JP6659943B2 - Information processing apparatus, information processing system, control method thereof, and program - Google Patents

Description

  The present invention relates to an information processing apparatus, an information processing system, a control method thereof, and a program.

  2. Description of the Related Art There is generally known a device that disconnects a connection with a connection source device with which communication has not been performed for a predetermined time and releases connection resources.

  For example, in Patent Literature 1, in a connection device that connects a public network and a LAN, the communication cost required for the disconnection time from the end of communication until the line is disconnected is suppressed, and the disconnection time is automatically set for each communication partner. There is disclosed a technology for setting a line when no data in LAN data communication continues during a disconnection time corresponding to an area code in a telephone number. As a result, for example, when the communication partner is distant, the disconnection time can be set short, and unnecessary increase in communication cost due to unnecessary line capture can be suppressed.

JP-A-7-336392

  In general, in a system in which a client device is provided with a service from a server on a network, there is a mechanism for disconnecting the connection if there is no communication with the client device for a predetermined time on the server side. On the other hand, for example, a user who considers it troublesome to reconnect to the server after disconnecting the connection, periodically sends a packet such as a NULL packet or a Dummy packet from the client device for the purpose of maintaining the connection with the server. Trying to maintain a connection by sending it to a server is done.

  The NULL packet is, for example, a packet in which TCP data following a TCP header does not exist in TCP / IP (TCP standard specification RFC793), which is a standard protocol for causing different devices to perform network communication (a packet having only a TCP header). . The Dummy packet is, for example, a meaningless packet in which any program on the connection destination server cannot interpret and execute the TCP data transmitted to the connection destination server.

  In the communication between the server and a plurality of client devices, unnecessary communication such as not using the service provided by the server is performed because the connection resources on the server side are limited (there is an upper limit on the number of connectable servers). I want to eliminate.

  An object of the present invention is to provide a mechanism capable of appropriately determining which communication has priority in accordance with the existence of communication for maintaining connection.

  An information processing apparatus according to the present invention is an information processing apparatus capable of communicating with a plurality of client apparatuses, and performs authentication in response to an authentication request from the client apparatus, thereby establishing a connection with the client apparatus. Means, a packet receiving means for receiving a packet from the client device connected by the connection means, and whether the packet received by the packet receiving means is a packet for the purpose of obtaining data from the information processing device, A determining unit for determining whether the packet is not a packet for the purpose of obtaining data, but a packet for maintaining the connection between the client device that is the transmission source of the packet and the information processing device; If the packet received by the means is a packet for the purpose of obtaining data from the information processing device, the packet A transmitting unit that transmits data corresponding to the packet to the client device, and the determining unit uses the packet received by the packet receiving unit to maintain the connection between the client device that transmitted the packet and the information processing device. And disconnection control means for controlling disconnection of the connection with the client device when it is determined that the packet is the target packet.

  Advantageous Effects of Invention According to the present invention, it is possible to provide a mechanism capable of appropriately determining which communication has priority according to the existence of communication for maintaining a connection.

FIG. 1 is a diagram illustrating a system configuration of an information processing system according to an embodiment of the present invention. FIG. 2 is a diagram illustrating an example of a hardware configuration of various devices according to the embodiment of the present invention. FIG. 2 is a diagram illustrating an example of a functional configuration of various devices according to the embodiment of the present invention. 5 is a flowchart illustrating a flow of connection establishment and disconnection processing according to the embodiment of the present invention. 6 is a flowchart illustrating details of a connection disconnection process according to the embodiment of the present invention. FIG. 4 is a diagram illustrating an example of a data configuration of connection information according to the embodiment of the present invention. FIG. 4 is a diagram illustrating an example of a data configuration of connection information according to the embodiment of the present invention. FIG. 4 is a diagram illustrating an example of a data configuration of connection information according to the embodiment of the present invention. FIG. 4 is a diagram illustrating an example of a data configuration of connection information according to the embodiment of the present invention. 9 is a flowchart illustrating a flow of a process of updating connection information after a connection is established in the embodiment of the present invention. It is a figure in an embodiment of the present invention which shows the example of utilization of an information processing system.

  As described above, an object of the present invention is to provide a mechanism capable of appropriately determining which communication has priority in accordance with the existence of communication for maintaining a connection.

  Hereinafter, an example of an embodiment of the present invention will be described with reference to the drawings.

  First, an example of a system configuration of an information processing system according to an embodiment of the present invention will be described with reference to FIG.

  As shown in FIG. 1, the information processing system of the present invention includes client devices 101-1 to 101-3 (hereinafter collectively referred to as client devices 101) and a server system 120.

  The server system 120 includes a springboard server 102, an application server (AP server) 103, and a database server (DB server) 104.

  The client device 101 is a terminal that is operated by a user to mainly perform maintenance of the AP server 103 and the DB server 104, and is performed via a springboard server 102 disclosed on a wide area network such as a WAN 106 (Internet). It connects to the AP server 103 and the DB server 104.

