CN105141581A - Method and device for providing shared service - Google Patents
Method and device for providing shared service Download PDFInfo
- Publication number
- CN105141581A CN105141581A CN201510446275.2A CN201510446275A CN105141581A CN 105141581 A CN105141581 A CN 105141581A CN 201510446275 A CN201510446275 A CN 201510446275A CN 105141581 A CN105141581 A CN 105141581A
- Authority
- CN
- China
- Prior art keywords
- shared
- directory
- sharing
- configuration
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 20
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 230000007246 mechanism Effects 0.000 abstract description 4
- 238000013507 mapping Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method and a device for providing a shared service. The method comprises the steps of establishing a shared directory; carrying out sharing configuration for the shared directory based on different user authority control levels; and restarting the shared service so as to finish the sharing configuration of the shared directory. According to the method and the device for providing the shared service, an HTTP (Hyper Text Transport Protocol) is used as a file sharing protocol, a new file sharing mode is provided for a storage system, and a Windows client is supported to visit respectively in a Windows resource manager mode and an IE (Internet Explorer) browser mode. In addition, an HTTP user management and authority control mechanism is provided, and safety and reliability of data of the storage system are improved.
Description
Technical Field
The present invention relates to storage technologies, and in particular, to a method and an apparatus for providing a shared service.
Background
Common file sharing protocols in an NAS (network attached storage) storage system include CIFS (common Internet file system), NFS (network file system), and FTP (file transfer protocol). The system provides file sharing service for the outside by using the protocol and provides different cluster storage access modes for the client.
HTTP (hypertext transfer protocol) is generally used to set up a web server to provide a web access service to the outside, and a client can view and download files through a browser access mode. When the client has richer file management requirements, a browser mode which can only provide browsing and downloading functions for a user cannot meet requirements such as file uploading and modification, and the like, so that the HTTP protocol is urgently required to provide wider file management functions for the user, and the client can manage remote storage system resources through the HTTP protocol like local disk files.
Disclosure of Invention
In order to solve the above technical problems, the present invention provides a method and an apparatus for providing a sharing service, which can enable an HTTP protocol to be used as a file sharing protocol to provide the file sharing service to the outside.
In order to achieve the object of the present invention, the present invention provides a method for providing a shared service, comprising:
creating a shared directory;
sharing configuration is carried out on the sharing directory according to different user authority control levels;
and restarting the sharing service to complete the sharing configuration of the sharing directory.
Further, the performing sharing configuration on the shared directory according to different user authority control levels includes:
the shared directory is configured to allow anonymous access.
Further, the performing sharing configuration on the shared directory according to different user authority control levels includes:
different shared spaces are distributed for different users, and information among the users is isolated.
Further, the performing sharing configuration on the shared directory according to different user authority control levels includes:
and configuring access authority according to the authority requirements of different users on the files, and sharing information among the users.
Further, the restarting the sharing service to complete the sharing configuration of the shared directory includes:
setting the owner and the affiliated group of the shared directory as a system user;
setting the file authority of the user identity conversion file to allow any user to execute the file authority;
adding a lock file for the shared directory;
a shared service restart operation is performed.
Further, an apparatus for providing a shared service, comprising: directory creation unit, configuration unit and restart unit, wherein:
the catalog creating unit is used for creating a shared catalog;
the configuration unit is used for sharing and configuring the shared directory according to different user authority control levels;
and the restarting unit is used for restarting the sharing service to complete the sharing configuration of the sharing directory.
Further, the configuration unit performs sharing configuration on the shared directory according to different user authority control levels, including:
the shared directory is configured to allow anonymous access.
Further, the configuration unit performs sharing configuration on the shared directory according to different user authority control levels, including:
different shared spaces are distributed for different users, and information among the users is isolated.
Further, the configuration unit performs sharing configuration on the shared directory according to different user authority control levels, including:
and configuring access authority according to the authority requirements of different users on the files, and sharing information among the users.
Further, the restarting unit restarts the shared service to complete the shared configuration of the shared directory, including:
setting the owner and the affiliated group of the shared directory as a system user;
setting the file authority of the user identity conversion file to allow any user to execute the file authority;
adding a lock file for the shared directory;
a shared service restart operation is performed.
