JP2003006165A - Contents router for httpd authentication, and system for processing statistical information utilizing the same - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a contents router for an HTTPD(Hyper Text Transfer Protocol Demon) authentication, capable of acquiring and processing accurate statistical information in each user, on the basis of a client ID necessary for HTTPD authentication, and a statistical information processing system utilizing the contents router for HTTPD authentication. SOLUTION: The contents router 1 for HTTPD authentication, via which each user accesses the homepage of a Web server 2, when the each server accesses the homepage, is provided with an HTTPD authentication information attaching part 10. When the Web server 2 responds to a homepage display request from a user, who does not have a client ID necessary for HTTPD authentication, the HTTPD authentication information attaching part 10 automatically inserts a client ID for identifying the user into an IP packet for responding, received from the Web server 2 and returns the IP packet for response to the user.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a content router for HTTPD authentication and a statistical information processing system using the same, and a client I required for HTTPD authentication.
It is possible to acquire and process accurate statistical information for each user based on D, and in particular, even when there are simultaneous accesses by a plurality of users from the same IP address, the user who has made the simultaneous access can identify the client ID. The present invention relates to a content router for HTTPD authentication that makes it possible to acquire and process accurate statistical information for each user, and a statistical information processing system using the same.

[0002] Here, HTTPD means HyperTe
xt Transfer Protocol Damem
Abbreviation for on, WWW (World Wide Web)
Server software that processes the protocol used when transferring data. The HTTPD authentication is to identify each user who accesses the Web server based on the user authentication information (client ID) in the IP packet. The content router is a type of relay device that connects a plurality of LANs to each other, and is a router that receives a packet requesting a display to a Web server home page and transmits the packet to the end point network computer system. Say that.

[0003]

2. Description of the Related Art In general, a Web server is a W server via a plurality of users (user computers) via the Internet.
If the home page of the eb server is accessed, H
The access status to the homepage for the text file in the TML format, the image data in the GLF format, etc. is acquired each time the access is made and the acquired content is recorded in the log file. Then, the Web server, when creating the statistical information regarding the access state from the user, creates the statistical information based on the recorded contents of the log file.

FIG. 7 is an explanatory view showing a list of standard items of acquisition contents recorded in a log file in a known Web server.

FIG. 8 is an explanatory diagram showing an example of recorded contents recorded in a log file in a known Web server.

As shown in FIG. 7, the acquisition items recorded in the log file are 1. Client IP address,
2. Client ID, 3. Connection date and time, 4. Service type, 5. Server computer name, 6. Server IP address, 7. Working time (ms), 8. Received bytes, 9.
Send bytes, 10. Service status, 11. System status, 12. Operation content, 13. Target URL, 14. The 14 items of the parameter, and the specific contents of each item are as shown in each item column illustrated in FIG. 7.

Further, as shown in FIG.
As an example of the recorded contents of the log file on the b server, the recording unit is classified by IP address.
Each item shown in FIG. 7 including the address is acquired and recorded. That is, the client IP address is recorded in the first column, the client ID (usually blank) is recorded in the next column, the connection date and the connection time are recorded in separate columns in the next column, and the next column is recorded. The service type is recorded in the column, the server computer name is recorded in the next column, the server IP address is recorded in the next column, and the received byte is recorded in the next column. In the column, the transmitted bytes are recorded, in the next column, the service status is recorded, in the next column, the system status is recorded, in the next column, the operation content is recorded, in the last column, the operation content is recorded. Indicates the target URL. It should be noted that in this recorded content, the parameter recording field is omitted.

[0008]

In the known Web server, the access from each user is different when the access state is recorded in a log file with respect to the access from each user supplied through the Internet.
When the access times are different through the P address, the respective access states are sequentially recorded in the log file for each access arrival time. On the other hand, when a plurality of users are simultaneously accessed through the same IP address, the log file is recorded as an access from the same IP address even though the users access the Web server differently. It will be. With respect to the mode in which such recording is performed, an example of the recorded contents of the log file illustrated in FIG. 8 will be described in detail. The first 5 lines of recording and the last 3 lines of recording have different IP addresses. Therefore, the user can be individually specified for those records.

