CN104580211A - SOA architecture-based intrusive system - Google Patents
SOA architecture-based intrusive system Download PDFInfo
- Publication number
- CN104580211A CN104580211A CN201510008505.7A CN201510008505A CN104580211A CN 104580211 A CN104580211 A CN 104580211A CN 201510008505 A CN201510008505 A CN 201510008505A CN 104580211 A CN104580211 A CN 104580211A
- Authority
- CN
- China
- Prior art keywords
- interface
- platform
- service
- user
- integration platform
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000010354 integration Effects 0.000 claims abstract description 48
- 238000000034 method Methods 0.000 claims abstract description 6
- 235000014510 cooky Nutrition 0.000 claims description 12
- 230000036651 mood Effects 0.000 claims description 11
- 230000001360 synchronised effect Effects 0.000 claims description 5
- 238000004088 simulation Methods 0.000 claims description 4
- 230000006870 function Effects 0.000 abstract description 12
- 230000008520 organization Effects 0.000 abstract 2
- 230000009191 jumping Effects 0.000 abstract 1
- 238000007726 management method Methods 0.000 description 26
- 230000000694 effects Effects 0.000 description 3
- 230000009897 systematic effect Effects 0.000 description 2
- 239000012141 concentrate Substances 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000007935 neutral effect Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an SOA architecture-based intrusive system, which comprises three parts: an integrated management platform, an ESB and an integration platform SDK; the integrated management platform comprises login, unified authentication, a unified interface, unified user management, organization and organization management, unified resource management and menu management functions; the ESB is used for issuing main data synchronization service, task message service and login authentication service in the integration platform; the integration platform SDK mainly comprises three parts: resource access controllers, local interfaces, and other tools. The invention has the following characteristics: the user can see the functional modules of all systems in the authority range of the user only by logging in once, so that direct access operation can be performed, and frequent jumping among different systems is avoided; higher safety guarantee is provided, the possibility of illegal interception and damage to user information synchronization between systems is reduced, and the safety is correspondingly improved; preventing abuse of rights after information sharing; and the method provides specifications for the development of various service systems.
Description
Technical field
The present invention relates to technical field of information management, specifically a kind of intrusive mood system based on SOA framework.
Background technology
At present, the informatization of various places tax system is flourish, more self-built operation systems, such as electronics tax source management, tax administrator system platform and some other auxiliary decision-making inquiry type systematic, follow-uply also will develop some new operation systems.Current system in use exposes some problems, mainly concentrates on following three aspects:
1) because system is independent separately, an overall function view cannot be formed, user must log according to corresponding system identity before each application system of use, and user must remember the username and password of each system for this reason, and this brings many troubles to user.
2) each system is separate, when in use repeatedly carrying out Business Processing across multiple system, needs frequent redirect between different systems, brings a lot of inconvenience like this to practical operation.
3) independently developed system has played effective effect in work in every, is necessary that practice effect is good, to have promotional value application experience absorbs and is incorporated in platform, play larger effect.At present, independently developed system lacks the user interface of unified planning, user management and rights management, there is larger second-time development workload in integration process.In order to economize on resources, raise the efficiency, be necessary to propose unified exploitation standards and norms, instructing the exploitation of the transformation of existed system and newly-built system.
Summary of the invention
Technical assignment of the present invention is to provide a kind of intrusive mood system based on SOA framework.
Technical assignment of the present invention realizes in the following manner, and this system is made up of three parts: Integrated Management Platform, ESB and integration platform SDK;
Integrated Management Platform comprises login, unified certification, unified interface, Union user management, information department management, unified resource management, menu management function; Master data in Integrated Management Platform is for self and other system;
ESB is for issuing master data synchronous service in integration platform, task message service and login authentication service, and system provides EJB and WebService two kinds of interface protocols;
Three parts are mainly comprised: resource access controller, local interface and other instruments in integration platform SDK; Resource access controller, the access control safety of protection operation system itself; Local interface encapsulates the access to remote service, facilitates the exploitation of operation system; Other instrument is for convenience of the simulation login interface of operation system exploitation debugging.