Compared with the prior art, the method comprises the steps of creating a shared directory; sharing configuration is carried out on the sharing directory according to different user authority control levels; and restarting the sharing service to complete the sharing configuration of the sharing directory. The invention uses the HTTP protocol as the file sharing protocol, provides a new file sharing mode for the storage system, supports the Windows client to access in the Windows resource manager and the IE browser respectively, and provides the HTTP user management and authority control mechanism, thereby improving the safety and reliability of the data of the storage system.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the example serve to explain the principles of the invention and not to limit the invention.
FIG. 1 is a flow chart of a method of providing shared services in accordance with the present invention;
fig. 2 is an architecture diagram of a device for providing shared services according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, embodiments of the present invention will be described in detail below with reference to the accompanying drawings. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
The steps illustrated in the flow charts of the figures may be performed in a computer system such as a set of computer-executable instructions. Also, while a logical order is shown in the flow diagrams, in some cases, the steps shown or described may be performed in an order different than here.
The invention provides that in an NAS storage system, an HTTP (hyper text transport protocol) is used as a file sharing protocol to provide file sharing service for the outside, and a Windows client can directly access the storage system through a Windows resource manager to upload or download files as common CIFS (common information sharing file system) sharing is accessed. Meanwhile, the method provides a user management and authority control mechanism to ensure the safety and reliability of shared access to the storage system by multiple users.
The HTTP is used as a file sharing protocol to provide file sharing service for the client, and supports the Windows client to access in two modes, namely a Windows mapping network driver and an IE browser, wherein the mapping network driver mode only supports Windows versions of Win7 and above, the IE browser supports Windows server2003 and above, and if the file uploading function is required, the file sharing service is realized by using a Win7 and above version client mapping network driver. Besides ensuring the normal operation of the file service, the invention also processes the authentication and authorization, authority management and other mechanisms of the HTTP user, and further improves the reliability and the safety of the HTTP file sharing service in the NAS storage system.
As shown in fig. 1, the method for providing a shared service of the present invention includes:
step 101: creating a shared directory;
step 102: sharing configuration is carried out on the shared directory according to different user authority control levels;
the shared directory is shared and configured according to different user authority control levels, and the shared directory can be: the shared directory is configured to allow anonymous access.
All clients have anonymous access and can read and write the shared directory, that is, no authority control requirement is required on the storage system, and all clients do not need to input user names and passwords when accessing the system.
In the invention, the Apache server is 2.4 version, the version of the operating system is RHEL-7.0, the virtual port is 80, and the rear-end storage mounting point is/clusterdata/httpdata is taken as an example to illustrate that the shared directory is shared and configured by the invention.
Adding the following contents at the end of the configuration file/etc/httpd/conf/httpd.conf of the http service:
the shared directory is shared and configured according to different user authority control levels, and the method can also be as follows: different shared spaces are distributed for different users, and information among the users is isolated. For example:
(1) the user1, the user2 and the user3 can read and write the root directory/clusterdata/httpdata;
(2) only the user1 can read and write the catalog/clusterdata/httpdata/user 1;
(3) only the user2 can read and write the catalog/clusterdata/httpdata/user 2;
the above requires that the users user1, user2, user3 already exist, executing the following commands:
#mkdir-p/clusterdata/httpdata/user1/clusterdata/httpdata/user2
and executing # vi/etc/httpd/conf/httpd. conf to view the file content, and adding configuration and description at the end as follows:
the shared directory is shared and configured according to different user authority control levels, and the method can also be as follows: and configuring access authority according to the authority requirements of different users on the files, and sharing information among the users.
For example:
(1) the user1, the user2 and the user3 can read and write the root directory/clusterdata/httpdata;
(2) only the user2 can read and write the catalog/clusterdata/httpdata/user 1, and the users 1 and 3 can read the catalog but cannot modify (newly create, rename and delete);
(3) only the user2 can read and write the catalog/clusterdata/httpdata/user 2;
the above requires that the users user1, user2, user3 already exist, executing the following commands:
#mkdir-p/clusterdata/httpdata/user1/clusterdata/httpdata/user2
and executing # vi/etc/httpd/conf/httpd. conf to view the file content, and adding configuration and description at the end as follows:
step 103: and restarting the sharing service to complete the sharing configuration of the sharing directory.