However, the recording of the 6th to 10th lines from the beginning (recording of the shaded portion) is not limited to any IP.
The address is the same, and when the target URL is referenced,
Lines 6 and 7 are the same request (/main.html) at the same time (11:35:44), and lines 8 and 9 are the same request (/ s at the same time (11:35:48)).
schedule / INDEX. Since it is HTML), it can be specified that the access is made by two users. On the other hand, 10 lines show the request (/ sc
Hedule / INDEX. As far as HTML / NEXT) is concerned, it is not possible to distinguish which of the two users or the user other than the two users.

From this point of view, when the Web server creates the statistical information based on the recorded contents of the log file, the statistical information indicating the number of times of access for each user is obtained, that is, for a specific user. It may be difficult to trace the access history, and it may not always be possible to create accurate statistical information about the number of accesses.

To solve this problem, the applicant of the present invention has made various inventions to enable the identification of the user for simultaneous access from the same IP address by a plurality of users and to obtain accurate statistical information about the number of accesses. , "W
Statistical information acquisition system in eb server (Japanese Patent Application 200
0-205338) "and" Statistical information acquisition system using content router (Japanese Patent Application No. 2001-84399).
No.) ”has already been filed.

According to the above inventions in which the applicant of the present application has already applied for a patent, when it is detected that a plurality of users simultaneously access the home page of the Web server from the same IP address, the simultaneous access is performed. The number of occurrences of is generated, and a subdirectory that can display the homepage with the same contents as the homepage by the number corresponding to the number of occurrences is created, and each simultaneous access is guided to the homepage of the newly created subdirectory, and the log Since the processing in each subdirectory is recorded in the recorded contents of the file, even if multiple users make simultaneous access from the same IP address, it is possible to identify each user from the recorded contents of the log file. It is possible to obtain accurate statistical information about the number of accesses. There is an effect that becomes. In this respect, each of the above-mentioned inventions brings about remarkable effects that cannot be achieved by the conventional statistical information acquisition means.

However, according to each of the above inventions, the number of simultaneous accesses is counted, and a sub-directory capable of displaying a home page having the same contents as the home page is created in the Web server. Therefore, the processing load on the Web server may increase.

The present invention has been improved in order to simplify the entire system while taking into consideration the problem of the processing load on the Web server inherent in each of the above inventions. It is possible to obtain statistical information, and in particular, even when there are simultaneous accesses by multiple users from the same IP address, it is possible to classify the users who have made simultaneous access and acquire accurate statistical information for each user. Although it is common to the above inventions in that
The present invention uses H to insert the client ID in the packet.
By developing a content router for TTPD authentication, it is possible to save the time and effort to deal with the system according to the type of the network OS installed on the Web server of each system introducer, and work for each system introducer to systemize. An object of the present invention is to provide a statistical information acquisition system that can reduce the burden and the processing burden on the Web server.

[0015]

In order to achieve the above object, in the invention relating to the content router for HTTPD authentication according to claim 1, the content router through which each user accesses the home page of the Web server. Is provided with an HTTPD authentication information assigning unit, and the We
When the server b responds to a home page display request from a user who does not have a client ID required for HTTPD authentication, the HTTPD authentication information assigning unit is
A configuration is adopted in which the client ID for identifying the user is automatically inserted in the reply IP packet received from the eb server and the reply is sent to the user.

[0016] Further, in the invention relating to the content router for HTTPD authentication according to claim 2, the HTT
The PD authentication information addition unit includes an IP packet analysis unit, a client ID insertion unit, and a client ID management table, and the IP packet analysis unit analyzes the response IP packet received from the Web server and stores the IP packet in the IP packet. When it is detected that the client ID is not included in the authentication field, the client ID insertion unit
A configuration is adopted in which the client ID for identifying the user is inserted into the authentication field by referring to the client ID management table.