The flow process of described login authentication service is as follows:
1) user is logged in from integration by browser; The login service integrated accepts request, and the authentication service of calling platform obtains the operating right information of user, if certification by; establishment sessionID is saved in database; Integration platform creates platform Cookie, comprises sessionID information in Cookie;
2) in homepage, user clicks menu corresponding to certain operation system function, then this request is directly sent to corresponding operation system, and is received by the resource access controller of operation system;
3) resource access controller of operation system calls the login authentication interface in Interface.jar again according to the cookie information in request; Login authentication interface in interface.jar is according to the interface protocol invokes authentication interface of system configuration;
4) business end calls the authentication service that integration platform is issued;
5) sessionID in EJB interface interchange integration platform verifies, after being verified, for this user creates the session in this service application, again request is turned to corresponding function pages: the resource of the direct access service system of user, link can be forwarded to integration platform and carry out authentication service by access controller simultaneously; Access url, sessionID, system identifier and user id are spliced in integration platform access links by access controller, return to browser; Link is forwarded to integration platform by browser; After integration platform is proved to be successful, link is forwarded to business platform; After business platform checking, the resource that user accesses is returned to browser.
Login authentication interface in described step 3) in interface.jar calls authentication interface in EjbClient.jar or WebService.jar according to the interface protocol of system configuration.
Compared to the prior art a kind of intrusive mood system based on SOA framework of the present invention, has following characteristics:
User only need once log in the systematic functional module can seen in his extent of competence, can carry out direct accessing operation, avoids the frequent redirect between different system; Provide higher safety guarantee, effectively reduce the synchronous suffered illegal possibility intercepted and captured and destroy of user profile between system, corresponding raising fail safe; Carry out effective unitized management to the right assignment of each application system in platform and permission modification, the service condition of various authority of auditing, prevents the privilege abuse after information sharing; For future, the exploitation of all kinds of operation system will provide specification.
Accompanying drawing explanation
Accompanying drawing 1 is a kind of block architecture diagram of the intrusive mood system based on SOA framework.
Accompanying drawing 2 is a kind of login authentication schematic flow sheet of the intrusive mood system based on SOA framework.
Embodiment
Embodiment 1:
Should be made up of three parts based on the intrusive mood system of SOA framework: Integrated Management Platform, ESB and integration platform SDK;
Integrated Management Platform comprises login, unified certification, unified interface, Union user management, information department management, unified resource management, menu management function; Master data in Integrated Management Platform is for self and other system;
ESB is for issuing master data synchronous service in integration platform, task message service and login authentication service, and system provides EJB and WebService two kinds of interface protocols;
Three parts are mainly comprised: resource access controller, local interface and other instruments in integration platform SDK; Resource access controller, the access control safety of protection operation system itself; Local interface encapsulates the access to remote service, facilitates the exploitation of operation system; Other instrument is for convenience of the simulation login interface of operation system exploitation debugging.
The flow process of described login authentication service is as follows:
1) user is logged in from integration by browser; The login service integrated accepts request, and the authentication service of calling platform obtains the operating right information of user, if certification by; establishment sessionID is saved in database; Integration platform creates platform Cookie, comprises sessionID information in Cookie;
2) in homepage, user clicks menu corresponding to certain operation system function, then this request is directly sent to corresponding operation system, and is received by the resource access controller of operation system;
3) resource access controller of operation system calls the login authentication interface in Interface.jar again according to the cookie information in request; Login authentication interface in interface.jar calls authentication interface in WebService.jar according to the interface protocol of system configuration;
4) business end calls the authentication service that integration platform is issued;
5) sessionID in EJB interface interchange integration platform verifies, after being verified, for this user creates the session in this service application, again request is turned to corresponding function pages: the resource of the direct access service system of user, link can be forwarded to integration platform and carry out authentication service by access controller simultaneously; Access url, sessionID, system identifier and user id are spliced in integration platform access links by access controller, return to browser; Link is forwarded to integration platform by browser; After integration platform is proved to be successful, link is forwarded to business platform; After business platform checking, the resource that user accesses is returned to browser.