The invention restarts the sharing service to complete the sharing configuration of the sharing directory, which comprises:
setting the owner and the affiliated group of the shared directory as a system user;
setting the file authority of the user identity conversion file to allow any user to execute the file authority;
adding a lock file for the shared directory;
a shared service restart operation is performed.
The invention can sequentially execute the following commands to complete the configuration of the HTTP sharing service:
apache/clusterdata/httpdata (the owner and the group to which the shared directory belongs are set as the apache of the system user);
# chmod4775/usr/bin/pwauth (setting the file permissions of the user identity conversion file to allow any user to execute);
# touch/var/lib/dav/lockdb (add lock file for shared directory);
# systemctlrestarthttpd (performs a shared service restart operation).
As shown in fig. 2, the present invention also provides an apparatus for providing a shared service, including: directory creation unit, configuration unit and restart unit, wherein:
a directory creating unit for creating a shared directory;
the configuration unit is used for carrying out sharing configuration on the sharing directory according to different user authority control levels;
and the restarting unit is used for restarting the sharing service to complete the sharing configuration of the sharing directory.
Further, the configuration unit performs sharing configuration on the shared directory according to different user authority control levels, including: the shared directory is configured to allow anonymous access. Or,
the configuration unit performs sharing configuration on the shared directory according to different user authority control levels, and the sharing configuration comprises the following steps: different shared spaces are distributed for different users, and information among the users is isolated. Or,
the configuration unit performs sharing configuration on the shared directory according to different user authority control levels, and the sharing configuration comprises the following steps: and configuring access authority according to the authority requirements of different users on the files, and sharing information among the users.
Further, the restarting unit restarts the sharing service to complete the sharing configuration of the shared directory, including:
setting an owner and a group to which the shared directory belongs as system users;
setting the file authority of the user identity conversion file to allow any user to execute the file authority;
adding a lock file for the shared directory;
a shared service restart operation is performed.
Although the embodiments of the present invention have been described above, the above description is only for the convenience of understanding the present invention, and is not intended to limit the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A method of providing a shared service, comprising:
creating a shared directory;
sharing configuration is carried out on the sharing directory according to different user authority control levels;
and restarting the sharing service to complete the sharing configuration of the sharing directory.
2. The method of claim 1, wherein the shared configuring the shared directory according to different user permission control levels comprises:
the shared directory is configured to allow anonymous access.
3. The method of claim 1, wherein the shared configuring the shared directory according to different user permission control levels comprises:
different shared spaces are distributed for different users, and information among the users is isolated.
4. The method of claim 1, wherein the shared configuring the shared directory according to different user permission control levels comprises:
and configuring access authority according to the authority requirements of different users on the files, and sharing information among the users.
5. The method according to any one of claims 1 to 4, wherein the restarting the shared service to complete the shared configuration of the shared directory comprises:
setting the owner and the affiliated group of the shared directory as a system user;
setting the file authority of the user identity conversion file to allow any user to execute the file authority;
adding a lock file for the shared directory;
a shared service restart operation is performed.
6. An apparatus for providing shared services, comprising: directory creation unit, configuration unit and restart unit, wherein:
the catalog creating unit is used for creating a shared catalog;
the configuration unit is used for sharing and configuring the shared directory according to different user authority control levels;
and the restarting unit is used for restarting the sharing service to complete the sharing configuration of the sharing directory.
7. The apparatus of claim 6, wherein the configuration unit performs shared configuration on the shared directory according to different user permission control levels, and comprises:
the shared directory is configured to allow anonymous access.
8. The apparatus of claim 6, wherein the configuration unit performs shared configuration on the shared directory according to different user permission control levels, and comprises:
different shared spaces are distributed for different users, and information among the users is isolated.
9. The apparatus of claim 6, wherein the configuration unit performs shared configuration on the shared directory according to different user permission control levels, and comprises:
and configuring access authority according to the authority requirements of different users on the files, and sharing information among the users.
