CN111200655A - Intranet access method, system and electronic equipment based on proxy server - Google Patents
Intranet access method, system and electronic equipment based on proxy server Download PDFInfo
- Publication number
- CN111200655A CN111200655A CN201911423576.8A CN201911423576A CN111200655A CN 111200655 A CN111200655 A CN 111200655A CN 201911423576 A CN201911423576 A CN 201911423576A CN 111200655 A CN111200655 A CN 111200655A
- Authority
- CN
- China
- Prior art keywords
- intranet
- server
- user request
- proxy server
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
- H04L67/63—Routing a service request depending on the request content or context
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
- H04L61/4505—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
- H04L61/4511—Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention provides an intranet access method, an intranet access system, electronic equipment and a storage medium. The intranet access method comprises the following steps: establishing a configuration table of a proxy server, wherein the configuration table is used for recording intranet server addresses corresponding to different types of user requests; receiving a user request from an external network through a proxy server, wherein the user request comprises identification information which is used for marking the category of the user request; the proxy server inquires a configuration table according to the identification information in the user request to obtain an intranet server address corresponding to the user request; the intranet server acquires a corresponding user request and responds; and returning a response result of the intranet server to the user request to the proxy server. The invention realizes the dynamic feedback of the server load information and improves the accuracy of load distribution.
Description
Technical Field
The invention relates to the field of communication, in particular to an intranet access method and system based on a proxy server, electronic equipment and a storage medium.
Background
When a proxy server is capable of acting on hosts on an external network to access an internal network, this type of proxy service is referred to as a reverse proxy service. The proxy server now appears externally as a Web server, and the external network can simply treat it as a standard Web server without specific configuration. The difference is that this server does not hold the real data of any Web page, all static Web pages or CGI programs, are held on an internal Web server. Therefore, the attack on the reverse proxy server can not damage the webpage information, and the safety of the Web server is enhanced.
In addition, reverse proxy Web servers are now in use very widely. In the prior art, a plurality of software capable of realizing reverse proxy exists, and compared mainstream nginx and apache are all universal high-performance Http reverse proxy services, and the high-performance Http reverse proxy can be realized in a system configuration file mode.
The prior art reverse proxy function does not support the use of some special scenarios: personalized operation cannot be realized in a customized way before reverse proxy according to part of service requirements, such as control on reverse proxy address access authority or design of adding extra proxy parameters according to user requirements; dynamic adjustment of the reverse proxy address according to the permissions of different users cannot be achieved.
In summary, there is a need for a more efficient intranet access method.
Disclosure of Invention
In order to solve the above problems, the present invention provides an intranet access method based on a proxy server, comprising: establishing a configuration table of a proxy server, wherein the configuration table is used for recording intranet server addresses corresponding to different types of user requests; receiving a user request from an external network through a proxy server, wherein the user request comprises identification information which is used for marking the category of the user request; the proxy server inquires a configuration table according to the identification information in the user request to obtain an intranet server address corresponding to the user request; the intranet server acquires a corresponding user request and responds; and returning a response result of the intranet server to the user request to the proxy server.
Preferably, the obtaining and responding of the corresponding user request by the intranet server includes: the proxy server stores the user request and the address record of the intranet server corresponding to the user request into a database; and monitoring unprocessed records in the database so as to distribute unprocessed user requests in the database to a corresponding intranet server.
Preferably, the user request is an HTTP request, and the identification information is included in a URL of the HTTP request.
Preferably, in the configuration table, the user requests of the same type correspond to at least two intranet server addresses; and the proxy server selectively corresponds the user requests to the intranet servers with less user request number according to the number of unprocessed user requests corresponding to the intranet server addresses in the records of the database.
Preferably, in the configuration table, a user request quantity threshold value is configured for each intranet server; and when the number of the unprocessed user requests corresponding to the intranet server addresses in the records of the database exceeds the threshold value, stopping corresponding the new user requests to the intranet server.
Preferably, when the number of unprocessed requests of all intranet servers corresponding to the new user request exceeds the threshold, the proxy server returns a warning page to the user client.
Preferably, the warning page displays the number value of unprocessed user requests of the current type of user requests.