Embodiment 2:
Should be made up of three parts based on the intrusive mood system of SOA framework: Integrated Management Platform, ESB and integration platform SDK;
Integrated Management Platform comprises login, unified certification, unified interface, Union user management, information department management, unified resource management, menu management function; Master data in Integrated Management Platform is for self and other system;
ESB is for issuing master data synchronous service in integration platform, task message service and login authentication service, and system provides EJB and WebService two kinds of interface protocols;
Three parts are mainly comprised: resource access controller, local interface and other instruments in integration platform SDK; Resource access controller, the access control safety of protection operation system itself; Local interface encapsulates the access to remote service, facilitates the exploitation of operation system; Other instrument is for convenience of the simulation login interface of operation system exploitation debugging.
The flow process of described login authentication service is as follows:
1) user is logged in from integration by browser; The login service integrated accepts request, and the authentication service of calling platform obtains the operating right information of user, if certification by; establishment sessionID is saved in database; Integration platform creates platform Cookie, comprises sessionID information in Cookie;
2) in homepage, user clicks menu corresponding to certain operation system function, then this request is directly sent to corresponding operation system, and is received by the resource access controller of operation system;
3) resource access controller of operation system calls the login authentication interface in Interface.jar again according to the cookie information in request; Login authentication interface in interface.jar calls authentication interface in EjbClient.jar according to the interface protocol of system configuration;
4) business end calls the authentication service that integration platform is issued;
5) sessionID in EJB interface interchange integration platform verifies, after being verified, for this user creates the session in this service application, again request is turned to corresponding function pages: the resource of the direct access service system of user, link can be forwarded to integration platform and carry out authentication service by access controller simultaneously; Access url, sessionID, system identifier and user id are spliced in integration platform access links by access controller, return to browser; Link is forwarded to integration platform by browser; After integration platform is proved to be successful, link is forwarded to business platform; After business platform checking, the resource that user accesses is returned to browser.
SOA framework and Services Oriented Achitecture are component models, and it defines good interface between being served by these by the different function units (being called service) of application program and contract connects.Interface adopts neutral mode to carry out defining, and it should independent of hardware platform, operating system and the programming language realizing serving.This makes the service be structured in various system that a kind of unification and general mode can be used to carry out alternately.
By embodiment above, described those skilled in the art can be easy to realize the present invention.But should be appreciated that the present invention is not limited to above-mentioned several embodiments.On the basis of disclosed execution mode, described those skilled in the art can the different technical characteristic of combination in any, thus realizes different technical schemes.
Claims (3)
1. based on an intrusive mood system for SOA framework, it is characterized in that, this system is made up of three parts: Integrated Management Platform, ESB and integration platform SDK;
Integrated Management Platform comprises login, unified certification, unified interface, Union user management, information department management, unified resource management, menu management function; Master data in Integrated Management Platform is for self and other system;
ESB is for issuing master data synchronous service in integration platform, task message service and login authentication service, and system provides EJB and WebService two kinds of interface protocols;
Three parts are mainly comprised: resource access controller, local interface and other instruments in integration platform SDK; Resource access controller, the access control safety of protection operation system itself; Local interface encapsulates the access to remote service, facilitates the exploitation of operation system; Other instrument is for convenience of the simulation login interface of operation system exploitation debugging.