Further, in the invention relating to the statistical information processing system using the HTTPD authentication content router described in claim 3, the access frequency statistical processing unit having a log file in the Web server indicates the access status from each user. A configuration is adopted in which accurate statistical information for each user is acquired and processed based on the client ID inserted in the content router for HTTPD authentication according to claim 1 or 2 and recorded in each of the log files.

According to the statistical information processing system employing the above configuration, when a user who does not have the client ID required for HTTPD authentication accesses the home page of the Web server via the HTTPD authentication content router, The HTTPPD authentication content router that receives the response IP packet from the Web server automatically inserts the client ID for identifying the user into the response IP packet. , It is possible to acquire accurate access history information for each user based on the client ID.

[0019]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings.

FIG. 1 is a block diagram showing an example of the main configuration of a statistical information processing system using the HTTPD authentication content router of the present invention.

In the content router 1 for HTTPD authentication shown in FIG.
1 is an IP packet analysis unit, 12 is a client ID management table, 13 is a client ID insertion unit, 14 and 1
5 is a LAN board. Here, the content router is, as defined at the beginning, a kind of relay device that connects a plurality of LANs to each other, and receives a packet requesting a display from the home page of the Web server and sends it to the end point network computer system. A router that transmits the packet. Note that, in FIG. 1, a specific configuration of a router for transmitting and receiving a packet is not shown, but a configuration that performs a general router function can be adopted.

H of the content router 1 for HTTPD authentication
In the TTPD authentication information addition unit 10, the IP packet analysis unit 11 is connected to the client ID management table 12 and the client ID insertion unit 13. The IP packet analysis unit 11 is a response IP returned from the Web server 2.
The packet is connected so that the packet can be received via the LAN board 15, and the client ID insertion unit 13 determines a predetermined value when the client ID does not exist (blank) in the received response IP packet as described later. It is connected so that a client ID can be inserted and a response IP packet can be transmitted.

In the Web server 2 shown in FIG. 1, 16
Is a LAN board, 20 is an access count statistical processing unit, 21
Is a log file, 22 is a log file access part, 23
Is a log file analysis unit, 24 is a statistical information management table,
25 is a statistical information creating unit, 26 is a statistical information output unit, 27 is an output setting unit, 28 is a display unit, and 29 is a printing unit. In addition, in FIG. 1, We for displaying the home page
Although illustration is omitted, the configuration of the b server, for example, a specific configuration such as a directory for storing a home page, may be configured to perform a general Web server function.

In the access count statistical processing unit 20 of the Web server 2, the log file 21 is connected to the log file access unit 22, and the log file analysis unit 23 is connected to the log file access unit 22 and the statistical information creation unit 25. It The statistical information management table 24 is connected to the statistical information creating unit 25 and the statistical information output unit 26, and the statistical information output unit 26 includes the output setting unit 27, the display unit 28, and the printing unit 2.
9 is connected.

FIG. 4 is an explanatory diagram showing the layout contents in the statistical information management table 24.

As shown in FIG. 4, the layout content of the statistical information management table 24 is "IP ADRS" (I
P address), "CLNT ID" (client I
D), "ACS DIR" (access directory),
"ACS TIME" (access time), "SERV
"IS" (service), "SV NAME" (server name), "SV IP" (server IP address), "WK"
"TIME" (work time), "RCV BYTE"
(Received byte), "SND BYTE" (Sent byte), "SERVICE ST" (Service status), "S"
"YS ST" (system status), "OP ST" (operation content), "CR URL" (target URL), "PRA"
It consists of 15 items of "M" (parameter), and the contents of these 15 items are as shown corresponding to each item.

Next, the H of the present invention will be described with reference to FIGS.
The processing procedure of the content router for TTPD authentication and the statistical information acquisition system using the same will be described.

FIG. 2 shows an operation outline and IP of a statistical information processing system using an HTTPD content router.
It is explanatory drawing which shows the content of a packet structure.

As shown in FIG. 2, from the user PC 3 to We
b When accessing the home page of server 2, HTTP
User PC 3 via content router 1 for D authentication
The basic operation of the HTTP protocol of sending a request from the Web server and returning a response from the Web server 2 is repeated.