In addition, the invention also provides an intranet access system based on the proxy server, and the intranet access system comprises: the system comprises an establishing module, a processing module and a processing module, wherein the establishing module is used for establishing a configuration table of a proxy server, and the configuration table is used for recording intranet server addresses corresponding to different types of user requests; the receiving module receives a user request from an external network through a proxy server, wherein the user request comprises identification information which is used for marking the category of the user request; the inquiry module is used for inquiring a configuration table by the proxy server according to the identification information in the user request to obtain an intranet server address corresponding to the user request; the acquisition module is used for acquiring a corresponding user request and responding; and the processing module returns a response result of the intranet server to the user request to the proxy server.
Preferably, the intranet access system further comprises a storage module and a monitoring module, wherein the storage module is used for the proxy server to store the user request and the corresponding intranet server address record into a database; the monitoring module is used for monitoring unprocessed records in the database so as to distribute unprocessed user requests in the database to the corresponding intranet server.
Preferably, the user request is an HTTP request, and the identification information is included in a URL of the HTTP request.
Preferably, in the configuration table, the user requests of the same type correspond to at least two intranet server addresses; and the proxy server selectively corresponds the user requests to the intranet servers with less user request number according to the number of unprocessed user requests corresponding to the intranet server addresses in the records of the database.
Preferably, the intranet access system further comprises a setting module, where the setting module is configured to configure a user request quantity threshold for each intranet server in the configuration table; and when the number of the unprocessed user requests corresponding to the intranet server addresses in the records of the database exceeds the threshold value, stopping corresponding the new user requests to the intranet server.
Preferably, when the number of unprocessed requests of all intranet servers corresponding to the new user request exceeds the threshold, the proxy server returns a warning page to the user client.
Preferably, the warning page displays the number value of unprocessed user requests of the current type of user requests.
In addition, the present invention also provides an electronic device, wherein the electronic device includes: a processor; and a memory storing computer executable instructions that, when executed, cause the processor to perform the proxy server-based intranet access method of the present invention.
In addition, the present invention also provides a computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs, and when the one or more programs are executed by a processor, the one or more programs implement the proxy server-based intranet access method of the present invention.
Advantageous effects
Compared with the prior art, the intranet access method has the advantages that the proxy server is used for enabling user requests of different users to correspond to the intranet server through the database transfer, excessive cache fusion of access data is reduced, the network performance and the safety performance of the whole system are improved, the proxy server Nginx is used for achieving load balancing, and the processing capacity of http request load is improved. In addition, the target intranet server address in the user request is analyzed in real time based on the proxy server nginx, the effective intranet server address is determined according to intranet server information provided by an intranet, and then domain name configuration is automatically updated by combining with a configuration file of the nginx so as to achieve dynamic query, and therefore the effective intranet server address is obtained, dynamic feedback of server load information is achieved, and accuracy of load distribution is improved.
Drawings
In order to make the technical problems solved by the present invention, the technical means adopted and the technical effects obtained more clear, the following will describe in detail the embodiments of the present invention with reference to the accompanying drawings. It should be noted, however, that the drawings described below are only illustrations of exemplary embodiments of the invention, from which other embodiments can be derived by those skilled in the art without inventive faculty.
Fig. 1 is a schematic block diagram of an example of an intranet access method based on a proxy server to which the present invention is applied.
Fig. 2 is a flowchart of an example of the intranet access method based on the proxy server according to the present invention.
Fig. 3 is a diagram of an example of a configuration table in the proxy server-based intranet access method according to the present invention.
Fig. 4 is a flowchart of another example of the intranet access method based on the proxy server according to the present invention.
Fig. 5 is a block diagram showing an example of the intranet access system according to embodiment 2 of the present invention.
Fig. 6 is a block diagram showing another example of the intranet access system according to embodiment 2 of the present invention.
Fig. 7 is a block diagram showing a configuration of another example of the intranet access system according to embodiment 2 of the present invention
Fig. 8 is a block diagram of an exemplary embodiment of an electronic device according to the present invention.
Fig. 9 is a block diagram of an exemplary embodiment of a computer-readable medium according to the present invention.
Detailed Description
Exemplary embodiments of the present invention will now be described more fully with reference to the accompanying drawings. The exemplary embodiments, however, may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the invention to those skilled in the art. The same reference numerals denote the same or similar elements, components, or parts in the drawings, and thus their repetitive description will be omitted.
Features, structures, characteristics or other details described in a particular embodiment do not preclude the fact that the features, structures, characteristics or other details may be combined in a suitable manner in one or more other embodiments in accordance with the technical idea of the invention.
