter
The return parameters for stating external service interface determine the service invariant of above-mentioned external service interface by monitoring above-mentioned interface to be monitored
Property.
Optionally, file destination is being introduced to after being based on item objects model file using target tool, it is above-mentioned external
The system for providing network service can also rewrite specific interface to provide the services such as permission access, that is, being based on above-mentioned target
The frame structure that file provides configures personalized function interface, wherein above-mentioned personalized function interface includes at least one of:
Realization interface, con current control interface, the permission control interface of distributed lock.
Optionally, file destination is being introduced to after being based on item objects model file using target tool, it is above-mentioned external
The system for providing network service can verify file and interface to be monitored with configuration parameter, verify file verification by above-mentioned parameter
The return parameters of above-mentioned external service interface determine that the service of above-mentioned external service interface is steady by monitoring above-mentioned interface to be monitored
It is qualitative, to improve reliability, the safety, flexibility of system.
Optionally, the file format of above-mentioned parameter verification file can be, but not limited to as json format, xml format.
In an alternative embodiment, Fig. 2 is a kind of optional access control method according to an embodiment of the present invention
Flow chart, as shown in Fig. 2, controlling different above-mentioned external services according to the method annotating data in above-mentioned file destination and connecing
Before mouth provides externally service, the above method further include:
Step S402 obtains the above method annotating data in above-mentioned file destination;
Step S404, addition above method annotating data is into local control layer program, wherein above-mentioned control layer program
For controlling different above-mentioned external service interfaces and providing above-mentioned external service according to above method annotating data.
Optionally, above-mentioned control layer program is that is, the system external for externally providing network service provides a control of business
Preparative layer method, by obtaining the above method annotating data in above-mentioned file destination;And above method annotating data is added to originally
In the control layer program on ground, and then above-mentioned control layer program can be according to above method annotating data, and it is different above-mentioned right to control
Outer service interface provides above-mentioned external service.
In an alternative embodiment, it according to the method annotating data in above-mentioned file destination, controls different above-mentioned
External service interface provides externally service, comprising:
Step S502 calls the above-mentioned uniform service generation in above-mentioned file destination by reading above method annotating data
Code;
Step S504 controls different above-mentioned external service interfaces according to above-mentioned uniform service code and provides above-mentioned external clothes
Business.
In the embodiment of the present application, the system for externally providing network service passes through addition above method annotating data to local
Control layer program in, it is in turn, above-mentioned external network service is provided to pass through the method note read in above-mentioned control layer program
Data are solved, the above-mentioned uniform service code in above-mentioned file destination is called, are controlled according to above-mentioned uniform service code different upper
It states external service interface and above-mentioned external service is provided.
In addition, in the embodiment of the present application, the monitoring data for monitoring external service interface can also be shown, so as to
The above-mentioned stability externally serviced is provided in the system for determining externally offer network service.
By the above embodiments of the present application, may be implemented the control logic of external service interface is independent, can be right
The external service interface of multiple external systems for providing network service is controlled uniformly;By the real time monitoring of various dimensions, mention
The efficiency of high system O&M, can be with fast accurate orientation problem;And it is possible to realize code reusable, and it is easy to use, it supports real
Now explain configuration and configuration file, convenient, flexible modification;Make externally to provide network service in the form of personalisation interface be
It unites and oneself realizes the services such as distributed lock, monitoring collection, it is convenient that the system customization personalized service of network service is externally provided.
Embodiment 2
According to embodiments of the present invention, it additionally provides a kind of for implementing the Installation practice of above-mentioned access control method, Fig. 3
It is a kind of structural schematic diagram of access control apparatus according to an embodiment of the present invention, as shown in figure 3, above-mentioned access control apparatus,
It include: to introduce module 30 and control module 32, in which:
Module 30 is introduced, for being introduced into file destination to being based in item objects model file using target tool, wherein
Above-mentioned file destination is provided with the uniform service code for controlling external service interface in advance, above-mentioned to be based on item objects model
File is for managing above-mentioned file destination;Control module 32, for according to the method annotating data in above-mentioned file destination, control
Different above-mentioned external service interfaces provide externally service, wherein above method annotating data is for explaining above-mentioned uniform service
The implementation method of code.
In an alternative embodiment, above-mentioned apparatus further include: module is obtained, for obtaining in above-mentioned file destination
Above method annotating data;Adding module, for adding above method annotating data into local control layer program, wherein
Above-mentioned control layer program is used to control different above-mentioned external service interface offers according to above method annotating data above-mentioned externally
Service.