10. The apparatus according to any one of claims 6 to 9, wherein the restarting unit restarts the shared service to complete shared configuration of the shared directory, including:
setting the owner and the affiliated group of the shared directory as a system user;
setting the file authority of the user identity conversion file to allow any user to execute the file authority;
adding a lock file for the shared directory;
a shared service restart operation is performed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510446275.2A CN105141581A (en) | 2015-07-27 | 2015-07-27 | Method and device for providing shared service |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510446275.2A CN105141581A (en) | 2015-07-27 | 2015-07-27 | Method and device for providing shared service |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105141581A true CN105141581A (en) | 2015-12-09 |
Family
ID=54726790
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510446275.2A Pending CN105141581A (en) | 2015-07-27 | 2015-07-27 | Method and device for providing shared service |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105141581A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105956833A (en) * | 2016-06-12 | 2016-09-21 | 中国十七冶集团有限公司 | Road construction enterprise application cloud platform and use method |
| CN107357723A (en) * | 2017-06-22 | 2017-11-17 | 上海斐讯数据通信技术有限公司 | A kind of administration authority method of testing and device |
| CN107491535A (en) * | 2017-08-22 | 2017-12-19 | 郑州云海信息技术有限公司 | A kind of method and device of file mount |
| CN107819841A (en) * | 2017-11-02 | 2018-03-20 | 郑州云海信息技术有限公司 | Dynamic resource allocation method, device, equipment and the storage medium shared based on NAS |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572660A (en) * | 2008-04-30 | 2009-11-04 | 北京明朝万达科技有限公司 | Comprehensive control method for preventing leakage of data |
| CN101986651A (en) * | 2010-08-26 | 2011-03-16 | 上海网众信息技术有限公司 | Remote storage method, remote storage system and client |
-
2015
- 2015-07-27 CN CN201510446275.2A patent/CN105141581A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101572660A (en) * | 2008-04-30 | 2009-11-04 | 北京明朝万达科技有限公司 | Comprehensive control method for preventing leakage of data |
| CN101986651A (en) * | 2010-08-26 | 2011-03-16 | 上海网众信息技术有限公司 | Remote storage method, remote storage system and client |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105956833A (en) * | 2016-06-12 | 2016-09-21 | 中国十七冶集团有限公司 | Road construction enterprise application cloud platform and use method |
| CN107357723A (en) * | 2017-06-22 | 2017-11-17 | 上海斐讯数据通信技术有限公司 | A kind of administration authority method of testing and device |
| CN107491535A (en) * | 2017-08-22 | 2017-12-19 | 郑州云海信息技术有限公司 | A kind of method and device of file mount |
| CN107819841A (en) * | 2017-11-02 | 2018-03-20 | 郑州云海信息技术有限公司 | Dynamic resource allocation method, device, equipment and the storage medium shared based on NAS |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220147494A1 (en) | Systems and methods for providing access to a data file stored at a data storage system | |
| JP6518002B2 (en) | Selective synchronization and decentralized content item block caching for multi-premise hosting of digital content items | |
| CN106537881B (en) | Method and computing equipment for allowing synchronous access to cloud storage system based on stub tracking | |
| US10838920B2 (en) | Plug-in function platform and methods | |
| US10001913B2 (en) | Shared workspaces with selective content item synchronization | |
| US10044828B2 (en) | Resource upload | |
| US9239762B1 (en) | Method and apparatus for virtualizing file system placeholders at a computer | |
| US10296595B2 (en) | Multi-level namespace management system and method thereof for hybrid cloud storage systems | |
| EP3555771B1 (en) | Systems and methods for list retrieval in a storage device | |
| US8789152B2 (en) | Method for managing authentication procedures for a user | |
| US20190180044A1 (en) | Internal folder sharing | |
| TW201407374A (en) | An integrated storage platform system and method thereof | |
| US20140304324A1 (en) | Content management apparatus, content management method, and program | |
| US10789375B2 (en) | Unified storage management | |
| WO2019047976A1 (en) | Network file management method, terminal and computer readable storage medium | |
| CN105141581A (en) | Method and device for providing shared service | |
| US20180267989A1 (en) | Shared Workspaces with Selective Content Item Synchronization | |
| US9116911B2 (en) | Remote file sharing based on content filtering | |
| Hsu et al. | Secure file system services for web 2.0 applications | |
| US20190057193A1 (en) | Policy-based mobile access to shared network resources | |
| Hajnal et al. | Remote storage resource management in WS-PGRADE/gUSE | |
| Vazquez et al. | Network File System | |
| Vazquez et al. | CIFS Integration | |
| CN118540315A (en) | Communication method based on cloud computing technology and related equipment | |
| Payne et al. | An ASIC DSP engine compiler: philosophy and applications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151209 |
|
| RJ01 | Rejection of invention patent application after publication |