In describing particular embodiments, the present invention has been described with reference to features, structures, characteristics or other details that are within the purview of one skilled in the art to provide a thorough understanding of the embodiments. One skilled in the relevant art will recognize, however, that the invention may be practiced without one or more of the specific features, structures, characteristics, or other details.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
It will be understood that, although the terms first, second, third, etc. may be used herein to describe various elements, components, or sections, these terms should not be construed as limiting. These phrases are used to distinguish one from another. For example, a first device may also be referred to as a second device without departing from the spirit of the present invention.
The term "and/or" and/or "includes any and all combinations of one or more of the associated listed items.
Example 1
Hereinafter, a proxy server-based intranet access method of the present invention will be described with reference to fig. 1 to 4.
Fig. 1 is a block diagram showing an example of an intranet access method based on a proxy server according to the present invention.
As can be seen from fig. 1, the user performs intranet access to the intranet server by using the intranet access method of the present invention, and since the user cannot directly access the intranet server through the proxy server, the access to the intranet server by the user is realized by monitoring on both sides of the database via the database.
Fig. 2 is a flowchart of the intranet access method based on the proxy server according to the present invention. As shown in fig. 2, an intranet access method based on a proxy server includes the following steps.
Step S101, establishing a configuration table of the proxy server, wherein the configuration table is used for recording intranet server addresses corresponding to different types of user requests.
Step S102, receiving a user request from an external network through a proxy server, wherein the user request comprises identification information which is used for marking the category of the user request; and the proxy server inquires a configuration table according to the identification information in the user request to obtain the address of the intranet server corresponding to the user request.
Step S103, the intranet server obtains a corresponding user request and responds.
And step S104, returning the response result of the intranet server to the user request to the proxy server.
Hereinafter, the intranet access method based on the proxy server according to the present invention will be described in detail by taking a test environment as an example.
In step S101, a configuration table of the proxy server is pre-established for the proxy server, where the configuration table is used to record addresses of the intranet servers corresponding to different types of user requests.
In this example, the proxy server is preferably nginx, but is not limited thereto, and may also be apache or the like, and is used for testing the intranet server by serving the extranet user. The foregoing is illustrative only and is not to be construed as limiting the invention.
Further, the configuration table is used for recording, for example, an intranet server address corresponding to a user request of the test user, and specifically, the configuration table is preset by, for example, a service person according to intranet server information.
From the above, the use of the proxy server nginnx not only realizes load balancing, but also improves the processing capability of http request load.
Next, in step S102, a user request from the extranet is received through the proxy server, the user request including identification information for marking a category of the user request.
In this example, the user request is an HTTP (Hyper Text Transfer Protocol) request, and the identification information is included in a URL of the HTTP request.
It should be noted that the access request packet includes request line data, request header data, and request data. The request line data comprises a request method and a request protocol. The request header data of the access request packet body comprises an IP address of a user, an access request address and a bill. In other examples, the request header data may further include an encoding mode and a compression mode accepted by the terminal where the user is located. The request data is used to indicate the specific content of the access request, such as obtaining test data, message forwarding, etc.
It should be noted that the type of the access request may be flexibly set according to actual needs, for example, the type of the access request may be an APP access request, a service access request, or a system test access request, and the specific content is not limited herein.
For example, in a test environment, the user 1 sends a user request to the proxy server, for example, the user request is http: v/deme.t.360. cn/a/. x, wherein the identification information is "a".
Next, obtaining the intranet server address based on the identification information will be described. When the proxy server receives a user request from a user 1 of the external network, according to the identification information "a", the intranet server address corresponding to the identification information "a" in the configuration table is dynamically queried to be "a.t.110. cn" (refer to fig. 3 specifically), so as to obtain the intranet server address corresponding to the user request.
As shown in table 3, in the configuration table, the same type of user request corresponds to at least two intranet server addresses. Therefore, when a plurality of users simultaneously request to access the same intranet server, each user can be ensured to be responded in time.
Further, a database is also included between the proxy server and the intranet server, and the proxy server records and stores the user request and the corresponding intranet server address into the database, for example, by forwarding or sending the request. In this example, the database is preferably an rdis storage system. In other examples, the database is also used to return responses to requests from a proxy server or an intranet server.
In addition, the database can perform data analysis and screening according to various data recorded and stored on both sides of the extranet proxy server and the intranet server, for example, screening of visiting users or screening of users who have effective visits based on the visit frequency and/or the effective response times, and therefore, the user visits can be effectively controlled. Therefore, the setting of the database improves the network security of the whole system.