  The springboard server 102 keeps the AP server 103 and the DB server 104 private on a wide area network such as the Internet, and plays a role as a springboard (relay) for performing maintenance while ensuring security. . The public / private division is shown, for example, in FIG.

  In addition, since the connection to the springboard server 102 is concentrated for server maintenance, for example, a connection limit (upper limit) is provided so that the processing load of the springboard 102 with no difference is not excessively increased. Information on the connection limit (connection upper limit) is stored in an external memory of the springboard server 102 (corresponding to a connection upper limit storage unit).

  Further, the stepping board server is operated to be started only when the AP server 103 and the DB server 104 are maintained, so that the security of the information processing system of the present invention can be further improved and the cost of system operation can be reduced.

  The AP server 103 is a server device that executes a web service published via a web server (not shown), executes a web application requested by the web server, and notifies the web server of a processing result. A general user can enjoy services provided by the AP server by logging in to the web server from the client device and indirectly accessing the AP server.

  The DB server 104 stores connection information 600 of the client device to the springboard server 102.

  The connection information 600 is managed by the table structure of FIG. That is, the connection information 600 includes the IP address 601 (identification information of the client device) of the connection source client device 101, the port number 602 of the connection source client device 101, and the user who is input by the client device 101 and transmitted to the platform server 102 and authenticated. It is composed of an identifier 603 (user ID), a connection port 604 of the springboard server 102 for connection, a communication state 605, and a connection start time 606. The value of the communication state 605 is set to “Non” in the non-communication state, and to “VALID” and “Harmless packet such as NULL packet or Dummy packet” if valid communication is performed. If so, set NULL. In the example of FIG. 6, it can be seen that data communication is not performed in the connection between the server and the terminal whose IP address 601 of the connection source client device has the value of “192.168.1.1”.

  The DB server 104 can also store various data used by the AP server 103 together.

  Reference numeral 105 denotes a LAN (Local Area Network), which is a network for connecting the springboard server 102, the AP server 103, and the DB server 104 so that they can communicate with each other. The above is the description of FIG.

  Next, an example of a hardware configuration of various devices according to the embodiment of the present invention will be described with reference to FIG.

  In FIG. 2, reference numeral 201 denotes a CPU, which comprehensively controls each device and controller connected to the system bus 204. The ROM 202 or the external memory 211 includes a basic input / output system (BIOS) or an operating system program (hereinafter, referred to as an OS), which is a control program of the CPU 201, and a function to be executed by each server or each PC. Various programs described later are stored.

  A RAM 203 functions as a main memory, a work area, and the like for the CPU 201. The CPU 201 loads various programs and the like necessary for executing processing from the ROM 202 or the external memory 211 into the RAM 203 and executes the loaded programs to realize various operations.

  An input controller 205 controls input from a keyboard (KB) 209 or a pointing device such as a mouse (not shown). A video controller 206 controls display on a display such as a CRT display (CRT) 210. In FIG. 2, the CRT 210 is described, but the display is not limited to the CRT but may be another display such as a liquid crystal display. These are used by the administrator as needed.

  A memory controller 207 is connected to a hard disk (HD) for storing a boot program, various applications, font data, user files, edit files, various data, and the like, a flexible disk (FD), or a PCMCIA card slot via an adapter. Access to an external memory 211 such as a compact flash (registered trademark) memory.

  A communication I / F controller 208 connects and communicates with an external device via a network (for example, the LAN 105 shown in FIG. 1), and executes communication control processing on the network. For example, communication using TCP / IP is possible.

  Note that the CPU 201 enables the display on the CRT 210 by executing, for example, an outline font developing (rasterizing) process on a display information area in the RAM 203. Further, the CPU 201 enables a user instruction with a mouse cursor (not shown) on the CRT 210.

  Various programs described below for realizing the present invention are recorded in the external memory 211, and are executed by the CPU 201 by being loaded into the RAM 203 as necessary. Further, a definition file and various information tables used when executing the program are also stored in the external memory 211, and a detailed description thereof will be described later. The above is the description of FIG.

  Next, an example of a functional configuration of various devices according to the embodiment of the present invention will be described with reference to FIG.

  As shown in FIG. 3, the client device 101 includes a remote server connection program 301. It is assumed that the remote server connection program 301 is installed in the client device 101 in advance.

  The remote server connection program 301 installed in the client device 101 includes an input receiving unit 302, a display control unit 303, a communication unit 304, a setting unit 305, and a storage unit 306.

  The input receiving unit 302 sets the remote server connection program 301, a host name (or IP address) for specifying the stepping platform server 102 to be connected, and authentication information (for example, a user) required from a connection destination server (eg, the stepping platform server 102). An identifier), a command sentence called a command for the program on the springboard server 102, and the like are received.

  The display control unit 303 displays the data received by the input receiving unit 302 and the response data received from the program on the springboard server 102 (for example, displays the authentication result and the response of the program on the springboard server 102). The communication unit 304 communicates with a communication program on the springboard server 102 by SSH or the like.