These requests and responses are actually performed by transmitting and receiving request or response IP packets, respectively. The outline of the configuration of these IP packets includes communication header, packet type, authentication field,
It is divided into information (various data) (see the IP packet configuration in the lower part of FIG. 2).

First, when the user of the user PC 3 makes a request A to the Web server 2 in order to access the home page of the Web server 2, the IP packet of the first request passes through the HTTPD content router 1 for authentication. It is transmitted to the web server 2. The authentication field in the IP packet of the first request is normally in a blank state (no client ID is included), and the IP packet of the first request is transmitted in this blank state.

Next, the Web server 2 which has received the IP packet of the first request transmits the IP packet 30 (response B) of the first response when returning the response B to the user PC 3. At this time, the authentication field in the IP packet 30 (response B) of the first response is as shown in FIG.
As shown in, the packet is transmitted in a blank state in response to the first request packet.

Upon receiving the IP packet 30 (response B) of the first response from the Web server 2, the HTTPPD content router 1 executes the process in the procedure shown in FIG.

FIG. 3 is a flowchart showing a procedure from the reception of the response IP packet from the Web server to the transmission of the response IP packet in the HTTPD authentication information assigning unit of the HTTPD content router.

When the HTTPD authentication information addition unit 10 receives the IP packet 30 (response B) of the first response (step S10), the IP packet analysis unit 11 analyzes the content of the IP packet 30 (step S20). At this time, when it is detected that the client ID is not included in the authentication field in the IP packet 30 (blank state) (step S30), the client ID insertion unit 1
3 refers to the client ID management table 12 and inserts the client ID for identifying the user who has accessed the authentication field in the blank state (step S40).

As a method of issuing the client ID, for example, in accordance with the date and the access order, the first access on May 22, 2001, for the first access, is 200501022.
A method is conceivable in which the ID number of 0001 is issued and the ID number of 200105220002 is issued in sequence for the second access on the same day. In this case, by issuing the issued ID numbers in the client ID management table 12 in sequence, the client ID insertion unit 1
3 can insert an ID number, which is a serial number by date, into the authentication field in the IP packet 30 by referring to the recorded contents of the client ID management table 12.

In this way, the client ID insertion unit 13
After the client ID is inserted into the authentication field in the IP packet 30 of the first response, the IP packet 3
1 is transmitted (step S50).

As a result, the IP packet 30 (response B) of the first response from the Web server 2 becomes the IP packet 31 (response B ′) to which the client ID is added by passing through the HTTPD authentication content router 1. It is corrected and transmitted to the user PC 3. In this way, the client ID once given to the accessed user is inherited until the access of the user is completed.

Next, when the second and subsequent requests are sent from the user PC 3, the client ID assigned to the authentication field in the IP packet is succeeded and present in the second and subsequent request IP packets. , I
When the client ID is entered in the authentication field in the P packet, the second and subsequent request IP packets are HTT
It will be transmitted via the PD authentication content router 1.

Further, when the Web server 2 returns a response to the second and subsequent requests, the client ID is inherited and exists in the second and subsequent response IP packets, as described above. With the client ID entered in the authentication field in the IP packet, the second and subsequent response IP packets will be transmitted.

Response I from the Web server 2 for the second time and thereafter
The HTTPPD authentication content router 1 that has received the P packet executes the process according to the procedure shown in FIG. 3, but if it detects that the client ID is included in the authentication field in the second and subsequent response IP packets, The IP packet is transmitted as it is without any processing (step S30, step S5).
0).

Next, a processing procedure performed by the access count statistical processing section 20 will be described.

The log file 21 includes the Web server 2 as well as the log files used in the known Web server.
Acquired contents of each access that is accessed are sequentially recorded.

FIG. 5 is an explanatory diagram showing an example of recorded contents recorded in the log file 21 in the statistical information acquisition system using the HTTPD authentication content router shown in FIG. Regarding the recorded contents of the log file, in order to simplify the explanation, in the following explanation,
The recorded contents recorded in the log file 21 will be called new recorded contents (FIG. 5), and the recorded contents recorded in the log file used by the known Web server will be called old recorded contents (FIG. 8).