Preferably, in the configuration table, a user request number threshold is configured for each intranet server.
Specifically, when the number of unprocessed user requests corresponding to the intranet server address in the record of the database exceeds the threshold, the new user request is stopped from being corresponded to the intranet server.
And when the number of the unprocessed requests of all the intranet servers corresponding to the new user request exceeds the threshold value, the proxy server returns a warning page to the user client.
Further, the warning page displays the number of outstanding user requests of the current type of user request to inform the user of wait time or prompt the user for other accesses.
Further, the threshold number of user requests is determined based on the user requests in the database and historical data of the intranet server.
Therefore, the safe operation of the whole system can be ensured and the response speed to the user access can be improved by configuring the threshold value of the number of the user requests for each intranet server.
Here, the client may be integrated in a terminal such as a mobile phone or a computer, and when a user needs to access, for example, an intranet test system at an extranet client, the client sends an access request to the proxy server.
In addition, the proxy server selectively corresponds the user requests to the intranet servers with less user requests according to the number of unprocessed user requests corresponding to the addresses of the intranet servers in the records of the database, so that more effective load balancing is realized, and the accuracy of load distribution is improved.
It should be noted that, in the present invention, the target intranet server address in the user request is analyzed in real time based on the proxy server nginx, and the effective intranet server address is determined according to the intranet server information provided by the intranet, and then the domain name configuration is automatically updated in combination with the configuration file of nginx, so as to implement dynamic query, thereby obtaining the effective intranet server address. Therefore, dynamic feedback of server load information is realized, and the accuracy of load distribution is improved.
Next, in step S103, the intranet server obtains a corresponding user request and responds.
In this example, unprocessed records in the database are monitored in real time to distribute unprocessed user requests in the database to the corresponding intranet server.
Specifically, different intranet servers acquire corresponding user requests, and more specifically, when the intranet servers acquire the corresponding user requests, a user accesses the intranet servers corresponding to the user requests, for example, the user 1 performs a system test on the intranet server a.
Next, in step S104, a response result of the intranet server to the user request is returned to the proxy server.
For example, the intranet server a returns a test result corresponding to the test action as a response to the database, and the database records and stores the response data and sets a corresponding relationship between the user information and the response data.
Similarly, on the proxy server side, the responses which are not processed in the database are returned to the proxy server and then returned to the user through the proxy server by monitoring the reception of the responses in the database in real time.
It should be noted that the response of the intranet server is not directly returned to the proxy server, but is returned to the proxy server through the database transfer, so that excessive cache fusion of access data is reduced, the network performance and the security performance of the whole system are improved, load balancing is realized by using the proxy server Nginx, and the processing capacity of http request load is improved.
The foregoing is only a preferred embodiment and is not to be construed as limiting the invention. In other examples, step S102 may also be split into S102 and S401, see in particular fig. 4.
Those skilled in the art will appreciate that all or part of the steps to implement the above-described embodiments are implemented as programs (computer programs) executed by a computer data processing apparatus. When the computer program is executed, the method provided by the invention can be realized. Furthermore, the computer program may be stored in a computer readable storage medium, which may be a readable storage medium such as a magnetic disk, an optical disk, a ROM, a RAM, or a storage array composed of a plurality of storage media, such as a magnetic disk or a magnetic tape storage array. The storage medium is not limited to centralized storage, but may be distributed storage, such as cloud storage based on cloud computing.
Compared with the prior art, the intranet access method has the advantages that the proxy server is used for enabling user requests of different users to correspond to the intranet server through the database transfer, excessive cache fusion of access data is reduced, the network performance and the safety performance of the whole system are improved, the proxy server Nginx is used for achieving load balancing, and the processing capacity of http request load is improved. In addition, the target intranet server address in the user request is analyzed in real time based on the proxy server nginx, the effective intranet server address is determined according to intranet server information provided by an intranet, and then domain name configuration is automatically updated by combining with a configuration file of the nginx so as to achieve dynamic query, and therefore the effective intranet server address is obtained, dynamic feedback of server load information is achieved, and accuracy of load distribution is improved.
Example 2
Embodiments of the apparatus of the present invention are described below, which may be used to perform method embodiments of the present invention. The details described in the device embodiments of the invention should be regarded as complementary to the above-described method embodiments; reference is made to the above-described method embodiments for details not disclosed in the apparatus embodiments of the invention.
Referring to fig. 5, 6 and 7, the present invention further provides an intranet access system 500 based on a proxy server, where the intranet access system 500 includes: the system comprises an establishing module 501, wherein the establishing module 501 is used for establishing a configuration table of a proxy server, and the configuration table is used for recording intranet server addresses corresponding to different types of user requests; a receiving module 502, where the receiving module 502 receives a user request from an external network through a proxy server, where the user request includes identification information, and the identification information is used to mark a category of the user request; the query module 503 is configured to query the configuration table by the proxy server according to the identification information in the user request, and obtain an intranet server address corresponding to the user request; an obtaining module 504, where the intranet server obtains a corresponding user request and responds to the user request; and a processing module 505, which returns the response result of the intranet server to the user request to the proxy server.
Preferably, as shown in fig. 6, the intranet accessing system further includes a storage module 601 and a monitoring module 602, where the storage module 601 is used for the proxy server to store the user request and the corresponding intranet server address record into the database; the monitoring module 602 is configured to monitor unprocessed records in the database, so as to distribute unprocessed user requests in the database to a corresponding intranet server.
Preferably, the user request is an HTTP request, and the identification information is included in a URL of the HTTP request.
Preferably, in the configuration table, the user requests of the same type correspond to at least two intranet server addresses; and the proxy server selectively corresponds the user requests to the intranet servers with less user request number according to the number of unprocessed user requests corresponding to the intranet server addresses in the records of the database.
Preferably, as shown in fig. 7, the intranet access system further includes a setting module 701, where the setting module 701 configures a user request quantity threshold for each intranet server in the configuration table; and when the number of the unprocessed user requests corresponding to the intranet server addresses in the records of the database exceeds the threshold value, stopping corresponding the new user requests to the intranet server.
Preferably, when the number of unprocessed requests of all intranet servers corresponding to the new user request exceeds the threshold, the proxy server returns a warning page to the user client.
Preferably, the warning page displays the number value of unprocessed user requests of the current type of user requests.
In embodiment 2, the same portions as those in embodiment 1 are not described.
Those skilled in the art will appreciate that the modules in the above-described embodiments of the apparatus may be distributed as described in the apparatus, and may be correspondingly modified and distributed in one or more apparatuses other than the above-described embodiments. The modules of the above embodiments may be combined into one module, or further split into multiple sub-modules.
Example 3
In the following, embodiments of the electronic device of the present invention are described, which may be regarded as specific physical implementations for the above-described embodiments of the method and apparatus of the present invention. Details described in the embodiments of the electronic device of the invention should be considered supplementary to the embodiments of the method or apparatus described above; for details which are not disclosed in embodiments of the electronic device of the invention, reference may be made to the above-described embodiments of the method or the apparatus.
Fig. 8 is a block diagram of an exemplary embodiment of an electronic device according to the present invention. An electronic apparatus 200 according to this embodiment of the present invention is described below with reference to fig. 8. The electronic device 200 shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 8, the electronic device 200 is embodied in the form of a general purpose computing device. The components of the electronic device 200 may include, but are not limited to: at least one processing unit 210, at least one memory unit 220, a bus 230 connecting different system components (including the memory unit 220 and the processing unit 210), a display unit 240, and the like.
Wherein the storage unit stores program code executable by the processing unit 210 to cause the processing unit 210 to perform the steps according to various exemplary embodiments of the present invention described in the above-mentioned electronic prescription flow processing method section of the present specification. For example, the processing unit 210 may perform the steps as shown in fig. 1.
The memory unit 220 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)2201 and/or a cache memory unit 2202, and may further include a read only memory unit (ROM) 2203.
The storage unit 220 may also include a program/utility 2204 having a set (at least one) of program modules 2205, such program modules 2205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The electronic device 200 may also communicate with one or more external devices 300 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 200, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 200 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 250. Also, the electronic device 200 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the Internet) via the network adapter 260. The network adapter 260 may communicate with other modules of the electronic device 200 via the bus 230. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 200, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments of the present invention described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiment of the present invention can be embodied in the form of a software product, which can be stored in a computer-readable storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to make a computing device (which can be a personal computer, a server, or a network device, etc.) execute the above-mentioned method according to the present invention. The computer program, when executed by a data processing apparatus, enables the computer-readable medium to implement the above-described intranet access method of the present invention.