  The setting unit 305 provides a user with a customization function of the remote server connection program 301. For example, in order to avoid disconnection processing by a connection destination server when the connection destination server (eg, stepping board server 102) has a function of disconnecting from a client device that has been in a non-communication state for a predetermined time or longer. And (2) storing customization settings such as transmitting harmless NULL packets and Dummy packets to the connection destination server at regular intervals. The setting is set and stored according to a user's input operation.

  The storage unit 306 stores input data from the input unit in the remote server connection program 301 and customization information (setting) performed by the setting unit. Also, connection information 600 is stored.

  The springboard server 102 includes a connection waiting program 311. It is assumed that the connection waiting program 311 is installed in the platform server 102 in advance.

  The connection waiting program 311 includes a communication unit 312, a communication data analysis unit 313, a user authentication unit 314, a storage unit 315, a connection management unit 316, and a command execution unit 317.

  The communication unit 312 of the connection waiting program 311 waits for a connection from the remote server connection program 301, and performs data communication after the connection is established.

  The communication data analysis unit 313 analyzes data transmitted from the remote server connection program 301.

  The user authentication unit 314 performs authentication using the user identifier input in the client device 101 using the remote server connection program 301. Only the user who succeeds in the authentication can proceed to the subsequent connection processing.

  The storage unit 315 stores user authentication information, analysis results of data transmitted from the remote server connection program 301, information on communication data patterns regarded as illegal, and the like. Here, the storage unit 315 is provided in the springboard server, but the information may be stored in an external storage device (for example, the DB server 104) and managed so that the information can be retrieved at any time. .

  The connection management unit 316 establishes and disconnects a connection with the remote server connection program 301, and releases a connection resource that is not properly used when there is no available connection resource. For example, the connection with the client device 101 that is the source of the NULL packet or the Dummy packet is disconnected to secure connection resources (number of connectable connections).

  The command execution unit 317 executes a command sent from the remote server connection program 301. By executing the command, the program in the springboard server 102 is executed. By executing the program, the AP server 103 and the DB server 104 can be further operated.

  The DB server 104 includes a database system 321. It is assumed that the database system 321 is installed in the DB server 104 in advance.

  The database system 321 mainly includes a communication unit 322, an instruction unit 323, and a storage unit 324. The communication unit 322 communicates with the springboard server 102 using a communication protocol such as TCP / IP.

  The command unit 323 writes, updates, refers to, and deletes data from the springboard server 102 to the storage unit 324 of the database system 321. That is, in accordance with a request from the client device 101 via the springboard server 102, information owned by the AP server 103 is transmitted, displayed, and updated. The storage unit 324 stores data sent from the platform server 102. The above is the description of FIG.

  Next, with reference to FIG. 4, the flow of processing for establishing and disconnecting a connection in the embodiment of the present invention will be described.

  Each process (step) described below is executed by the CPU 201 of each device by using the function of each device and the function of a program.

  <First embodiment>

  First, prior to the connection of the client device 101 with the springboard server 102, the springboard server 102 authenticates the remote server connection program started on the client device 101.

  Specifically, an authentication request including user information (for example, the user identifier 603 in FIG. 6) received from the input unit of the remote server connection program started in response to a user operation on the client device 101 is transmitted to the springboard server 102. It transmits (step S401).

  The springboard server 102 receives an authentication request from the client device 101 (step S411), and executes a user authentication process (step S412).

  Examples of the authentication method provided by the springboard server 102 in response to an authentication request from the remote server connection program of the client device 101 include a password authentication method and a public key authentication method. It is assumed that the authentication in this embodiment is realized by a public key authentication method.

  If the stepping server 102 cannot authenticate the client device 101 (NO in step S413), the stepping server 102 notifies the client device 101 of an authentication failure, and the client device 101 displays information indicating that the connection to the stepping server 102 has failed. (Step S402). On the other hand, when the springboard server 102 succeeds in the authentication from the client device 101 (YES in step S412), the springboard server 102 checks whether there is a free connection resource of the springboard server 102 (step S414).

  Here, a method of determining whether there is a free connection resource in the springboard server 102 will be described. The availability of the connection resource is determined using the number of connections established between the ladder server 102 and the remote server connection programs of the client apparatuses 101 (client apparatuses 101-1 to 101-3). It is assumed that information on the upper limit value (connection upper limit) of the number of connections is stored in the storage unit 315 of the springboard server 102.

  For example, if the upper limit of the number of connections is set to 10, the springboard server 102 determines that there is no free connection resource for the client device 101 that has requested the eleventh connection. If the number of already established connections is 9 or less, it is determined that there is a free connection resource.

  If there is a vacancy in the connection resources of the springboard server 102 (YES in step S414), the CPU 201 of the springboard server 102 allocates connection resources (step S415). That is, a connection with the client device 101 that has transmitted the authentication request is established. Then, the connection information stored in the DB server 104 is updated (step S416).

  Here, a method and procedure for updating the connection information will be described. The springboard server 102 stores the same data as the connection information 600 in its own device. When a new connection is established, the information relating to the established connection is added to the connection information 600 of its own device. Then, the added information is transmitted to the DB server 104, and the DB server 104 receives the information. The DB server 104 updates the connection information 600 in the DB server.