As shown in FIG. 5, the log file 21
The new recording contents of are similar to the old recording contents of the log file, and the recording unit is classified by IP address. That is, the (client) IP address is recorded in the first column, the client ID is recorded in the next column, the connection date and the connection time are recorded in separate columns in the next column, and the next column is recorded in the next column. The service type is recorded, the server computer name is recorded in the next column, and the server IP is recorded in the next column.
The address is recorded, the next column records the received byte, the next column records the transmitted byte, the next column records the service status, and the second column records the system status. The operation content is recorded in the next column, and the target URL is recorded in the last column. In addition,
Also in this new recorded content, the parameter recording column is omitted.

Here, comparing the new recorded contents with the old recorded contents, the ID numbers (200105220001, 200522000) in the column of the client ID in the new recorded contents.
2, 200105220003) is recorded. The reason why the client ID column of the new record content is partially blank is that the client ID is blank when the user receives the first access as described above. For the access received from the second time and thereafter, the predetermined ID number given by the HTTPD content router 1 is recorded in the client ID field.

According to the record of these target URLs, the old record content is the same time (11: 35: 4) as described above.
4) to the same IP address (210.122.222.1)
1) The same request (/ main.
html), other same time (11: 35: 4)
8) and the same IP address (210.
122.222.11), the same request (/schedule/INDEX.HTML) has been received by two users, and the IP at the time (11:35:48).
The same IP address as the address (210.122.22
Requested by one user from 2.11) (/ sche
dule / INDEX. It is sequentially recorded that the HTML / NEXT) has been received. According to this recording, the last one user is one of the previous two users, or the previous two users. It is impossible to distinguish whether the user is a user other than a human user.

On the other hand, the new recording content is the same time (1
1:35:44) with the same IP address (210.23
0.141.178), the request by the user with the client ID (200105220001) (/main.html) and the new user (1
The request (/main.html) by the client ID field is blank for the second access, and at the other time (11:35:48), the same IP address (210.230.141) as the IP address is received. .178) for the same request, the client ID (200105
220003) is requested by the same user (/ sche
dule / INDEX. Regarding the request from the same IP address (210.230.141.178) as the above-mentioned IP address at the same time (11:36:48) at the other time (11:36:48), the client ID (20010522)
0003) user request (/ schedule /
INDEX. HTML) and client ID (200
105220001) user's request (/ sche
dule / INDEX. Receiving the HTML / NEXT) is recorded respectively. According to this record, since a different client ID is given to each user, the access history for each user can be accurately acquired based on the client ID.

The log file access section 22 waits for the completion of writing to the log file 21, accesses the log file 21, and acquires the recorded contents of the log file 21. The recorded contents of the log file 21 are transferred to an internal buffer (not shown) and stored therein when the writing to the log file 21 is completed.

The log file analysis unit 23 extracts the information necessary for creating the statistical information from the recorded contents stored in the internal buffer, analyzes the extracted information, and outputs the processing result to the statistical information creation unit 25. Supply to. Statistical information creation section 2
5 writes the supplied information in the statistical information management table 24 and also supplies it to the statistical information output unit 26.

The statistical information output unit 26 specifies the information content to be output in the output setting unit 27, for example, when the access history of each user or the access history of a specific user is specified. The access history information is read from the statistical information management table 24, converted into information suitable for display, and then supplied to the display unit 28 to display the access history information, or converted into information suitable for printing, and then the printing unit. 29 to print the access history information.

FIG. 6 is an explanatory diagram showing an example of the recorded contents in which the access history is edited in time series for each user based on the client ID in the newly recorded contents of the log file 21 shown in FIG.

