CN105337935B - A kind of method and apparatus for establishing client and the long connection of server-side - Google Patents
A kind of method and apparatus for establishing client and the long connection of server-side Download PDFInfo
- Publication number
- CN105337935B CN105337935B CN201410326014.2A CN201410326014A CN105337935B CN 105337935 B CN105337935 B CN 105337935B CN 201410326014 A CN201410326014 A CN 201410326014A CN 105337935 B CN105337935 B CN 105337935B
- Authority
- CN
- China
- Prior art keywords
- connection
- server
- key
- client
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The application provides a kind of method and apparatus for establishing client and the long connection of server-side.The described method includes: obtaining key, connection ID and connection server address from key server;According to the connection server address, connection request is sent to the connection server, carries the connection ID in the connection request, so that the connection server is to the corresponding key of the key server acquisition connection ID;Mutually decryption verification is carried out by the key between the connection server, and in decryption verification by establishing connection with the connection server afterwards;Heartbeat message is sent to the connection server by the preset time cycle.The application uses the communications protocol of autonomous Design, realizes and establishes long connection in client and server-side, while the data that can be transmitted to user are encrypted, safety is higher.
Description
Technical field
This application involves field of communication technology more particularly to a kind of methods and dress for establishing client and the long connection of server-side
It sets.
Background technique
With the rapid development of Internet technology, user can be by the client of application software come implementation and application software
Server-side establish connection, carry out information exchange.Such as: Alipay client, Taobao's client etc..
Server-side, can also be to the various information of client push after establishing connection with client.However, server-side and visitor
Connection between the end of family is usually initiated by client, if not establishing connection in advance, server-side will be unable to push information to visitor
Family end.So a kind of solution for establishing the long connection of client and server-side urgently provides.
Summary of the invention
In view of this, the application provides a kind of method and apparatus for establishing client and the long connection of server-side.
Specifically, the application is achieved by the following technical solution:
A method of client and the long connection of server-side being established, using on the client, which comprises
Key, connection ID and connection server address are obtained from key server;
According to the connection server address, connection request is sent to the connection server, is taken in the connection request
With the connection ID, so that the connection server obtains the corresponding key of the connection ID to the key server;
Between the connection server by the key carry out mutually decryption verification, and decryption verification by afterwards with
The connection server establishes connection;
Heartbeat message is sent to the connection server by the preset time cycle.
A method of client and the long connection of server-side are established, is applied on connection server, which comprises
The connection request that client is sent is received, the connection ID of client is carried in the connection request;
The corresponding key of the connection ID is obtained from key server;
Between the client by the key carry out mutually decryption verification, and decryption verification by afterwards with it is described
Client establishes connection;
The heartbeat message that client is sent is received, with the connection between maintenance and client.
A kind of device for establishing the long connection of client and server-side, using on the client, described device includes:
First acquisition unit obtains key, connection ID and connection server address from key server;
Request transmitting unit, according to the connection server address, transmission connection request is described to the connection server
The connection ID is carried in connection request, so that the connection server obtains the connection ID pair to the key server
The key answered;
Mutually decryption verification is carried out by the key between first verification unit, with the connection server, and is being solved
Close verification is by establishing connection with the connection server afterwards;
First heartbeat unit sends heartbeat message to the connection server by the preset time cycle.
A kind of device for establishing client and the long connection of server-side, is applied on connection server, described device includes:
Request reception unit receives the connection request that client is sent, the company of client is carried in the connection request
Meet ID;
Second acquisition unit obtains the corresponding key of the connection ID from key server;
Mutually decryption verification is carried out by the key between second verification unit, with the client, and in decryption school
It tests and establishes connection with the client by rear;
Second heartbeat unit receives the heartbeat message that client is sent, with the connection between maintenance and client.
By the application client it can be seen from above description before being communicated with server-side, first obtained from key server close
Key, connection ID and the connection information such as server address, then client and connection server by carry out mutually decryption verification with
Handshake procedure is completed, is connected subsequently through heartbeat message maintenance and the long of server-side.The application is assisted using the communication of autonomous Design
View, and can realize that the data to user's transmission are encrypted simultaneously, safety is higher.
Detailed description of the invention
Fig. 1 is the flow chart that the method for client and the long connection of server-side is established in one embodiment of the application.
Fig. 2 is the flow chart that the method for client and the long connection of server-side is established in another embodiment of the application.
Fig. 3 is the flow chart that the method for client and the long connection of server-side is established in another embodiment of the application.
Fig. 4 is the flow chart that the method for client and the long connection of server-side is established in another embodiment of the application.
Fig. 5 is the message format figure in one embodiment of the application.
Fig. 6 is the structural schematic diagram of subscriber terminal equipment in one embodiment of the application.
Fig. 7 is the apparatus structure schematic diagram that client and the long connection of server-side are established in one embodiment of the application.
Fig. 8 is the structural schematic diagram that server is connected in one embodiment of the application.
Fig. 9 is the apparatus structure schematic diagram that client and the long connection of server-side are established in another embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application.
It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority
Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps
It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from
In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determination ".
Presently, there are aiming at the problem that, the application provides a kind of solution for establishing the long connection of client and server-side.
The network environment of the solution includes: client, connection server, key server and service server.The client
End is typically mounted on subscriber terminal equipment, and user can access the service server of software supplier by client.Institute
State connection server connection client and service server, the message communicated between transfer client and service server.It is described
Key server is used to provide the information such as key, connection server address for client.
Referring to FIG. 1, Fig. 1 is the method for establishing client and the long connection of server-side that one embodiment of the application provides, it should
Method application is on the client, comprising the following steps:
Step 101, key, connection ID and connection server address are obtained from key server.
In the present embodiment, the key server is used to provide key for client, connection ID, connects server
The information such as location, key expiration time.For user when being logged in using client, client obtains data to from the key server
Key used in communicating, and used connection ID and connection server address are communicated with service server.The connection
ID is the unique identification of client communication, and the connection ID of different clients is different, and the connection server address can be multiple.
Step 102, according to the connection server address, connection request is sent to the connection server, the connection
The connection ID is carried in request, so that the connection server is corresponding to the key server acquisition connection ID
Key.
Based on the connection server address that step 101 is got, client is with can randomly selecting a connection server
Location is initiated the connection to it, and carries the connection ID that key server provides in a connection request, and the connection server is receiving
To after connection request, corresponding key is obtained to the key server according to the connection ID.
Step 103, mutually decryption verification is carried out by the key between the connection server, and is verified in decryption
Connection is established with the connection server by rear.
In the present embodiment, it is based on step 101, client gets key from key server, is based on step 102, even
The key can also be got according to the connection ID carried in client connection request from key server by connecing server.In this step
In rapid, client and connection server pass through according to the key progress mutually decryption verification respectively got if decryption verifies,
Connection server can send successful connection message to notify client connection to be successfully established.
Step 104, heartbeat message is sent to the connection server by the preset time cycle.
Client with connect after server is successfully established connection, by sending heartbeat message periodically come the company of maintenance
The validity connect, in order to which client receives the message of the connection server push.
By the application client it can be seen from above description before being communicated with server-side, first obtained from key server close
Key, connection ID and the connection information such as server address, then client and connection server by carry out mutually decryption verification with
Handshake procedure is completed, is connected subsequently through heartbeat message maintenance and the long of server-side.The application is assisted using the communication of autonomous Design
View, and can realize that the data to user's transmission are encrypted simultaneously, safety is higher.
Referring to FIG. 2, Fig. 2 is the method for establishing client and the long connection of server-side that one embodiment of the application provides, it should
Method is applied on connection server, comprising the following steps:
Step 201, the connection request that client is sent is received, the connection ID of client is carried in the connection request.
Step 202, the corresponding key of the connection ID is obtained from key server.
In the present embodiment, connection server is after the connection request for receiving client transmission, from the connection request
The middle connection ID for obtaining client and carrying, is then sent to key server for the connection ID, is to obtain key server
Send the key of the client distribution of the connection request.
Step 203, mutually decryption verification is carried out by the key between the client, and passed through in decryption verification
Connection is established with the client afterwards.
In the present embodiment, connection server is mutually decrypted based on the key and client got in step 202
Verification sends successful connection message if decryption verification passes through to notify client connection to be successfully established.
Step 204, the heartbeat message that client is sent is received, to safeguard and the connection before client.
Connection server by the application it can be seen from above description after receiving the connection request of client, first from
Key server, which obtains, is handed down to the key of client, then connect server and client side by carry out mutually decryption verification with
Handshake procedure is completed, is connected subsequently through the heartbeat message maintenance and the long of client that receive.The application uses autonomous Design
Communications protocol, and can realize simultaneously to user transmission data be encrypted, safety is higher.
Below with specific implementation during, client and server-side are illustrated for establishing the process of long connection.
Fig. 3 and Fig. 4 are please referred to, what one embodiment of the application provided establishes client and the long method connected of server-side, should
Method the following steps are included:
Step 301, client obtains key, connection ID and connection server address from key server.
In this step, the domain name that the key server would generally be preserved in client, when user uses client
After login system, such as: user inputs username and password on client end interface, and client will be according to the cipher key service of preservation
The information such as the log-on message of user, terminal type and version number are sent to described by key server described in device domain name access
Key server.
Key server is that the client creates key, key expiration time, connection ID, and saves according to above- mentioned information
State the corresponding relationship of information and client log-on message.Meanwhile the key server can also summarize the current client can be with
The connection server address used.Wherein, the key is enciphering and deciphering algorithm, such as: DES (Data Encryption
Standard, data encryption algorithm), AES (Advanced Encryption Standard, Advanced Encryption Standard) etc., this Shen
Please with no restrictions to enciphering and deciphering algorithm.The connection ID and the log-on message of user are corresponding, are the clients in communication process
Used in unique identification, the key server be different clients create different connection IDs.The connection server
Address includes: connection server ip address and port numbers, the connection server address are usually multiple.The cipher key service
The information such as above-mentioned key, key expiration time, connection ID and connection server address are returned to client by device.
Certainly, client is during with key server communication, can also the certificate of authentication secret server whether close
Method is effectively and whether domain name matches etc., and those skilled in the art can be known according to realization process in the related technology, this Shen
It please details are not described herein.
Step 302, client sends connection request to the connection server according to the connection server address.
In this step, client can randomly select a company in the connection server address that key server returns
It connects server and initiates the connection request, and carry connection ID in the connection request.
Step 303, connection server receives the connection request, and it is corresponding close to obtain the connection ID from key server
Key.
In this step, connection server therefrom obtains client and takes after the connection request for receiving client transmission
The connection ID of band, is then sent to key server for the connection ID, and key server sends out the corresponding key of the connection ID
Give the connection server.So far, client and connection server all obtain the key, and then can be according to described close
Verification is decrypted in key.
If the connection server obtains the corresponding key failure of the connection ID, such as: Network Abnormal causes described
Connection server is not received by the key within the preset time, then the connection server disconnects the company with client
It connects, client re-execute the steps 301 after the error is detected.
Step 304, connection server is obtained by the first initial data and according to the first initial data of key encryption
The first encryption data be sent to client.
In this step, the connection server is getting the corresponding key of client connection ID, that is, cipher key service
After device is handed down to the key of client, first initial data is generated at random, then using key encryption described first
Initial data obtains the first encryption data, and first initial data and first encryption data are sent to client, with
It decrypts and verifies for client.
Step 305, client decrypts first encryption data according to the key got from key server.
In this step, client judge to decrypt data that first encryption data obtains whether with it is described first original
Data are consistent, if unanimously, confirming that the decryption verification of this side passes through, going to step 306.If it is inconsistent, disconnecting and the company
The connection for connecing server, re-execute the steps 301.
Step 306, client sends the second initial data and encrypts the second encryption number that second initial data obtains
According to the connection server.
In this step, client generates second initial data at random, then makes after the decryption verification of this side passes through
Second initial data, which is encrypted, in the key that key server is got with it obtains the second encryption data, it is former by described second
Beginning data and the second encryption data are sent to the connection server, so that verification is decrypted in the connection server.
Step 307, connection server decrypts second encryption data.
In this step, the connection server is according to the key decryption got from key server second encryption
Data, whether the data for then judging that decryption second encryption data obtains are consistent with the second initial data, if unanimously,
Confirm that the decryption verification of this side passes through, goes to step 308.It is disconnected if inconsistent and the connection of client, client is detecting
301 are re-execute the steps after mistake.
Step 308, connection server sends successful connection message to the client.
So far, client receive connection server send successful connection message after, would have been completed with it is described
The handshake procedure of server is connected, success establishes connection with the connection server.
Step 309, client sends heartbeat message to the connection server by the preset time cycle.
Client can safeguard the connection by sending heartbeat message after being successfully established connection with connection server
It does not interrupt, the preset time cycle can be arranged by developer.The connection server is receiving client transmission
It is to safeguard that the connection of itself and client is not interrupted after heartbeat message.If the connection server does not have within the preset time
The heartbeat message of client transmission is received, for example, being all not received by the heartbeat message of client transmission in 2 minutes, then
The disconnecting of confirmation and client sends error message to client, so that client re-establishes connection.Certainly, in reality
During border is realized, it is contemplated that the factors such as network oscillation are likely to result in message delay, can also take retry mechanism, such as: even
Continuous 3 in 2 minutes, i.e., are all not received by the heartbeat message of client transmission, then confirm disconnecting in 6 minutes.
So far, long connection is just established between client and connection server, based on the long connection, client can lead to
The connection server and service server communication are crossed, and is encrypted during communication using above-mentioned data key.
Specifically, service server is sent to by the connection server after client encrypts data message according to the key,
It is decrypted after the data message reaches connection server by connection server, and the data message after decryption is sent to
Service server.This is because being usually to transmit data, network security in Intranet between service server and connection server
Property it is relatively high, it is possible to do not encrypt, directly transmitting in plain text.
The PUSH message after the PUSH message of platform, is sent to connection server, institute upon receipt by service server
It states connection server to encrypt the PUSH message, client is then transmitted to by the long connection.Wherein, specifically
Push process those skilled in the art can be with reference to realization rate in the related technology, and the application is without limitation.
Referring to FIG. 5, the message format figure in a kind of embodiment of the application.
Wherein, magic_num is fixed integer, such as 832024031, is equivalent to the ID of type of message, is not needed pair
It is handled.
Type field is for indicating type of message, comprising: uplink downlink, is shaken hands, PUSH message, heartbeat message etc..
Status field is for indicating communication type, encryption type, type of coding etc..
Proto_size field is used to indicate the byte number of structural data.
Checksum field is easy check code.
App_data field can encrypt the field for carrying data, the data such as comparison PUSH message.
Certainly, other message formats can be used also to realize that the application, the application do not do this in those skilled in the art
Limitation.
By the application client it can be seen from above description before being communicated with server-side, first obtained from key server close
Key, connection ID and the connection information such as server address, then client and connection server by carry out mutually decryption verification with
Handshake procedure is completed, is connected subsequently through heartbeat message maintenance and the long of server-side.The application is assisted using the communication of autonomous Design
View, and can realize that the data to user's transmission are encrypted simultaneously, safety is higher.
Corresponding with the embodiment of the method that the application establishes client and the long connection of server-side, present invention also provides one kind
Establish the embodiment of the device of client and the long connection of server-side.Taking software implementation as an example, described device may operate in user
On terminal device, as the operation carrier of the application device, the subscriber terminal equipment typically at least include CPU, memory with
And nonvolatile memory, it is also possible to including hardware such as I/O interfaces.Fig. 6 and Fig. 7 are please referred to, the application establishes client kimonos
The apparatus structure schematic diagram that end length of being engaged in connects, described device includes: first acquisition unit, request transmitting unit, the first verification
Unit, the first heartbeat unit, data transmission unit and data receipt unit.
Wherein, the first acquisition unit obtains key, connection ID and connection server address from key server.
The request transmitting unit sends connection request to the connection server according to the connection server address,
The connection ID is carried in the connection request, so that the connection server obtains the connection to the key server
The corresponding key of ID.
Mutually decryption verification is carried out by the key between first verification unit, with the connection server, and
In decryption verification by establishing connection with the connection server afterwards;
The first heartbeat unit sends heartbeat message to the connection server by the preset time cycle.
Further, it is mutually decrypted between first verification unit and the connection server by the key
Verification, and include: by establishing connection with the connection server afterwards in decryption verification
First obtained after connection server is encrypted according to its key got from key server is received to add
Ciphertext data and the first initial data;
First encryption data is decrypted according to the key got from key server;
When the data that decryption first encryption data obtains are consistent with first initial data, confirmation decryption verification
Pass through, and sends the second initial data and encrypt the second encryption data that second initial data obtains and serviced to the connection
Device;
It receives the connection server and verifies the successful connection message sent after successfully second encryption data in decryption.
Further, when decrypting the data and inconsistent first initial data that first encryption data obtains,
The first acquisition unit obtains key, connection ID and connection server address from key server again.
Further, the first acquisition unit obtains key, connection ID and connection server address from key server
It include: that log-on message is sent to the key server;Receive what the key server was returned according to the log-on message
Key, connection ID and connection server address.
Further, described device further include:
Data transmission unit is sent to business by the connection server after encrypting data message according to the key
Server.
Data receipt unit carries out after receiving the encryption data message that the connection server is sent according to the key
Decryption is to obtain initial data.
Present invention also provides a kind of embodiments of device for establishing client and the long connection of server-side.It is implemented in software to be
Example, described device may operate on connection server, and as the operation carrier of the application device, the connection server is usual
Including at least having CPU, memory and nonvolatile memory, it is also possible to including hardware such as I/O interfaces.Fig. 8 and Fig. 9 are please referred to,
Described device includes: request reception unit, second acquisition unit, the second verification unit, the second heartbeat unit and encryption turn
Bill member.
Wherein, the request reception unit receives the connection request that client is sent, carries visitor in the connection request
The connection ID at family end.
Second acquisition unit obtains the corresponding key of the connection ID from key server.
Mutually decryption verification is carried out by the key between second verification unit, with the client, and in decryption school
It tests and establishes connection with the client by rear.
Second heartbeat unit receives the heartbeat message that client is sent, with the connection between maintenance and client.
Further, mutually decryption school is carried out by the key between second verification unit and the client
It tests, and includes: by establishing connection with the client afterwards in decryption verification
The first encryption data transmission that the first initial data obtains is encrypted by the first initial data and according to the key
Client;
Reception client verifies the second initial data sent after successfully first encryption data and second in decryption and adds
Ciphertext data;
When the data that decryption second encryption data obtains are consistent with second initial data, successful connection is sent
Message gives the client.
Further, when decrypting the data and inconsistent second initial data that second encryption data obtains,
Second verification unit disconnects and the connection of the client.
Further, when being not received by the heartbeat message of client transmission within the preset time, second heartbeat
The disconnecting between unit confirmation and client.
Further, described device further include:
Retransmission unit is encrypted, is forwarded after service server is sent to the PUSH message encryption of client by the connection
To the client.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with
It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying
Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Claims (18)
1. a kind of method for establishing client and the long connection of server-side, using on the client, which is characterized in that the method is answered
The message of service server push is received for the client, which comprises
Key, connection ID and connection server address are obtained from key server, the connection server address is multiple;
By choosing a connection server address in multiple connection server address, and according to the connection service of selection
Device address sends connection request to the connection server, the connection ID is carried in the connection request, for the company
It connects server and obtains the corresponding key of the connection ID to the key server;
Between the connection server by the key carry out mutually decryption verification, and decryption verification by afterwards with it is described
Connection server establishes connection;If detecting, the connection server breaks due to obtaining the corresponding key failure of the connection ID
Connection is opened, then returns to execution from key server and obtains key, connection ID and connection server address;
Heartbeat message is sent to the connection server, in order to which the client receives the company by the preset time cycle
The message of server push is connect, the message is pushed to the connection server by service server.
2. the method according to claim 1, wherein
It is described between the connection server by the key carry out mutually decryption verification, and decryption verification by afterwards with
The connection server establishes connection and includes:
Receive the first encryption number obtained after connection server is encrypted according to its key got from key server
According to the first initial data;
First encryption data is decrypted according to the key got from key server;
When the data that decryption first encryption data obtains are consistent with first initial data, confirmation decryption verification is logical
It crosses, and sends the second initial data and encrypt the second encryption data that second initial data obtains and serviced to the connection
Device;
It receives the connection server and verifies the successful connection message sent after successfully second encryption data in decryption.
3. according to the method described in claim 2, it is characterized in that,
When decrypting the data and inconsistent first initial data that first encryption data obtains, again from cipher key service
Device obtains key, connection ID and connection server address.
4. the method according to claim 1, wherein
It is described to include: from key server acquisition key, connection ID and connection server address
Log-on message is sent to the key server;
Receive key, connection ID and connection server address that the key server is returned according to the log-on message.
5. the method according to claim 1, wherein the method also includes:
Service server is sent to by the connection server after data message being encrypted according to the key;
After receiving the encryption data message that the connection server is sent, it is decrypted according to the key to obtain original number
According to.
6. a kind of method for establishing client and the long connection of server-side, is applied on connection server, which is characterized in that the side
Method is applied to the message that the client receives service server push, which comprises
The connection request that client is sent is received, the connection ID of client is carried in the connection request;The client by
The connection server is chosen in multiple connection server address that key server is sent, and according to the connection server of selection
Address sends the connection request;
The corresponding key of the connection ID is obtained from key server;If it is corresponding that the connection server obtains the connection ID
Key failure, then it is described connection server disconnect and client connection;
After successfully obtaining the key, mutually decryption verification is carried out by the key between the client, and solving
Close verification is by establishing connection with the client afterwards;
The heartbeat message that client is sent is received, with the connection between maintenance and client;
The client is transmitted to after service server is sent to the PUSH message encryption of client by the connection.
7. according to the method described in claim 6, it is characterized in that,
It is described mutually to be verified between the client by the key, and in verification by being built afterwards with the client
Vertical connection includes:
Visitor is sent to by the first initial data and according to the first encryption data that the first initial data of key encryption obtains
Family end;
It receives client and verifies the second initial data sent after successfully first encryption data and the second encryption number in decryption
According to;
When the data that decryption second encryption data obtains are consistent with second initial data, successful connection message is sent
To the client.
8. the method according to the description of claim 7 is characterized in that the method also includes:
When decrypting the data and inconsistent second initial data that second encryption data obtains, disconnect and the client
The connection at end.
9. according to the method described in claim 6, it is characterized in that, the method also includes:
Connection when being not received by the heartbeat message of client transmission within the preset time, between confirmation and client
It interrupts.
10. a kind of device for establishing client and the long connection of server-side, using on the client, which is characterized in that described device
The message of service server push is received applied to the client, described device includes:
First acquisition unit obtains key, connection ID and connection server address from key server;The connection server
Location is multiple;
If detecting, the connection server is disconnected due to obtaining the corresponding key failure of the connection ID, is returned again
Key, connection ID and connection server address are obtained from key server described in receipt row;
By choosing a connection server address in multiple connection server address;
Request transmitting unit sends connection request to the connection server, institute according to the connection server address of selection
It states and carries the connection ID in connection request, so that the connection server obtains the connection ID to the key server
Corresponding key;
Mutually decryption verification is carried out by the key between first verification unit, with the connection server, and in decryption school
It tests and establishes connection with the connection server by rear;
First heartbeat unit sends heartbeat message to the connection server, in order to the visitor by the preset time cycle
Family end receives the message of the connection server push, and the message is pushed to the connection server by service server.
11. device according to claim 10, which is characterized in that
Mutually decryption verification is carried out by the key between first verification unit and the connection server, and is being decrypted
It verifies by establishing connection with the connection server afterwards and includes:
Receive the first encryption number obtained after connection server is encrypted according to its key got from key server
According to the first initial data;
First encryption data is decrypted according to the key got from key server;
When the data that decryption first encryption data obtains are consistent with first initial data, confirmation decryption verification is logical
It crosses, and sends the second initial data and encrypt the second encryption data that second initial data obtains and serviced to the connection
Device;
It receives the connection server and verifies the successful connection message sent after successfully second encryption data in decryption.
12. device according to claim 11, which is characterized in that
When decrypting the data and inconsistent first initial data that first encryption data obtains, described first obtains list
Member obtains key, connection ID and connection server address from key server again.
13. device according to claim 10, which is characterized in that
It includes: that will log in believe that the first acquisition unit, which obtains key, connection ID and connection server address from key server,
Breath is sent to the key server;Receive key, connection ID that the key server returns according to the log-on message and
Connect server address.
14. device according to claim 10, which is characterized in that described device further include:
Data transmission unit is sent to business service by the connection server after encrypting data message according to the key
Device;
Data receipt unit is decrypted after receiving the encryption data message that the connection server is sent according to the key
To obtain initial data.
15. a kind of device for establishing client and the long connection of server-side, is applied on connection server, which is characterized in that described
Device is applied to the message that the client receives service server push, and described device includes:
Request reception unit receives the connection request that client is sent, the connection ID of client is carried in the connection request;
The connection server is chosen in multiple connection server address that the client is sent by key server, and according to selection
Connection server address send the connection request;
Second acquisition unit obtains the corresponding key of the connection ID from key server;If the connection server obtains
The corresponding key failure of the connection ID, then the connection server disconnects and the connection of client;
Second verification unit is mutually solved between the client by the key after successfully obtaining the key
Close verification, and in decryption verification by establishing connection with the client afterwards;
Second heartbeat unit receives the heartbeat message that client is sent, with the connection between maintenance and client;
Retransmission unit is encrypted, is transmitted to institute after service server is sent to the PUSH message encryption of client by the connection
State client.
16. device according to claim 15, which is characterized in that
Mutually decryption verification is carried out by the key between second verification unit and the client, and is verified in decryption
By rear connection is established with the client include:
Visitor is sent to by the first initial data and according to the first encryption data that the first initial data of key encryption obtains
Family end;
It receives client and verifies the second initial data sent after successfully first encryption data and the second encryption number in decryption
According to;
When the data that decryption second encryption data obtains are consistent with second initial data, successful connection message is sent
To the client.
17. device according to claim 16, which is characterized in that
When decrypting the data and inconsistent second initial data that second encryption data obtains, second verification is single
Member disconnects and the connection of the client.
18. device according to claim 15, which is characterized in that
When being not received by the heartbeat message of client transmission within the preset time, the second heartbeat unit confirmation and client
The disconnecting between end.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410326014.2A CN105337935B (en) | 2014-07-09 | 2014-07-09 | A kind of method and apparatus for establishing client and the long connection of server-side |
| HK16107105.9A HK1219185A1 (en) | 2014-07-09 | 2016-06-21 | Method and device for establishing long connection between client and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410326014.2A CN105337935B (en) | 2014-07-09 | 2014-07-09 | A kind of method and apparatus for establishing client and the long connection of server-side |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105337935A CN105337935A (en) | 2016-02-17 |
| CN105337935B true CN105337935B (en) | 2018-12-21 |
Family
ID=55288223
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410326014.2A Active CN105337935B (en) | 2014-07-09 | 2014-07-09 | A kind of method and apparatus for establishing client and the long connection of server-side |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN105337935B (en) |
| HK (1) | HK1219185A1 (en) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106358194B (en) * | 2016-10-28 | 2020-03-31 | 努比亚技术有限公司 | Device and method for connecting mobile terminal and server |
| CN106452689A (en) * | 2016-11-28 | 2017-02-22 | 畅捷通信息技术股份有限公司 | Data transmission apparatus and method of client and data transmission apparatus and method of server |
| CN106603542A (en) * | 2016-12-22 | 2017-04-26 | 北京雷石天地电子技术有限公司 | Cloud end server and offline place server communication method and device |
| CN108881105A (en) * | 2017-05-08 | 2018-11-23 | 中车株洲电力机车研究所有限公司 | A kind of method and system of connection setup |
| CN108418799A (en) * | 2018-02-01 | 2018-08-17 | 北京云知声信息技术有限公司 | Long establishment of connection method and system |
| CN108737377A (en) * | 2018-04-17 | 2018-11-02 | 深圳市网心科技有限公司 | Data guard method, server and computer readable storage medium |
| CN109274716B (en) * | 2018-08-21 | 2023-02-07 | 中国平安人寿保险股份有限公司 | File processing method and device, computer equipment and storage medium |
| CN109327527A (en) * | 2018-10-30 | 2019-02-12 | 北京摩拜科技有限公司 | Control method for vehicle, server, client, vehicle and Vehicular system |
| CN110213247B (en) * | 2019-05-16 | 2021-10-01 | 福建天泉教育科技有限公司 | Method and system for improving safety of pushed information |
| CN111405028B (en) * | 2020-03-12 | 2022-05-27 | 中国建设银行股份有限公司 | Information processing method, device, server, electronic device and medium |
| CN111416807B (en) * | 2020-03-13 | 2022-06-07 | 苏州科达科技股份有限公司 | Data acquisition method, device and storage medium |
| CN111866770A (en) * | 2020-07-21 | 2020-10-30 | 上海聚均科技有限公司 | Capital monitoring method based on short message |
| CN112911021A (en) * | 2021-03-23 | 2021-06-04 | 厦门四信通信科技有限公司 | Method, device and equipment for actively connecting terminal |
| CN115225715B (en) * | 2022-06-30 | 2024-01-26 | 深圳市云洲创新科技有限公司 | Data interaction method and data interaction system |
| CN115714805A (en) * | 2022-11-18 | 2023-02-24 | 乾三(北京)科技有限公司 | Cross-platform communication connection method and system and electronic equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101090513A (en) * | 2006-06-13 | 2007-12-19 | 华为技术有限公司 | Method for getting service key |
| CN103139303A (en) * | 2013-02-07 | 2013-06-05 | 网易(杭州)网络有限公司 | Method, device and system used for maintaining connected heartbeat |
| CN103634266A (en) * | 2012-08-21 | 2014-03-12 | 上海凌攀信息科技有限公司 | A bidirectional authentication method for a server and a terminal |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103874035B (en) * | 2012-12-13 | 2018-10-02 | 中国移动通信集团公司 | A kind of Mobile terminal message push method and equipment |
-
2014
- 2014-07-09 CN CN201410326014.2A patent/CN105337935B/en active Active
-
2016
- 2016-06-21 HK HK16107105.9A patent/HK1219185A1/en unknown
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101090513A (en) * | 2006-06-13 | 2007-12-19 | 华为技术有限公司 | Method for getting service key |
| CN103634266A (en) * | 2012-08-21 | 2014-03-12 | 上海凌攀信息科技有限公司 | A bidirectional authentication method for a server and a terminal |
| CN103139303A (en) * | 2013-02-07 | 2013-06-05 | 网易(杭州)网络有限公司 | Method, device and system used for maintaining connected heartbeat |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105337935A (en) | 2016-02-17 |
| HK1219185A1 (en) | 2017-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105337935B (en) | A kind of method and apparatus for establishing client and the long connection of server-side | |
| EP3565214B1 (en) | Systems and methods for encrypted vehicle data service exchanges | |
| TWI313996B (en) | System and method for secure remote access | |
| JP4603043B2 (en) | Method for transmitting sync ML synchronization data | |
| EP3567503B1 (en) | Systems and methods for provisioning a camera with a dynamic qr code and a ble connection | |
| CN110190955B (en) | Information processing method and device based on secure socket layer protocol authentication | |
| CN104168267B (en) | A kind of identity identifying method of access SIP security protection video monitoring systems | |
| CN109845214B (en) | Method, device and system for transmitting data | |
| CN104506534A (en) | Safety communication secret key negotiation interaction scheme | |
| CN109167802B (en) | Method, server and terminal for preventing session hijacking | |
| CN103828414A (en) | Security gateway communication | |
| CN111756529B (en) | Quantum session key distribution method and system | |
| TWI581599B (en) | Key generation system, data signature and encryption system and method | |
| CN108173644A (en) | Data transfer encryption method, device, storage medium, equipment and server | |
| CN107800675A (en) | A kind of data transmission method, terminal and server | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| US20150229621A1 (en) | One-time-pad data encryption in communication channels | |
| CN105959648B (en) | A kind of encryption method, device and video monitoring system | |
| CN111756528B (en) | Quantum session key distribution method, device and communication architecture | |
| CN105119894A (en) | Communication system and communication method based on hardware safety module | |
| CN108206739A (en) | Key generation method and device | |
| KR102026375B1 (en) | Apparatus and method for supporting communication of wearable device | |
| GB2581096A (en) | Altering cipher and key within an established session | |
| KR101448866B1 (en) | Security apparatus for decrypting data encrypted according to the web security protocol and operating method thereof | |
| US10015208B2 (en) | Single proxies in secure communication using service function chaining |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1219185 Country of ref document: HK |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20191216 Address after: P.O. Box 31119, grand exhibition hall, hibiscus street, 802 West Bay Road, Grand Cayman, British Cayman Islands Patentee after: Innovative advanced technology Co., Ltd Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Patentee before: Alibaba Group Holding Co., Ltd. |
|
| TR01 | Transfer of patent right |