As shown in fig. 9, the computer program may be stored on one or more computer readable media. The computer readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
In summary, the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that some or all of the functionality of some or all of the components in embodiments in accordance with the invention may be implemented in practice using a general purpose data processing device such as a microprocessor or a Digital Signal Processor (DSP). The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
While the foregoing embodiments have described the objects, aspects and advantages of the present invention in further detail, it should be understood that the present invention is not inherently related to any particular computer, virtual machine or electronic device, and various general-purpose machines may be used to implement the present invention. The invention is not to be considered as limited to the specific embodiments thereof, but is to be understood as being modified in all respects, all changes and equivalents that come within the spirit and scope of the invention.
Claims (10)
1. An intranet access method based on a proxy server is characterized by comprising the following steps:
establishing a configuration table of a proxy server, wherein the configuration table is used for recording intranet server addresses corresponding to different types of user requests;
receiving a user request from an external network through a proxy server, wherein the user request comprises identification information which is used for marking the category of the user request;
the proxy server inquires a configuration table according to the identification information in the user request to obtain an intranet server address corresponding to the user request;
the intranet server acquires a corresponding user request and responds;
and returning a response result of the intranet server to the user request to the proxy server.
2. The intranet access method according to claim 1, wherein the intranet access method further comprises,
the intranet server obtaining and responding the corresponding user request comprises:
the proxy server stores the user request and the address record of the intranet server corresponding to the user request into a database;
and monitoring unprocessed records in the database so as to distribute unprocessed user requests in the database to a corresponding intranet server.
3. An intranet access method according to any one of claims 1-2, wherein the user request is an HTTP request, and the identification information is included in a URL of the HTTP request.
4. The intranet access method according to any one of claims 1-3, wherein:
in the configuration table, the user requests of the same type correspond to at least two intranet server addresses;
and the proxy server selectively corresponds the user requests to the intranet servers with less user request number according to the number of unprocessed user requests corresponding to the intranet server addresses in the records of the database.
5. The intranet access method according to any one of claims 1-4, wherein: in the configuration table, configuring a user request quantity threshold value for each intranet server;
and when the number of the unprocessed user requests corresponding to the intranet server addresses in the records of the database exceeds the threshold value, stopping corresponding the new user requests to the intranet server.
6. The intranet access method according to any one of claims 1-5, wherein: and when the number of the unprocessed requests of all the intranet servers corresponding to the new user request exceeds the threshold value, the proxy server returns a warning page to the user client.
7. The intranet access method according to any one of claims 1-6, wherein: the warning page displays the quantity value of unprocessed user requests of the current type of user requests.
8. An intranet access system based on a proxy server is characterized by comprising:
the system comprises an establishing module, a processing module and a processing module, wherein the establishing module is used for establishing a configuration table of a proxy server, and the configuration table is used for recording intranet server addresses corresponding to different types of user requests;
the receiving module receives a user request from an external network through a proxy server, wherein the user request comprises identification information which is used for marking the category of the user request;
the inquiry module is used for inquiring a configuration table by the proxy server according to the identification information in the user request to obtain an intranet server address corresponding to the user request;
the acquisition module is used for acquiring a corresponding user request and responding;
and the processing module returns a response result of the intranet server to the user request to the proxy server.
9. An electronic device, wherein the electronic device comprises:
a processor; and the number of the first and second groups,
a memory storing computer-executable instructions that, when executed, cause the processor to perform the proxy server-based intranet access method of any one of claims 1-7.
10. A computer-readable storage medium, wherein the computer-readable storage medium stores one or more programs which, when executed by a processor, implement the proxy server-based intranet access method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911423576.8A CN111200655A (en) | 2019-12-31 | 2019-12-31 | Intranet access method, system and electronic equipment based on proxy server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911423576.8A CN111200655A (en) | 2019-12-31 | 2019-12-31 | Intranet access method, system and electronic equipment based on proxy server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111200655A true CN111200655A (en) | 2020-05-26 |
Family
ID=70747336
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911423576.8A Pending CN111200655A (en) | 2019-12-31 | 2019-12-31 | Intranet access method, system and electronic equipment based on proxy server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111200655A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112235400A (en) * | 2020-10-14 | 2021-01-15 | 腾讯科技(深圳)有限公司 | Communication method, communication system, communication apparatus, server, and storage medium |
| CN112714194A (en) * | 2021-03-26 | 2021-04-27 | 南京美乐威电子科技有限公司 | Method for accessing intranet equipment by extranet host and network topology structure |
| CN113381978A (en) * | 2021-05-12 | 2021-09-10 | 网宿科技股份有限公司 | Safe login method and device |
| CN113783713A (en) * | 2020-08-04 | 2021-12-10 | 北京沃东天骏信息技术有限公司 | Method, device and system for configuring proxy |
| CN114338796A (en) * | 2021-12-29 | 2022-04-12 | 中国农业银行股份有限公司 | Dynamic reverse proxy method, device, reverse proxy system, device and medium |
| CN114448857A (en) * | 2022-01-29 | 2022-05-06 | 北京字节跳动网络技术有限公司 | Method, device, storage medium and system for processing Mock service |
| CN114465766A (en) * | 2021-12-27 | 2022-05-10 | 天翼云科技有限公司 | SSH-based remote access method and device, electronic equipment and storage medium |
| CN114780616A (en) * | 2022-04-28 | 2022-07-22 | 苏州浪潮智能科技有限公司 | Information summarizing and information acquiring method, electronic equipment and system |
| CN115361450A (en) * | 2022-10-19 | 2022-11-18 | 北京国电通网络技术有限公司 | Request information processing method, apparatus, electronic device, medium, and program product |
| CN115834230A (en) * | 2022-12-20 | 2023-03-21 | 天翼爱音乐文化科技有限公司 | Internal network penetration configuration method, system, equipment and medium |
| CN115988080A (en) * | 2023-03-22 | 2023-04-18 | 北京首信科技股份有限公司 | Micro service resource calling method and system based on proxy middleware |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110041165A1 (en) * | 2009-08-14 | 2011-02-17 | Novell, Inc. | System and method for implementing a proxy authentication server to provide authentication for resources not located behind the proxy authentication server |
| CN107819745A (en) * | 2017-10-25 | 2018-03-20 | 北京京东尚科信息技术有限公司 | The defence method and device of abnormal flow |
| CN107846445A (en) * | 2017-09-20 | 2018-03-27 | 南京邮电大学 | A kind of server load balancing method based on SDN |
| CN109743295A (en) * | 2018-12-13 | 2019-05-10 | 平安科技(深圳)有限公司 | Access thresholds method of adjustment, device, computer equipment and storage medium |
| CN110086649A (en) * | 2019-03-19 | 2019-08-02 | 深圳壹账通智能科技有限公司 | Detection method, device, computer equipment and the storage medium of abnormal flow |
| CN110166432A (en) * | 2019-04-17 | 2019-08-23 | 平安科技(深圳)有限公司 | The access method of internal net destination service provides the method for Intranet destination service |
| CN110519380A (en) * | 2019-08-29 | 2019-11-29 | 北京旷视科技有限公司 | A kind of data access method, device, storage medium and electronic equipment |
-
2019
- 2019-12-31 CN CN201911423576.8A patent/CN111200655A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110041165A1 (en) * | 2009-08-14 | 2011-02-17 | Novell, Inc. | System and method for implementing a proxy authentication server to provide authentication for resources not located behind the proxy authentication server |
| CN107846445A (en) * | 2017-09-20 | 2018-03-27 | 南京邮电大学 | A kind of server load balancing method based on SDN |
| CN107819745A (en) * | 2017-10-25 | 2018-03-20 | 北京京东尚科信息技术有限公司 | The defence method and device of abnormal flow |
| CN109743295A (en) * | 2018-12-13 | 2019-05-10 | 平安科技(深圳)有限公司 | Access thresholds method of adjustment, device, computer equipment and storage medium |
| CN110086649A (en) * | 2019-03-19 | 2019-08-02 | 深圳壹账通智能科技有限公司 | Detection method, device, computer equipment and the storage medium of abnormal flow |
| CN110166432A (en) * | 2019-04-17 | 2019-08-23 | 平安科技(深圳)有限公司 | The access method of internal net destination service provides the method for Intranet destination service |
| CN110519380A (en) * | 2019-08-29 | 2019-11-29 | 北京旷视科技有限公司 | A kind of data access method, device, storage medium and electronic equipment |