As shown in FIG. 6, the first access history from each user (the client ID column is blank)
Is recorded in 1 to 3 lines, and then the client ID (2
The access history of the user (00105220001) is 4
Recorded in lines 8 to 8, and then the client ID (200
The access history of the user 105220002) is recorded in lines 9 to 10, and finally the client ID (200
The access history of the user (105220003) is recorded in lines 11 to 13. As described above, according to the statistical information processing system of the present invention, it is possible to classify each accessing user based on the client ID and acquire accurate statistical information for each user. Therefore,
Even when multiple users access from the same IP address at the same time, it is possible to obtain accurate statistical information for each user by classifying each user who performed the simultaneous access based on the client ID, as described above. Become.

[0054]

As described above, according to the present invention, the HTT
Client I using PD authentication content router
It is possible to add D, acquire accurate statistical information for each user based on this client ID, and process it.
In particular, there is an effect that accurate statistical information can be acquired and processed even when a plurality of users simultaneously access from the same IP address.

Further, according to the present invention, since the client ID is given by using the content router for HTTPD authentication, it is troublesome to adapt the system according to the type of the network OS installed in the Web server of each system introducer. Not only is there an effect that it is possible to omit the above, but there is an effect that it is possible to reduce the work load of each system introducer for systemization and the processing load on the Web server.

[Brief description of drawings]

FIG. 1 is a block diagram showing an example of a main configuration of a statistical information processing system using an HTTPD content router.

FIG. 2 is an explanatory diagram showing an operation outline and an IP packet configuration content of a statistical information processing system using an HTTPD authentication content router.

[Fig. 3] HTTP of content router for HTTP PD authentication
8 is a flowchart showing a procedure from reception of an IP packet from the Web server to transmission of the IP packet in the D authentication information addition unit.

FIG. 4 is an explanatory diagram showing a layout content of a statistical information management table in an access count statistical processing unit.

FIG. 5 is an explanatory diagram showing an example of recorded contents recorded in a log file in the statistical information processing system of the present invention.

FIG. 6 shows the statistical information processing system of the present invention.
FIG. 7 is an explanatory diagram showing an example of the recorded content obtained by editing and creating the access history in time series for each user based on the client ID based on the client ID.

FIG. 7 is an explanatory diagram showing a list of standard items of acquisition contents recorded in a log file in a known Web server.

FIG. 8 is an explanatory diagram showing an example of recorded contents recorded in a log file in a known Web server.

[Explanation of symbols]

1 Content router for HTTPD authentication 2 Web server 3 User PC 10 HTTPD authentication information addition section 11 IP packet analysis unit 12 Client ID management table 13 Client ID insertion part 14 LAN board 15 LAN board 16 LAN board 20 Access Count Statistics Processing Unit 21 log file 22 Log file access section 23 Log file analysis section 24 Statistical information management table 25 Statistical Information Creation Department 26 Statistical information output section 27 Output setting section 28 Display 29 Printing section 30 IP packet (Response B) 31 IP packet (Response B ')

Continued front page    F term (reference) 5B085 AA08 AC14 AE02 BG02 BG07                 5B089 GA31 HB05 JA37 KA14 KB06                       MC02

Claims (3)

[Claims] 1. A content router that is routed through when each user accesses a home page of a Web server.
The Web server is provided with an TTPD authentication information adding unit.
When responding to a home page display request from a user who does not have a client ID required for TTPD authentication,
The HTTPD authentication information assigning unit automatically inserts a client ID for identifying the user into a response IP packet received from the Web server and sends the response back to the user. . 2. The HTTPD authentication information assigning unit is an IP
A packet analysis unit, a client ID insertion unit, and a client ID management table are provided. The IP packet analysis unit analyzes the response IP packet received from the Web server, and the client ID is included in the authentication field in the IP packet. The HTTPD according to claim 1, wherein the client ID insertion unit refers to the client ID management table and inserts a client ID for identifying the user into the authentication field when it is detected that the user ID is not present. Content router for authentication. 3. The access count statistical processing unit having a log file in the Web server records the access status from each user in the log file, and is inserted by the HTTPD authentication content router according to claim 1 or 2. A statistical information processing system using a content router for HTTPD authentication, characterized in that accurate statistical information for each user is acquired and processed based on the obtained client ID.