It should be noted that above-mentioned modules can be realized by software or hardware, for example, for the latter,
Can be accomplished by the following way: above-mentioned modules can be located in same processor;Alternatively, above-mentioned modules are with any
Combined mode is located in different processors.
Herein it should be noted that above-mentioned module 30 and the control module 32 of being introduced into is corresponding to the step S102 in embodiment 1
To step S104, above-mentioned module is identical as example and application scenarios that corresponding step is realized, but is not limited to the above embodiments 1
Disclosure of that.It should be noted that above-mentioned module may operate in terminal as a part of device.
It should be noted that the optional or preferred embodiment of the present embodiment may refer to the associated description in embodiment 1,
Details are not described herein again.
Above-mentioned access control apparatus can also include processor and memory, above-mentioned introducing module 30 and control module 32
Deng be used as program unit storage in memory, above procedure unit stored in memory is executed by processor to realize
Corresponding function.
Include kernel in processor, is gone in memory to transfer corresponding program unit by kernel, above-mentioned kernel can be set
One or more.Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM)
And/or the forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM), memory includes at least one
Storage chip.
According to the embodiment of the present application, a kind of storage medium embodiment is additionally provided.Optionally, in the present embodiment, above-mentioned
Storage medium includes the program of storage, wherein equipment where controlling above-mentioned storage medium in above procedure operation executes above-mentioned
Any one access control method.
Optionally, in the present embodiment, above-mentioned storage medium can be located in computer network in computer terminal group
In any one terminal, or in any one mobile terminal in mobile terminal group, above-mentioned storage medium packet
Include the program of storage.
Optionally, when program is run, equipment where control storage medium executes following functions: being introduced using target tool
File destination is to being based in item objects model file, wherein above-mentioned file destination is provided in advance for controlling external service
The uniform service code of interface, it is above-mentioned to be used to manage above-mentioned file destination based on item objects model file;According to above-mentioned target
Method annotating data in file controls different above-mentioned external service interfaces and provides externally service, wherein the above method is explained
Data are used to explain the implementation method of above-mentioned uniform service code.
Optionally, when program is run, equipment where control storage medium executes following functions: being based on target configuration documentation
Configure the blocker in above-mentioned file destination, wherein above-mentioned blocker is used for monitoring service request data, above-mentioned service request number
According to including at least one of: request amount, request processing time, request number of success, the request frequency of failure;It is explained by assignment
The mode of parameter field configures the target logic parameter in above-mentioned file destination, wherein above-mentioned target logic parameter includes following
At least one: access control logic parameter, parameter verification logic parameter, con current control logic parameter.
Optionally, when program is run, equipment where control storage medium executes following functions: being based on above-mentioned file destination
The frame structure of offer configures personalized function interface, wherein above-mentioned personalized function interface includes at least one of: distribution
Realization interface, the con current control interface, permission control interface of formula lock;Configuration parameter verifies file and interface to be monitored, wherein logical
The return parameters for crossing the above-mentioned parameter verification above-mentioned external service interface of file verification are determined by monitoring above-mentioned interface to be monitored
State the service stability of external service interface.
Optionally, when program is run, equipment where control storage medium executes following functions: obtaining above-mentioned file destination
In above method annotating data;Above method annotating data is added into local control layer program, wherein above-mentioned control layer
Program is used to control different above-mentioned external service interfaces according to above method annotating data and provides above-mentioned external service.
Optionally, when program is run, equipment where control storage medium executes following functions: by reading the above method
Annotating data calls the above-mentioned uniform service code in above-mentioned file destination;It is controlled according to above-mentioned uniform service code different upper
It states external service interface and above-mentioned external service is provided.
According to the embodiment of the present application, a kind of processor embodiment is additionally provided.Optionally, in the present embodiment, above-mentioned place
Reason device is for running program, wherein above procedure executes any one of the above access control method when running.
The embodiment of the present application provides a kind of equipment, equipment include processor, memory and storage on a memory and can
The program run on a processor, processor performs the steps of when executing program introduces file destination extremely using target tool
Based in item objects model file, wherein above-mentioned file destination is provided with the unification for controlling external service interface in advance
Service code, it is above-mentioned to be used to manage above-mentioned file destination based on item objects model file;According to the side in above-mentioned file destination
Method annotating data controls different above-mentioned external service interfaces and provides externally service, wherein above method annotating data is for infusing
Solve the implementation method of above-mentioned uniform service code.