Non-Patent Citations (1)
| Title |
|---|
| 闫连山: "《铁路信号系统网络与信息安全》", 31 March 2016 * |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113783713A (en) * | 2020-08-04 | 2021-12-10 | 北京沃东天骏信息技术有限公司 | Method, device and system for configuring proxy |
| CN112235400A (en) * | 2020-10-14 | 2021-01-15 | 腾讯科技(深圳)有限公司 | Communication method, communication system, communication apparatus, server, and storage medium |
| CN112235400B (en) * | 2020-10-14 | 2024-02-02 | 腾讯科技(深圳)有限公司 | Communication method, communication system, communication device, server, and storage medium |
| CN112714194A (en) * | 2021-03-26 | 2021-04-27 | 南京美乐威电子科技有限公司 | Method for accessing intranet equipment by extranet host and network topology structure |
| CN112714194B (en) * | 2021-03-26 | 2021-06-18 | 南京美乐威电子科技有限公司 | Method for accessing intranet equipment by extranet host and network topology structure |
| CN113381978A (en) * | 2021-05-12 | 2021-09-10 | 网宿科技股份有限公司 | Safe login method and device |
| CN114465766B (en) * | 2021-12-27 | 2023-08-04 | 天翼云科技有限公司 | SSH-based remote access method and device, electronic equipment and storage medium |
| CN114465766A (en) * | 2021-12-27 | 2022-05-10 | 天翼云科技有限公司 | SSH-based remote access method and device, electronic equipment and storage medium |
| CN114338796A (en) * | 2021-12-29 | 2022-04-12 | 中国农业银行股份有限公司 | Dynamic reverse proxy method, device, reverse proxy system, device and medium |
| CN114338796B (en) * | 2021-12-29 | 2024-04-30 | 中国农业银行股份有限公司 | Dynamic reverse proxy method, device, reverse proxy system, equipment and medium |
| CN114448857A (en) * | 2022-01-29 | 2022-05-06 | 北京字节跳动网络技术有限公司 | Method, device, storage medium and system for processing Mock service |
| CN114780616A (en) * | 2022-04-28 | 2022-07-22 | 苏州浪潮智能科技有限公司 | Information summarizing and information acquiring method, electronic equipment and system |
| CN115361450B (en) * | 2022-10-19 | 2023-01-17 | 北京国电通网络技术有限公司 | Request information processing method, apparatus, electronic device, medium, and program product |
| CN115361450A (en) * | 2022-10-19 | 2022-11-18 | 北京国电通网络技术有限公司 | Request information processing method, apparatus, electronic device, medium, and program product |
| CN115834230A (en) * | 2022-12-20 | 2023-03-21 | 天翼爱音乐文化科技有限公司 | Internal network penetration configuration method, system, equipment and medium |
| CN115988080A (en) * | 2023-03-22 | 2023-04-18 | 北京首信科技股份有限公司 | Micro service resource calling method and system based on proxy middleware |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111200655A (en) | Intranet access method, system and electronic equipment based on proxy server | |
| CN109218368B (en) | Method, device, electronic equipment and readable medium for realizing Http reverse proxy | |
| US10027564B2 (en) | Unobtrusive methods and systems for collecting information transmitted over a network | |
| US11159630B2 (en) | Third party validation of web content | |
| US9307036B2 (en) | Web access using cross-domain cookies | |
| JP2021524090A (en) | Selectively provide mutual transport layer security using alternate server names | |
| US9749174B1 (en) | System and method for dynamic allocation of cloud resources | |
| US20090327460A1 (en) | Application Request Routing and Load Balancing | |
| CN107181779B (en) | Method, device and system for processing access request | |
| CN111885123A (en) | Construction method and device of cross-K8 s target service access channel | |
| EP3123696B1 (en) | Serving approved resources | |
| CN111177672A (en) | Page access control method and device and electronic equipment | |
| CN104394227B (en) | User data transmission method, system and the browser of browser | |
| US11637914B2 (en) | Multiple geography service routing | |
| CN113014681A (en) | Network card binding method and device of multi-network card server, electronic equipment and storage medium | |
| US20210160220A1 (en) | Security service | |
| CN103560884B (en) | The cancellation method of subscriber identity information, system, certificate server and client | |
| CN108462731B (en) | Data proxy method and device and electronic equipment | |
| US20180309837A1 (en) | Cookie based session timeout detection and management | |
| US10462205B2 (en) | Providing modifies protocol responses | |
| US10013691B1 (en) | Separating control of network sites | |
| CN114915565A (en) | Method and system for debugging network | |
| CN115699706A (en) | Method and system for propagating data between different domains in a privacy-focused manner | |
| JP2023522785A (en) | Harmony Comprehensive Proxy Service | |
| WO2021201942A1 (en) | 3rd generation partnership project (3gpp) framework for live uplink streaming (flus) sink capabilities determination |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| AD01 | Patent right deemed abandoned | ||
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20231013 |