2. a kind of intrusive mood system based on SOA framework according to claim 1, is characterized in that, the flow process of described login authentication service is as follows:
1) user is logged in from integration by browser; The login service integrated accepts request, and the authentication service of calling platform obtains the operating right information of user, if certification by; establishment sessionID is saved in database; Integration platform creates platform Cookie, comprises sessionID information in Cookie;
2) in homepage, user clicks menu corresponding to certain operation system function, then this request is directly sent to corresponding operation system, and is received by the resource access controller of operation system;
3) resource access controller of operation system calls the login authentication interface in Interface.jar again according to the cookie information in request; Login authentication interface in interface.jar is according to the interface protocol invokes authentication interface of system configuration;
4) business end calls the authentication service that integration platform is issued;
5) sessionID in EJB interface interchange integration platform verifies, after being verified, for this user creates the session in this service application, again request is turned to corresponding function pages: the resource of the direct access service system of user, link can be forwarded to integration platform and carry out authentication service by access controller simultaneously; Access url, sessionID, system identifier and user id are spliced in integration platform access links by access controller, return to browser; Link is forwarded to integration platform by browser; After integration platform is proved to be successful, link is forwarded to business platform; After business platform checking, the resource that user accesses is returned to browser.
3. a kind of intrusive mood system based on SOA framework according to claim 2, it is characterized in that, the login authentication interface in described interface.jar calls authentication interface in EjbClient.jar or WebService.jar according to the interface protocol of system configuration.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510008505.7A CN104580211B (en) | 2015-01-08 | 2015-01-08 | SOA architecture-based intrusive system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510008505.7A CN104580211B (en) | 2015-01-08 | 2015-01-08 | SOA architecture-based intrusive system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104580211A true CN104580211A (en) | 2015-04-29 |
| CN104580211B CN104580211B (en) | 2018-02-23 |
Family
ID=53095392
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510008505.7A Active CN104580211B (en) | 2015-01-08 | 2015-01-08 | SOA architecture-based intrusive system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104580211B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109462601A (en) * | 2018-12-13 | 2019-03-12 | 中国联合网络通信集团有限公司 | Multi-platform access method and device based on eSIM |
| CN110198235A (en) * | 2019-05-16 | 2019-09-03 | 成都品果科技有限公司 | A kind of transferring system and method applied to multisystem service end interface calling |
| CN111008888A (en) * | 2019-12-07 | 2020-04-14 | 烟台海颐软件股份有限公司 | Electricity selling platform management system based on master control service |
| CN111210194A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Business support system and method special for enterprise tax system |
| CN111382421A (en) * | 2020-03-19 | 2020-07-07 | 深信服科技股份有限公司 | Service access control method, system, electronic device and storage medium |
| CN113238736A (en) * | 2021-05-28 | 2021-08-10 | 中核检修有限公司 | Method for generating integrated platform |
| CN113973017A (en) * | 2021-10-26 | 2022-01-25 | 北京华品博睿网络技术有限公司 | Business intelligent platform data processing system and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080120380A1 (en) * | 2006-11-17 | 2008-05-22 | International Business Machines Corporation | Internet relay chat (irc) framework for a global enterprise service bus (esb) |
| CN103118030A (en) * | 2013-02-22 | 2013-05-22 | 浪潮电子信息产业股份有限公司 | Desktop cloud based identity authentication method |
| CN103839138A (en) * | 2014-03-08 | 2014-06-04 | 成都文昊科技有限公司 | System for supporting interaction of multiple heterogeneous systems |
| CN104049601A (en) * | 2014-03-19 | 2014-09-17 | 杨明 | Intelligent life centralized management integrated method, device and platform |
-
2015
- 2015-01-08 CN CN201510008505.7A patent/CN104580211B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080120380A1 (en) * | 2006-11-17 | 2008-05-22 | International Business Machines Corporation | Internet relay chat (irc) framework for a global enterprise service bus (esb) |