Optionally, it when above-mentioned processor executes program, is also based on target configuration documentation and configures in above-mentioned file destination
Blocker, wherein above-mentioned blocker be used for monitoring service request data, above-mentioned requests of packets of data include it is following at least it
One: request amount, request processing time, request number of success, the request frequency of failure;Match in such a way that assignment explains parameter field
Set the target logic parameter in above-mentioned file destination, wherein above-mentioned target logic parameter includes at least one of: access control
Logic parameter, parameter verification logic parameter, con current control logic parameter.
Optionally, when above-mentioned processor executes program, it is also based on the frame structure configuration that above-mentioned file destination provides
Personalized function interface, wherein above-mentioned personalized function interface includes at least one of: the realization interface of distributed lock, simultaneously
Send out control interface, permission control interface;Configuration parameter verifies file and interface to be monitored, wherein verifies text by above-mentioned parameter
Part verifies the return parameters of above-mentioned external service interface, determines above-mentioned external service interface by monitoring above-mentioned interface to be monitored
Service stability.
Optionally, when above-mentioned processor executes program, the above method that can also be obtained in above-mentioned file destination explains number
According to;Above method annotating data is added into local control layer program, wherein above-mentioned control layer program is used for according to above-mentioned side
Method annotating data controls different above-mentioned external service interfaces and provides above-mentioned external service.
Optionally, when above-mentioned processor executes program, above-mentioned mesh can also be called by reading above method annotating data
Mark the above-mentioned uniform service code in file;Different above-mentioned external service interfaces is controlled according to above-mentioned uniform service code to provide
Above-mentioned external service.
Present invention also provides a kind of computer program products, when executing on data processing equipment, are adapted for carrying out just
The program of beginningization there are as below methods step: being introduced into file destination to being based in item objects model file using target tool,
In, above-mentioned file destination is provided with the uniform service code for controlling external service interface in advance, above-mentioned to be based on item objects
Model file is for managing above-mentioned file destination;According to the method annotating data in above-mentioned file destination, control different above-mentioned
External service interface provides externally service, wherein above method annotating data is used to explain the realization of above-mentioned uniform service code
Method.
Optionally, it when above-mentioned computer program product executes program, is also based on target configuration documentation and configures above-mentioned mesh
Mark the blocker in file, wherein above-mentioned blocker is used for monitoring service request data, and above-mentioned requests of packets of data includes following
At least one: request amount, request processing time, request number of success, the request frequency of failure;Parameter field is explained by assignment
Mode configures the target logic parameter in above-mentioned file destination, wherein above-mentioned target logic parameter includes at least one of: visiting
Ask control logic parameter, parameter verification logic parameter, con current control logic parameter.
Optionally, when above-mentioned computer program product executes program, it is also based on the frame that above-mentioned file destination provides
Structure configures personalized function interface, wherein above-mentioned personalized function interface includes at least one of: the realization of distributed lock
Interface, con current control interface, permission control interface;Configuration parameter verifies file and interface to be monitored, wherein passes through above-mentioned parameter
The return parameters for verifying the above-mentioned external service interface of file verification determine above-mentioned external service by monitoring above-mentioned interface to be monitored
The service stability of interface.
Optionally, when above-mentioned computer program product executes program, the above-mentioned side in above-mentioned file destination can also be obtained
Method annotating data;Above method annotating data is added into local control layer program, wherein above-mentioned control layer program be used for according to
According to above method annotating data, controls different above-mentioned external service interfaces and above-mentioned external service is provided.
It optionally, can also be by reading the above method annotating data tune when above-mentioned computer program product executes program
With the above-mentioned uniform service code in above-mentioned file destination;Different above-mentioned external services is controlled according to above-mentioned uniform service code
Interface provides above-mentioned external service.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
In the above embodiment of the invention, it all emphasizes particularly on different fields to the description of each embodiment, does not have in some embodiment
The part of detailed description, reference can be made to the related descriptions of other embodiments.
In several embodiments provided herein, it should be understood that disclosed technology contents can pass through others
Mode is realized.Wherein, the apparatus embodiments described above are merely exemplary, such as the division of the unit, Ke Yiwei
A kind of logical function partition, there may be another division manner in actual implementation, for example, multiple units or components can combine or
Person is desirably integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual
Between coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING or communication link of unit or module
It connects, can be electrical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
On unit.It can some or all of the units may be selected to achieve the purpose of the solution of this embodiment according to the actual needs.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially
The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words
It embodies, which is stored in a storage medium, including some instructions are used so that a computer
Equipment (can for personal computer, server or network equipment etc.) execute each embodiment the method for the present invention whole or
Part steps.And storage medium above-mentioned includes: that USB flash disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited
Reservoir (RAM, Random Access Memory), mobile hard disk, magnetic or disk etc. be various to can store program code
Medium.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications are also answered
It is considered as protection scope of the present invention.