  The springboard server 102 notifies the remote server connection program of the client device 101 that has transmitted the authentication request that the connection has been established (step S420).

  On the other hand, when the springboard server 102 determines that there is no free connection resource in the springboard server 102 (NO in step S414), it attempts to release a connection resource that has not been properly used to make a free connection resource. That is, connection resource release processing (unnecessary connection disconnection processing) is executed (step S417). Details of the connection resource release processing (unnecessary connection disconnection processing) will be described later with reference to FIG.

  If the springboard server 102 succeeds in releasing the connection resource that is not properly used (YES in step S418), the springboard server 102 establishes a connection with the client device 101 that has requested the connection (step S415).

  On the other hand, if the ladder server 102 attempts to release the connection resources that are not properly used, but there are no resources that can be released (NO in step S418), the ladder server 102 discards the connection request from the client device 101 (step S418). Step S419).

  The springboard server 102 discards the connection request in step S419 and notifies the client device 101 of information indicating that the connection could not be established (step S420).

  The client apparatus 101 acquires the information of the connection result transmitted in step S420, and if the received information is information indicating that the connection could not be established, a display screen indicating that the connection could not be established Is displayed and the process ends. On the other hand, if the information indicates that the connection has been established, the process proceeds to step S404, and a process of updating the connection information is executed (step S404). Details of the connection information updating process will be described later with reference to FIG. The above is the description of FIG.

  Here, with reference to FIG. 10, a description will be given of a flow of a process of updating connection information after connection establishment in the embodiment of the present invention.

  The remote server connection program 301 of the client device 101 determines whether a command input by a user operation has been received on the console or the like illustrated in FIG. 11 (step S1001).

  If an input of a command has been received (YES in step S1001), the command is transmitted to step platform server 102 (step S1002). For example, it is assumed that an input of a command for requesting display of an access log of the AP server 103 is received and a packet including the command is transmitted.

  If the command input has not been received (NO in step S1001), the process proceeds to step S1003. In step S1003, a NULL packet is periodically transmitted to the springboard server 102 in accordance with, for example, the customization setting of the remote server connection program 301 described above (step S1003).

  The springboard server 102 receives the communication data (corresponding to step S1004 / packet receiving means) and analyzes the received communication data (step S1005). Then, the connection information 600 of the DB server 104 is updated based on the information obtained from the communication data (step S1006). For example, in the case of the communication data transmitted in step S1002, “VLID” is inserted and stored in the communication state 605, and in the case of the communication data transmitted in step S1003, “NILL” is inserted and stored in the communication state 605. I do.

  The springboard server 102 determines whether the communication state 605 of the updated connection information is “NULL” (step S1007), and ends the processing if the communication state 605 is “NULL”. In the case of “VALID” instead of “NULL”, the process proceeds to step S1008, and information of the command obtained by analyzing the communication data is transmitted to the AP server 103 (step S1008). Here, it is assumed that the command is an access log acquisition request of the AP server.

  The AP server 103 receives the command (step S1009), acquires information (access log) corresponding to the command, and returns it to the springboard server 102 (step S1010).

  The springboard server 102 receives the information (step S1011) and transmits the information to the client device 101 that has requested the information (step S1012).

  The remote server connection program 301 of the client device 101 receives the information (step S1013) and displays the information on the console (step S1014). The above is the description of FIG.

  Next, the details of the connection resource release processing (unnecessary connection disconnection processing) in the embodiment of the present invention will be described with reference to FIG.

  In the present embodiment, an unnecessary connection (a connection resource that has not been properly used) refers to a connection established between the client device 101 and the ladder server 102 and to avoid disconnection due to a non-communication state. Refers to a connection in which intentionally meaningless NULL packet communication or Dummy packet communication is continued to maintain the connection. In addition, if there is no communication for a certain period of time after the connection is established, the connection is determined to be an unnecessary connection (connection resource that is not properly used).

  The CPU 201 of the springboard server 102 refers to the connection information 600 of the DB server 104 (step S501), and determines whether there is a connection in a non-communication state among all the connections to the springboard server 102 (step S502).

  If there is a connection in the non-communication state (YES in step S502), the connection with the longest connection time is selected from the connections in the non-communication state (step S503). Then, the connection resource selected in step S503 is released (the disconnection (release) of the connection selected in step S504 / step S503 is executed / disconnection control is performed). That is, the communication / connection with the communication state 605 = “VALID” and the communication / connection requested with the new authentication are established prior to the communication / connection with the communication state = “NULL” or “Non”.・ It is something to maintain. Then, the record of the disconnected connection is deleted from the connection information of the DB server 104 (step S505). The connection having the longest connection time is a connection of a record having the largest difference between the connection start time 606 and the current time. The information on the current time is obtained from a date and time storage unit (clock function) (not shown) of the springboard server 102.

  Assuming that the upper limit of the number of connections of the springboard server 102 is 3 and the connection information is the same as the connection information 600 in FIG. 6, the value 611 of the IP address 601 of the connection source client device is “192.168.1.1”. The record is selected as a release target (disconnection / deletion target).

  On the other hand, if it is determined in step S502 that there is no connection in the non-communication state (NO in step S502), all connections to the server are grouped by the connection source client device 101 (for each IP address 601 of the connection source client device). And store it on the memory (step S506).

  Then, one connection source client device 101 is selected from the grouped data, and all connection information between the client device 101 and the springboard server 102 is acquired (step S507).

  The springboard server 102 refers to the communication state 605 of all connection information acquired in step S507 and determines whether all decimals are NULL packet communication or Dummy packet communication (corresponding to step S508 / packet determination means). . That is, the latest information is obtained from the communication performed in the past, and the determination is performed.

  If at least one data communication other than the NULL packet or the Dummy packet has been performed (NO in step S508), the process proceeds to step S511 without releasing the connection resource.

  The reason why the connection is not released even though there is a connection suspected of connection spoofing (unnecessary connection / improper use of connection resources) by NULL packet communication or Dummy packet communication will be described.

  For example, as shown in FIG. 11, one client device 101 may start up a plurality of remote server connection programs 301 and connect to the springboard server 102, respectively.

  Specifically, a case where a user activates a plurality of remote server connection programs on the client device 101 and sequentially operates a plurality of server devices (for example, the AP server 103 and the DB server 104) while passing through the ladder server 102. Is assumed.

  When a plurality of communications are established between one client apparatus 101 and the springboard server, and some of them are valid communications (VALID) and some of them are communications of NULL or Dummy packets, for example, After the use of the connection for which effective communication is completed, it can be expected that the connection maintained by NULL packet communication or Dummy packet communication by the same user will be used (change to effective communication).

  That is, since at least the client device 101 is being used because a part of the connection is valid, after the work relating to the connection that is currently valid and used by the user is completed, a NULL packet or a Dummy packet is now used. It is determined that there is a high possibility that work related to the communication connection is started.

  Assuming such a situation, a connection that is expected to be used for remote control of a plurality of server devices by a user of the same client device 101 is maintained from the viewpoint of usability.

  For example, when the connection information 600 is in a state like the connection information 700 in FIG. 7, there are two connections from the terminal whose IP address 701 of the connection source client device has a value of “192.168.1.3”, The port number 33621 of the connection source client device performs NULL communication. However, in the connection from the port number 33622 of the connection source client device, which is the other connection, appropriate communication is performed, so the connection from the port number 33621 of the connection source client device is not released (disconnected).

  On the other hand, if the communication data of all the connections is a NULL packet or a Dummy packet (YES in step S508), whether the user who transmitted the packet (specifying the user identifier 603) has made a connection from another client device 101 Is determined with reference to the group of the connection information 600 of the other client devices 101 grouped in step S506 (step S509).

  If the connection from the other client device 101 to the platform server 102 has not been made (NO in step S509), the process proceeds to step S503.

  For example, in FIG. 7, there are two connections from the client device 101 whose IP address value of the connection source client device is “192.168.1.4”, and both have the communication status 605 = “NULL” (NULL packet Communication or Dummy packet communication). Therefore, the connection of the port number 33621 of the connection source client device having a long connection time among the connections of the client device 101 of “192.168.1.4” is released.

  If it is determined in step S509 that the user with the user identifier 603 corresponding to the client device 101 selected in step S507 is connected to the platform server 102 from another client device 101 (YES in step S509), With reference to the communication status 605 of the connection information from the other client device 101, it is determined whether all the connections from the other client device 101 are NULL packet or Dummy packet communication (step S510).

  If it is determined in step S510 that the communication data of all the connections is a NULL packet or a Dummy packet (YES in step S510), the process proceeds to step S503.

  For example, when the connection information 600 is in a state like the connection information 800 shown in FIG. 8, the connection from the terminal whose IP address value of the connection source client device is “192.168.1.6” is released (disconnected). I do.

  On the other hand, if it is determined in step S510 that the communication data of all the connections is not a NULL packet or a Dummy packet (YES in step S510 / that is, if there is a communication of “VALID”), the client device selected in step S507 The processing shifts to step S511 without releasing the connection resource of 101 (disconnecting the connection).

  For example, when the connection information 600 is in the state of the connection information 900 in FIG. 9, the IP address value 901 of the connection source client device is “192.168.1.5”, “192.168.1.6”, “ 192.168.1.7 ", it is understood that valid communication is being performed from a terminal whose IP address 901 value of the connection source client device is" 192.168.1.6 ". . Therefore, the three connections taken up in the connection information of FIG. 9 are excluded from the release targets (not disconnected).

  The reason why the connection is not cut off when part of the connection by the same user is valid and part is NULL packet communication or Dummy packet communication is as described above in the description of step S508.

  In step S511, the springboard server 102 determines whether the processes of steps S508 to S510 for all the connection information of all the groups among the connection information grouped in step S506 are completed (step S511), and Is completed (YES in step S511), the process ends. If there is unprocessed information (NO in step S511), the process returns to step S507 to return the unprocessed group to the unprocessed group. The connection information is acquired, and the processing from step S508 is executed. The above is the description of FIG.

  As above, the first embodiment of the present invention has been described.

  According to the first embodiment of the present invention, it is possible to provide a mechanism capable of appropriately determining which communication has priority in accordance with the existence of communication for maintaining a connection.

  <Second embodiment>

  Hereinafter, a second embodiment of the present invention will be described. Note that the description of the parts that perform the same processing as in the first embodiment will be omitted.

  In the second embodiment, the user of the client device 101 disconnects before the stepping server 102 disconnects the connection that is determined to be not properly used among the connections established with the client device 101. Ask for consent.

  Specifically, after step S503 in FIG. 5, the springboard server 102 transmits, to the remote server connection program 301 of the client device 101, information on a confirmation screen (not shown) for confirming whether connection maintenance is necessary. The remote server connection program 301 used by the user is specified by referring to the connection information stored in the DB server 104 and the IP address 601 of the connection source client device having a valid communication state and the port number 602 of the connection source client device. More specific.

  Further, when the stepping server 102 receives information of a response indicating that the connection is to be disconnected from the client apparatus 101 (for example, by accepting a press of a “connection disconnection” button on a confirmation screen (not shown), the connection is disconnected). Is transmitted to the springboard server 102), or a confirmation screen of the necessity of maintaining the connection is transmitted to the remote server connection program 301 of the client device 101, and the response of maintaining the connection is obtained even after a certain period of time. If not, disconnect. When the information of the response indicating that the connection is maintained is received (for example, by receiving the pressing of the “maintain connection” button on a confirmation screen (not shown), the response indicating that the connection is maintained is transmitted to the platform server 102). Then, the processing is terminated without disconnecting the connection.

  According to the second embodiment, it is possible to prevent disconnection from being abruptly cut off by the user, and to appropriately determine which communication has priority according to the presence of communication for maintaining connection. Possible mechanisms can be provided.

  In the above-described embodiment, the information of the confirmation screen is transmitted to the client device 101 with a valid connection. However, for example, the user identifier of the client device with a connection determined to be an inappropriate connection is set to A connection disconnection confirmation message (confirmation screen) may be transmitted to all the remote server connection programs 301 of all the corresponding client devices 101.

  <Third embodiment>

  Hereinafter, a third embodiment of the present invention will be described. Note that a description of a portion that performs the same processing as in the first embodiment and the second embodiment will be omitted.

  In the third embodiment, in the server system 120, there are a plurality of springboard servers 102. It is assumed that one of them operates as described in the first and second embodiments. Also, it is assumed that a management server that monitors the activation state of each device in the server system 120 such as the springboard server 102 is operating and is communicably connected to various servers in the server system 120.

  If the stepping server 102 has stopped functioning for some reason such as excessive processing due to an increase in load, for example, the management server that has detected the functioning stop (for example, forced shutdown) of the stepping server 102 will stop the functioning step. An instruction is issued to another stepping platform server to activate the stepping platform server different from the server, and the stepping platform server receiving the instruction is activated. After starting, the springboard server refers to and acquires the connection information 600 stored in the DB server 104. It is assumed that the various records of the connection information 600 are in a state where the information stored at the time when the function of the springboard server 102 is stopped is stored as it is. The newly started springboard server refers to the communication state 605, specifies connection information that is a valid connection (communication state = “VALID”), and reconnects to the IP address and port of the connection source client device. Submit the request. Then, the client device 101 establishes a connection with the springboard server in response to the request. It is assumed that user authentication is not required for the reconnection. Further, the newly started stepping stone server ends the process without transmitting the connection request to the connection source client device whose communication status 605 indicates NULL or Non.

  According to the third embodiment of the present invention, there is provided a mechanism capable of appropriately determining which communication should be given priority according to the existence of communication for the purpose of maintaining the connection with the migration of the springboard server. can do.

  As described above, according to the present invention, it is possible to provide a mechanism capable of appropriately determining which communication is to be prioritized in accordance with the existence of communication for maintaining a connection.

  Note that the upper limit of the number of connections described above in the various embodiments may be stored and managed in the storage unit 324 of the DB server 104 or the like.

  Also, in step S414, it is determined whether or not there is a free connection resource based on not only the upper limit number of connections but also the CPU usage rate of the springboard server 102, the memory consumption of the springboard server 102, the upper limit number of connections, and a combination thereof. You may do so. Specifically, when the CPU usage rate is equal to or greater than the threshold and the memory consumption is equal to or greater than the threshold, the springboard server 102 determines that there is no free connection resource. When the CPU usage rate is lower than the threshold value, the memory consumption is lower than the threshold value, and the number of connections does not reach the upper limit of the connection, it is determined that there is a free connection resource. Note that the conditions for the determination can be freely set, changed, and combined by a user operation on a setting screen (not shown) of the springboard server 102.

  Further, the processing of steps S509 and S510 in FIG. 5 may be skipped, and if “YES” is determined in step S508, the processing may proceed to step S503. In some cases, depending on the form of server maintenance, scenes in which one user uses a plurality of client devices at a time are rare, and the unnecessary processing load generated by performing the processing of steps S509 and S510 is reduced. This is to reduce it.

  In addition, the springboard server 102 periodically refers to the information of the connection information 600, and if the number of connection information (the number of connections) falls within a predetermined number from the upper limit of the connection, the process proceeds from step S501 in FIG. May be started. That is, when the actual number of connections approaches the upper limit of the number of connections, a process of disconnecting unnecessary connections is performed. It is assumed that the value of the predetermined number is stored in the external memory of the springboard server 102 in advance.

  Note that the present invention can be, for example, embodiments as a system, an apparatus, a method, a program, a storage medium, or the like. Specifically, the present invention may be applied to a system including a plurality of devices, Alternatively, the present invention may be applied to an apparatus including one device.

  For example, the springboard server 102, the AP server 103, and the DB server 104 are integrated, and perform the processes of the above-described embodiment (for example, the processes of the functional units described in FIG. 4 and the processes of steps S1004 to S1012 in FIG. 10). One device may execute it.

  Note that the present invention includes a program that directly or remotely supplies a software program that realizes the functions of the above-described embodiments to a system or an apparatus. The present invention also includes a case where the present invention is also achieved by a computer of the system or the apparatus reading and executing the supplied program code.

  Therefore, the program code itself installed in the computer to implement the functional processing of the present invention by the computer also implements the present invention. That is, the present invention includes the computer program itself for realizing the functional processing of the present invention.

  Examples of a recording medium for supplying the program include a flexible disk, a hard disk, an optical disk, a magneto-optical disk, an MO, a CD-ROM, a CD-R, and a CD-RW. Further, there are a magnetic tape, a nonvolatile memory card, a ROM, a DVD (DVD-ROM, DVD-R), and the like.

  As another program supply method, a client computer is connected to a homepage on the Internet using a browser. The computer program of the present invention or a compressed file including an automatic installation function can be supplied from the home page by downloading the file to a recording medium such as a hard disk.

  Also, the present invention can be realized by dividing the program code constituting the program of the present invention into a plurality of files and downloading each file from a different homepage. In other words, the present invention also includes a WWW server that allows a plurality of users to download a program file for implementing the functional processing of the present invention on a computer.

  In addition, the program of the present invention is encrypted, stored in a storage medium such as a CD-ROM, distributed to users, and downloaded to a user who satisfies predetermined conditions from a homepage via the Internet to download key information for decryption. Let it. Then, it is also possible to execute the encrypted program by using the downloaded key information and install the program on a computer to realize the program.

  The functions of the above-described embodiments are implemented when the computer executes the read program. In addition, the OS or the like running on the computer performs part or all of the actual processing based on the instructions of the program, and the functions of the above-described embodiments can also be realized by the processing.

  Further, the program read from the recording medium is written to a memory provided in a function expansion board inserted into the computer or a function expansion unit connected to the computer. Thereafter, based on instructions of the program, a CPU or the like provided in the function expansion board or the function expansion unit performs part or all of actual processing, and the functions of the above-described embodiments are also realized by the processing.

It should be noted that the above-described embodiment is merely an example of the embodiment for carrying out the present invention, and the technical scope of the present invention should not be interpreted in a limited manner.
That is, the present invention can be implemented in various forms without departing from the technical idea or the main features.

101-1 Client device 101-2 Client device 101-3 Client device 102 Stepping board server 103 Application server 104 Database server 105 LAN
106 WAN
120 server system

Claims (7)

An information processing device capable of communicating with a plurality of client devices,
By performing authentication in response to an authentication request from the client device, connection means for establishing a connection with the client device,
Packet receiving means for receiving a packet from the client device established by the connection means,
The packet received by the packet receiving means is not a packet for the purpose of obtaining data from the information processing device or a packet for the purpose of obtaining data, and the client device and the information processing device of the transmission source of the packet determining means for determining a packet for the purpose of maintaining the connection,
Before Symbol judging means, when the packet received by said packet receiving means is determined to be a packet for the purpose of maintaining the connection between the sending client device and the information processing apparatus of the packet, the client device Disconnection control means for controlling to disconnect the connection with
From the client device that is the source of the packet determined to be the packet intended to maintain the connection by the determination unit, in addition to the packet, receiving a packet intended to obtain data from the information processing device Packet determination means for determining whether the
With
The disconnection control unit receives, by the packet determination unit, a packet for the purpose of obtaining data from the information processing device in addition to a packet for maintaining the connection with the information processing device from the client device. If it is determined that the connection has been established, in addition to the packet for the purpose of maintaining the connection with the information processing device from the client device, the data acquisition from the information processing device is performed without controlling the disconnection. An information processing apparatus characterized in that when it is determined that a packet for the purpose of (1) has not been received, control is performed to disconnect the connection with the client apparatus. A packet that is not a packet intended to acquire data from the information processing apparatus and is intended to maintain a connection between the client apparatus that transmitted the packet and the information processing apparatus is a NULL packet or a Dummy packet. hand,
The determining means determines whether the packet received by the packet receiving means is a NULL packet or a Dummy packet,
When the packet received by the packet receiving unit is a NULL packet or a Dummy packet, the disconnection control unit controls to disconnect the connection with the client device of the transmission source of the NULL packet or the Dummy packet. The information processing apparatus according to claim 1. Connection upper limit storage means for storing a connection upper limit capable of connecting the client device and the information processing device,
With
The disconnection control unit, when the number of packets received from the plurality of client devices by the reception unit falls within a predetermined number from the connection upper limit stored in the connection upper limit storage unit, disconnection of the connection with the information processing device. maintaining information processing apparatus according to claim 1 or 2, characterized in that controlled to disconnect the connection with the client apparatus that is the source of the packet for the purpose of. The disconnection control unit, for the client device of the transmission source of the packet determined to maintain the connection between the client device and the information processing device by the determination unit, the client device and the information processing device Control to display a confirmation screen to confirm disconnection,
In the confirmation screen, the information processing apparatus according to any one of claims 1 to 3, characterized in that cutting the connection with the client device and the information processing apparatus when receiving an instruction to the cutting. A method for controlling an information processing device capable of communicating with a plurality of client devices,
By performing authentication in response to an authentication request from the client device, a connection step of establishing a connection with the client device,
A packet receiving step of receiving a packet from the client device established in the connection step,
The packet received in the packet receiving step is not a packet for the purpose of obtaining data from the information processing device, or a packet for the purpose of obtaining data, the client device and the information processing device of the transmission source of the packet a determination step of determining whether the packet for the purpose of maintaining the connection,
Before Symbol decision step, the packet received by said packet receiving step, when the maintenance of connection to the source of the client device and the information processing apparatus of the packet is determined to be a packet of interest, the client device A disconnection control step of controlling to disconnect the connection with the
From the client device of the source of the packet determined to be a packet intended to maintain the connection in the determination step, in addition to the packet, receiving a packet intended to obtain data from the information processing device Packet determining step of determining whether
Including
In the disconnection control step, in the packet determination step, in addition to a packet for maintaining connection with the information processing apparatus from the client apparatus, a packet for obtaining data from the information processing apparatus is received. If it is determined that the connection has been established, in addition to the packet for the purpose of maintaining the connection with the information processing device from the client device, the data acquisition from the information processing device is performed without controlling the disconnection. A control method for disconnecting a connection with the client device when it is determined that a packet intended for the purpose is not received . A program executable by an information processing device capable of communicating with a plurality of client devices,
The information processing device,
By performing authentication in response to an authentication request from the client device, connection means for establishing a connection with the client device,
Packet receiving means for receiving a packet from the client device established by the connection means,
The packet received by the packet receiving means is not a packet for the purpose of obtaining data from the information processing device or a packet for the purpose of obtaining data, and the client device and the information processing device of the transmission source of the packet determining means for determining a packet for the purpose of maintaining the connection,
Before Symbol judging means, when the packet received by said packet receiving means is determined to be a packet for the purpose of maintaining the connection between the sending client device and the information processing apparatus of the packet, the client device and cutting control means for controlling so as to disconnect the connection with,
From the client device that is the source of the packet determined to be the packet intended to maintain the connection by the determination unit, in addition to the packet, receiving a packet intended to obtain data from the information processing device Function as packet determination means for determining whether
The disconnection control unit receives the packet for maintaining data from the information processing device in addition to the packet for maintaining connection with the information processing device from the client device. If it is determined that the connection has been established, in addition to the packet for the purpose of maintaining the connection with the information processing device from the client device, the data acquisition from the information processing device is performed without controlling the disconnection. the when it is determined that it has not received the packet of interest, the program of the information processing apparatus, characterized in that to function as a means for controlling so as to disconnect the connection with the client device. An information processing system including a plurality of client devices and an information processing device,
Packet receiving means for receiving a packet from the client device;
The packet received by the packet receiving unit is not a packet for the purpose of obtaining data from the information processing apparatus, but is a packet for maintaining the connection between the client apparatus that transmitted the packet and the information processing apparatus. determination means for determining,
Before Symbol judging means, when the packet received by said packet receiving means is determined to be a packet for the purpose of maintaining the connection between the sending client device and the information processing apparatus of the packet, the client device Disconnection control means for controlling to disconnect the connection with
From the client device that is the source of the packet determined to be the packet intended to maintain the connection by the determination unit, in addition to the packet, receiving a packet intended to obtain data from the information processing device Packet determination means for determining whether the
With
The disconnection control unit receives, by the packet determination unit, a packet for the purpose of obtaining data from the information processing device in addition to a packet for maintaining the connection with the information processing device from the client device. If it is determined that the connection has been established, in addition to the packet for the purpose of maintaining the connection with the information processing device from the client device, the data acquisition from the information processing device is performed without controlling the disconnection. An information processing apparatus system for controlling to disconnect the connection with the client device when it is determined that a packet for the purpose has not been received .

Images