| CN103118030A (en) * | 2013-02-22 | 2013-05-22 | 浪潮电子信息产业股份有限公司 | Desktop cloud based identity authentication method |
| CN103839138A (en) * | 2014-03-08 | 2014-06-04 | 成都文昊科技有限公司 | System for supporting interaction of multiple heterogeneous systems |
| CN104049601A (en) * | 2014-03-19 | 2014-09-17 | 杨明 | Intelligent life centralized management integrated method, device and platform |
Non-Patent Citations (1)
| Title |
|---|
| 隋宏伟: "《基于SOA的企业应用集成框架研究》", 《中国优秀硕士论文全文数据库(硕士)信息科技辑》 * |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109462601A (en) * | 2018-12-13 | 2019-03-12 | 中国联合网络通信集团有限公司 | Multi-platform access method and device based on eSIM |
| CN109462601B (en) * | 2018-12-13 | 2020-12-22 | 中国联合网络通信集团有限公司 | Multi-platform access method and device based on eSIM |
| CN110198235A (en) * | 2019-05-16 | 2019-09-03 | 成都品果科技有限公司 | A kind of transferring system and method applied to multisystem service end interface calling |
| CN111008888A (en) * | 2019-12-07 | 2020-04-14 | 烟台海颐软件股份有限公司 | Electricity selling platform management system based on master control service |
| CN111210194A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Business support system and method special for enterprise tax system |
| CN111382421A (en) * | 2020-03-19 | 2020-07-07 | 深信服科技股份有限公司 | Service access control method, system, electronic device and storage medium |
| CN111382421B (en) * | 2020-03-19 | 2024-04-09 | 深信服科技股份有限公司 | Service access control method, system, electronic equipment and storage medium |
| CN113238736A (en) * | 2021-05-28 | 2021-08-10 | 中核检修有限公司 | Method for generating integrated platform |
| CN113973017A (en) * | 2021-10-26 | 2022-01-25 | 北京华品博睿网络技术有限公司 | Business intelligent platform data processing system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104580211B (en) | 2018-02-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104580211A (en) | SOA architecture-based intrusive system | |
| US20200296143A1 (en) | Dynamic Client Registration for an Identity Cloud Service | |
| JP6917331B2 (en) | Multi-tenant identity and data security management cloud service | |
| CN104348777B (en) | The access control method and system of a kind of mobile terminal to third-party server | |
| US9210160B2 (en) | Establishing and maintaining an improved single sign-on (SSO) facility | |
| JP2021528722A (en) | Integration of Declarative Third Party Identity Providers for Multitenant Identity Cloud Services | |
| JP2022518638A (en) | Multi-factor authentication without user footprint | |
| JP2021518933A (en) | Local write for multi-tenant identity cloud services | |
| US20130254882A1 (en) | Multi-domain identity interoperability and compliance verification | |
| CN111314340B (en) | Authentication method and authentication platform | |
| CN103560888B (en) | Digital certificate-based unified authentication login method for integrating multiple application systems | |
| CN102281311A (en) | Method, system and device for implementing network service based on open application programming interface | |
| CN103347020B (en) | A kind of system and method across application authorization access | |
| CN103227799A (en) | Implementing method of unified user management and single sign-on platform based on multiple application systems | |
| CN105592003A (en) | Cross-domain single sign-on method and system based on notification | |
| CN104363245A (en) | Remote login system and method based on telnet protocol | |
| CN103078932A (en) | Method, device and system for realizing universal single sign-on | |
| CN105282095A (en) | Login verification method and device of virtual desktop | |
| CN107070894A (en) | A kind of software integrating method based on enterprise's cloud service platform | |
| CN104991831A (en) | SSO system integration method based on server | |
| RU2415466C1 (en) | Method of controlling identification of users of information resources of heterogeneous computer network | |
| CN104363306A (en) | Private cloud management control method for enterprise | |
| CN105959278B (en) | A kind of method, apparatus and system for calling VPN | |
| CN107623671B (en) | Software licensing service implementing method | |
| CN105577686A (en) | Single sign-on method for local area network based on network controller |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200602 Address after: 250100 Inspur Science Park, No. 1036, Inspur Road, high tech Zone, Jinan City, Shandong Province Patentee after: Inspur Software Technology Co.,Ltd. Address before: 250100, No. 2877, fairway, Sun Town, Ji'nan hi tech Zone, Shandong Patentee before: INSPUR GROUP Co.,Ltd. |
|
| TR01 | Transfer of patent right |