Claims (10)
1. a kind of access control method characterized by comprising
File destination is introduced into being based in item objects model file using target tool, wherein the file destination is matched in advance
It is equipped with the uniform service code for controlling external service interface, it is described to be used to manage the mesh based on item objects model file
Mark file;
According to the method annotating data in the file destination, controls the different external service interfaces and externally service is provided,
Wherein, the method annotating data is used to explain the implementation method of the uniform service code.
2. the method according to claim 1, wherein introducing file destination to being based on project using target tool
After object model file, the method also includes:
The blocker in the file destination is configured based on target configuration documentation, wherein the blocker is asked for monitoring service
Data are sought, the requests of packets of data includes at least one of: request amount, request processing time, request number of success, request
The frequency of failure;
The target logic parameter in the file destination is configured in such a way that assignment explains parameter field, wherein the target
Logic parameter includes at least one of: access control logic parameter, parameter verification logic parameter, con current control logic parameter.
3. the method according to claim 1, wherein introducing file destination to being based on project using target tool
After object model file, the method also includes:
Personalized function interface is configured based on the frame structure that the file destination provides, wherein the personalized function interface
Including at least one of: realization interface, con current control interface, the permission control interface of distributed lock;
Configuration parameter verifies file and interface to be monitored, wherein by the way that externally service connects described in the parameter verification file verification
The return parameters of mouth determine the service stability of the external service interface by monitoring the interface to be monitored.
4. the method according to claim 1, wherein according to the method annotating data in the file destination,
Before the different external external services of service interface offer is provided, the method also includes:
Obtain the method annotating data in the file destination;
The method annotating data is added into local control layer program, wherein the control layer program is used for according to described in
Method annotating data controls the different external service interfaces and provides the external service.
5. the method according to claim 1, wherein being controlled according to the method annotating data in the file destination
It makes the different external service interfaces and externally service is provided, comprising:
The uniform service code in the file destination is called by reading the method annotating data;
The different external service interfaces is controlled according to the uniform service code, and the external service is provided.
6. method as claimed in any of claims 1 to 5, which is characterized in that the target tool includes at least: soft
Part project management and automatic the build tool, the file destination include at least: software package file;The external service includes following
At least one: safe access control service, encrypting and decrypting control service plus sign test service, the service of various dimensions current limliting, con current control
Service, flow control service, various dimensions monitoring service, access privilege control service, parameter verification service.
7. a kind of access control apparatus characterized by comprising
Module is introduced, for being introduced into file destination to being based in item objects model file using target tool, wherein the mesh
Mark file is provided with the uniform service code for controlling external service interface in advance, described to be used based on item objects model file
In the management file destination;
Control module, for controlling the different external service interfaces according to the method annotating data in the file destination
There is provided externally service, wherein the method annotating data is used to explain the implementation method of the uniform service code.
8. device according to claim 7, which is characterized in that described device further include:
Module is obtained, for obtaining the method annotating data in the file destination;
Adding module, for adding the method annotating data into local control layer program, wherein the control layer program
For controlling the different external service interfaces and providing the external service according to the method annotating data.
9. a kind of storage medium, which is characterized in that the storage medium includes the program of storage, wherein run in described program
When control the storage medium where equipment perform claim require any one of 1 to 6 described in access control method.
10. a kind of processor, which is characterized in that the processor is for running program, wherein right of execution when described program is run
Benefit require any one of 1 to 6 described in access control method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811616248.5A CN109858257B (en) | 2018-12-27 | 2018-12-27 | Access control method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811616248.5A CN109858257B (en) | 2018-12-27 | 2018-12-27 | Access control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109858257A true CN109858257A (en) | 2019-06-07 |
| CN109858257B CN109858257B (en) | 2021-06-18 |
Family
ID=66892903
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811616248.5A Active CN109858257B (en) | 2018-12-27 | 2018-12-27 | Access control method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109858257B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110443013A (en) * | 2019-07-08 | 2019-11-12 | 苏州浪潮智能科技有限公司 | A kind of server outband management method, equipment and the medium of permission control |
| CN111314306A (en) * | 2020-01-17 | 2020-06-19 | 网易(杭州)网络有限公司 | Interface access method and device, electronic equipment and storage medium |
| CN112367304A (en) * | 2020-10-22 | 2021-02-12 | 杭州大搜车汽车服务有限公司 | Request limiting method and device, computer equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104360937A (en) * | 2014-10-21 | 2015-02-18 | 福建富士通信息软件有限公司 | Intelligent parameter checking device |
| CN107066291A (en) * | 2017-02-09 | 2017-08-18 | 阿里巴巴集团控股有限公司 | Packaging method, device and the equipment of SDK, computer-readable recording medium |
| CN107704245A (en) * | 2017-09-21 | 2018-02-16 | 深圳市麦斯杰网络有限公司 | Protocol accessing method, device and computer-readable recording medium |
| CN107977208A (en) * | 2017-12-19 | 2018-05-01 | 国云科技股份有限公司 | A kind of Safety actuality configuration authority method based on maven |
| CN108874464A (en) * | 2018-05-31 | 2018-11-23 | 康键信息技术(深圳)有限公司 | Middleware automatically scanning assembly method, device and storage medium |
-
2018
- 2018-12-27 CN CN201811616248.5A patent/CN109858257B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104360937A (en) * | 2014-10-21 | 2015-02-18 | 福建富士通信息软件有限公司 | Intelligent parameter checking device |
| CN107066291A (en) * | 2017-02-09 | 2017-08-18 | 阿里巴巴集团控股有限公司 | Packaging method, device and the equipment of SDK, computer-readable recording medium |
| CN107704245A (en) * | 2017-09-21 | 2018-02-16 | 深圳市麦斯杰网络有限公司 | Protocol accessing method, device and computer-readable recording medium |
| CN107977208A (en) * | 2017-12-19 | 2018-05-01 | 国云科技股份有限公司 | A kind of Safety actuality configuration authority method based on maven |
| CN108874464A (en) * | 2018-05-31 | 2018-11-23 | 康键信息技术(深圳)有限公司 | Middleware automatically scanning assembly method, device and storage medium |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110443013A (en) * | 2019-07-08 | 2019-11-12 | 苏州浪潮智能科技有限公司 | A kind of server outband management method, equipment and the medium of permission control |
| CN111314306A (en) * | 2020-01-17 | 2020-06-19 | 网易(杭州)网络有限公司 | Interface access method and device, electronic equipment and storage medium |
| CN112367304A (en) * | 2020-10-22 | 2021-02-12 | 杭州大搜车汽车服务有限公司 | Request limiting method and device, computer equipment and storage medium |
| CN112367304B (en) * | 2020-10-22 | 2022-08-16 | 杭州大搜车汽车服务有限公司 | Request limiting method and device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109858257B (en) | 2021-06-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110933187B (en) | Internet of things data transmission system based on block chain consensus encryption mechanism | |
| CN108370328B (en) | Management method and device of NFV MANO policy descriptor | |
| CN107580083A (en) | A kind of method and system of container IP address distribution | |
| TW201835784A (en) | The internet of things | |
| CN107689882A (en) | The method and apparatus of service deployment in a kind of virtualization network | |
| CN109388213A (en) | Server system, computer implemented method and non-transitory computer-readable medium | |
| CN106301829A (en) | A kind of method and apparatus of Network dilatation | |
| CN110520847A (en) | The virtualization of control and status signal | |
| CN109858257A (en) | Access control method and device | |
| CN108268323A (en) | User Defined Resource in resource stack | |
| CN107624230A (en) | The method and entity of service availability management | |
| CN106844213A (en) | A kind of front end method of testing and device | |
| CN110209574A (en) | A kind of data mining system based on artificial intelligence | |
| CN110120970A (en) | Data processing method, device and gateway system based on car networking | |
| CN109510744A (en) | Internet of Things device intelligence cut-in method and device | |
| CN109922002A (en) | Business datum retransmission method and Overlay system based on SFC | |
| Tranoris et al. | Enabling Cyber-Physical Systems for 5G networking: A case study on the Automotive Vertical domain | |
| CN105745621A (en) | Emulating test distributed application on server | |
| CN113867600A (en) | Development method and device for processing streaming data and computer equipment | |
| CN102197390B (en) | Providing functionality to client services by implementing and binding contracts | |
| CN112799970B (en) | Test data processing method, device, electronic equipment and medium | |
| CN107193659A (en) | The system and design method of upkeep operation task | |
| CN106130771A (en) | A kind of based on the method for Ethernet online upgrading FLASH in band | |
| Krainyk et al. | Internet-of-Things Device Set Configuration for Connection to Wireless Local Area Network. | |
| WO2017114944A1 (en) | Network service requests |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |