CN105657033B - A kind of user-isolated resource access method and system - Google Patents
A kind of user-isolated resource access method and system Download PDFInfo
- Publication number
- CN105657033B CN105657033B CN201610073295.4A CN201610073295A CN105657033B CN 105657033 B CN105657033 B CN 105657033B CN 201610073295 A CN201610073295 A CN 201610073295A CN 105657033 B CN105657033 B CN 105657033B
- Authority
- CN
- China
- Prior art keywords
- total system
- user
- agency plant
- resource
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention relates to a kind of user-isolated resource access methods and system, belong to digitized processing field.In certain system, external registering functional is not provided, user's system visiting abroad asks that system resource can not access, the present invention is in order to solve this problem, it proposes to be free on outside system of systems and goes access system resources, system provides internal account, which shows as the public account of the outer user access resources of system for providing system resource, it uploads, downloading etc..Method of the invention is expansible, and freedom degree is high, and total system is not needed to do any variation, will not be interfered to total system resource data.
Description
Technical field
Present invention relates particularly to a kind of user-isolated resource access methods and system, belong to digitized processing field.
Background technique
Often occur following two prompt in windows system: " login failure: not authorizing user on this computer
Request log in type." or " can not access, you may use Internet resources without permission.Please with the administrator of this server
Connection is to find out whether you have access authority.If " there is second situation, it may be possible to the security setting problem of computer makes
Object-computer can not access.If there is the first situation, it may be possible to which user does not have permission to enter the system.
Along with the propulsion of computer technology and cybertimes, certain systems do not provide external user's registration, cause external
User can not access system resources.Therefore, under the premise of not breaking system user present maintenance system, it is desirable to provide system
Outer user's access system resources.
Summary of the invention
The present invention be exactly in order to solve it is above-mentioned needed for use and give birth to, do not break the user maintenance system of system, can allow trip
From in user's access system resources outside system, and these free user access resources systems can control.Cancel user
Access only needs to stop service, and system does not need to carry out later maintenance to the user being free on outside system.
Specifically, the present invention provides a kind of user-isolated resource access method, described method includes following steps:
Step 1 disposes an independent agency plant, for safeguarding the user management outside total system;
Step 2, agency plant between proxy server and total system by being interacted;
Step 3, agency plant receive user access resources, parse to access parameter, act on behalf of if parameter is legal
System sends to total system and requests, if parameter does not conform to rule and do not send request;
Step 4, total system parse the parameter, resource data are returned to agency plant;
Step 5, agency plant receive the resource data of total system return, operate to resource data.
Further, user-isolated resource access method as described above, the user management in the step 1 includes pipe
User's registration is managed, user logs in, permission control or modification resource.
Further, user-isolated resource access method as described above, the interaction in the step 2 includes: agency system
It is under unified central planning to set total system information, total system access address, proxy user account number cipher, simulation proxy user login total system, setting
Timer accesses total system every a set time, and the log-on message for preventing agents from system login user is destroyed;Generation
Reason system saves the cookie information that total system returns, when each access proxies of agency plant, if total system returns
Login banner then simulates login total system.
Further, user-isolated resource access method as described above, the set time are five minutes.
Further, user-isolated resource access method as described above, the operation in the step 5 includes traversal, sieve
Choosing rendering resources data and is shown again.
In addition, the present invention also provides a kind of user-isolated resources to access system, the system comprises agency plant and always
System, wherein the agency plant is used to safeguard the user management outside total system;Agency plant passes through proxy server and total system
It is interacted between system;Agency plant receives user access resources, parses to access parameter, acts on behalf of if parameter is legal
System sends to total system and requests, if parameter does not conform to rule and do not send request;Total system parses the parameter, by resource data
Return to agency plant;Agency plant receives the resource data of total system return, operates to resource data.
Further, user-isolated resource as described above accesses system, and the user management includes managing users registration,
User logs in, permission control or modification resource.
Further, user-isolated resource as described above accesses system, and the interaction includes: the total system of agency plant configuration
System information, total system access address, proxy user account number cipher, simulation proxy user log in total system, timer are arranged, every
One set time accesses total system, and the log-on message for preventing agents from system login user is destroyed;Agency plant saves
The cookie information that total system returns, when each access proxies of agency plant, if total system returns to login banner,
Simulation logs in total system.
Further, user-isolated resource as described above accesses system, and the set time is five minutes.
Further, user-isolated resource as described above accesses system, and the operation includes traversing, screening, again wash with watercolours
Dye resource data is simultaneously shown.
Method of the invention is expansible, and freedom degree is high, and total system does not need to do any variation, will not be to total system number of resources
According to interfering.
Detailed description of the invention
Fig. 1 is flow chart when not needing access total system in the user-isolated resource access method of the present invention.
Fig. 2 is the schematic illustration of the user-isolated resource access method of the present invention.
Fig. 3 is the maintenance strategy schematic diagram of the user-isolated resource access method of the present invention.
Specific embodiment
The present invention is described in detail below with reference to the accompanying drawings and embodiments.
The present invention realizes a kind of method of resource in user-isolated access system (hereinafter referred to as total system).It is individually independent
One system (hereinafter referred to as agency plant), agency plant simulate a total system logging in system by user, and agency plant is independent
It safeguards the user outside total system, user management module is provided, user's registration, user's login etc. is safeguarded by agency plant, is acted on behalf of
Agency plant of the system as total system, if total system is not provided to user access resources outside system, it is only necessary to close agency
System.Total system only needs to safeguard the proxy user of agency plant.Therefore, shadow will not be caused to system resource access
It rings.Agency plant receives total system data, data screening, traversal etc. can be carried out to total system data, to total system number of resources
According to being controlled, extension etc. increases the control freedom degree to total system resource.
As shown in Figure 1, not need flow chart when access total system in the user-isolated resource access method of the present invention.
The outer user of system carries out user's registration by agency plant, and user logs in, user right control, modifying user resources etc..?
When not needing access total system, agency plant directly returns result to user.
As shown in Fig. 2, user-isolated resource access method provided by the invention includes the following steps:
Step 1 disposes an independent agency system, and agency plant safeguards the user's registration outside total system, logs in, modification
The maintenance of the functions such as resource.
Step 2, as shown in figure 3, agency plant configuration total system information, total system access address, proxy user account are close
Code, simulation proxy user log in total system, timer are arranged, and total system was accessed every five minutes, and maintenance agency plant is stepped on
Record state, if it find that not logging in, simulation proxy account number logs in total system, saves proxy user information again.It prevents agents from and is
Login user log-on message of uniting is destroyed.Save the cookie information etc. that total system returns, each access agent clothes of agency plant
Business device then simulates login total system if total system returns to login banner.
Step 3, agency plant receive user access resources, parse to access parameter, the legal then agency plant of parameter
It sends and requests to total system.
Step 4, total system parse the parameter, resource data are returned to agency plant.
Step 5, agency plant receive the resource data of total system return, traverse to data, agency plant is to total
The resource data that system returns is traversed, and is screened, and rendering resources data are shown again.
To sum up, main idea of the present invention is in 4 elements.First point, agency plant oneself safeguards the outer user's service network of total system.
Second point, agency plant simulate a proxy user and log in total system, and the outer user access resources of any system are all to act on behalf of use
Name in an account book justice goes to operate the resource in total system.Thirdly, the resource data that agency plant can return to total system controls,
Deletion does not need the outer user of system and sees certain resource type etc..4th point, total system does not need to do any variation, if halt system
Outer user access resources only need to close agency plant, and cleaning data only need to safeguard the data of proxy user,
Total system resource data will not be interfered.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art
Mind and range.If in this way, belonging to the model of the claims in the present invention and its equivalent technology to these modifications and changes of the present invention
Within enclosing, then the present invention is also intended to include these modifications and variations.
Claims (6)
1. a kind of user-isolated resource access method, it is characterised in that described method includes following steps:
Step 1 disposes an independent agency plant, for safeguarding the user management outside total system,
User management includes managing users registration, and permission control, user logs in or modification resource;
Step 2, agency plant passes through to be interacted between proxy server and total system,
Specifically include agency plant configuration total system information, total system access address, proxy user account number cipher, simulation agency's use
Family logs in total system, and timer is arranged, accesses total system every a set time, prevents agents from system login user's
Log-on message is destroyed;Agency plant saves the cookie information that total system returns, each access proxies of agency plant
When, if total system returns to login banner, simulate login total system;
Step 3, agency plant receive user access resources, parse to access parameter, the agency plant if parameter is legal
It sends and requests to total system, if parameter does not conform to rule and do not send request;
Step 4, total system parse the parameter, resource data are returned to agency plant;
Step 5, agency plant receive the resource data of total system return, operate to resource data.
2. user-isolated resource access method as described in claim 1, it is characterised in that:
The set time is five minutes.
3. user-isolated resource access method as described in claim 1, it is characterised in that:
Operation in the step 5 includes traversal, screening, rendering resources data and is shown again.
4. a kind of user-isolated resource accesses system, it is characterised in that:
The system comprises agency plants and total system, wherein and the agency plant is used to safeguard user management outside total system,
Wherein user management includes managing users registration, and user logs in, permission control, or modification resource;Agency plant passes through agency's clothes
It is interacted between business device and total system, specifically includes agency plant configuration total system information, total system access address, Dai Liyong
Family account number cipher, simulation proxy user log in total system, timer are arranged, accesses total system every a set time,
The log-on message for preventing agents from system login user is destroyed;Agency plant saves the cookie information that total system returns, agency
When each access proxies of system, if total system returns to login banner, login total system is simulated;Agency plant receives
User access resources parse access parameter, and agency plant sends to total system and requests if parameter is legal, if ginseng
Number does not conform to rule and does not send request;Total system parses the parameter, and resource data is returned to agency plant;Agency plant receives
The resource data that total system returns, operates resource data.
5. user-isolated resource as claimed in claim 4 accesses system, it is characterised in that:
The set time is five minutes.
6. user-isolated resource as claimed in claim 4 accesses system, it is characterised in that:
The operation includes traversal, and screening rendering resources data and is shown again.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610073295.4A CN105657033B (en) | 2016-02-02 | 2016-02-02 | A kind of user-isolated resource access method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610073295.4A CN105657033B (en) | 2016-02-02 | 2016-02-02 | A kind of user-isolated resource access method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105657033A CN105657033A (en) | 2016-06-08 |
CN105657033B true CN105657033B (en) | 2019-04-23 |
Family
ID=56488241
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610073295.4A Active CN105657033B (en) | 2016-02-02 | 2016-02-02 | A kind of user-isolated resource access method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105657033B (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101207517A (en) * | 2007-12-12 | 2008-06-25 | 浙江大学 | Method for reliability maintenance of distributed enterprise service bus node |
CN105072149A (en) * | 2015-06-30 | 2015-11-18 | 青岛海尔智能家电科技有限公司 | Method and device for building remote communication through proxy gateway |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8856881B2 (en) * | 2009-02-26 | 2014-10-07 | Genpact Global Holdings (Bermuda) Ltd. | Method and system for access control by using an advanced command interface server |
CN101877695A (en) * | 2009-04-30 | 2010-11-03 | 中国移动通信集团江西有限公司 | System and method for controlling access right |
CN104751030A (en) * | 2013-12-31 | 2015-07-01 | 中国科学院信息工程研究所 | User access permission control method and device |
CN103944883B (en) * | 2014-03-19 | 2017-08-11 | 华存数据信息技术有限公司 | The system and method for cloud application access control under a kind of cloud computing environment |
-
2016
- 2016-02-02 CN CN201610073295.4A patent/CN105657033B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101207517A (en) * | 2007-12-12 | 2008-06-25 | 浙江大学 | Method for reliability maintenance of distributed enterprise service bus node |
CN105072149A (en) * | 2015-06-30 | 2015-11-18 | 青岛海尔智能家电科技有限公司 | Method and device for building remote communication through proxy gateway |
Also Published As
Publication number | Publication date |
---|---|
CN105657033A (en) | 2016-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111488595B (en) | Method for realizing authority control and related equipment | |
US10764290B2 (en) | Governed access to RPA bots | |
CN106031118B (en) | Cloud service security broker and proxy | |
CN105991734B (en) | A kind of cloud platform management method and system | |
US9237130B2 (en) | Hierarchical rule development and binding for web application server firewall | |
EP2866411A1 (en) | Method and system for detecting unauthorized access to and use of network resources with targeted analytics | |
CN110764871B (en) | Cloud platform-based mimicry application packaging and control system and method | |
US10491621B2 (en) | Website security tracking across a network | |
CN104219080B (en) | A kind of website faulty page log recording method | |
CN107733706A (en) | The illegal external connection monitoring method and system of a kind of no agency | |
CN103067344A (en) | Non-invasive method and equipment for automatically issuing safety regulations in cloud environment | |
CN103329113A (en) | Proxy server configured for hierarchical caching and dynamic site acceleration and custom object and associated method | |
US11363068B2 (en) | Method and system for providing a complete traceability of changes incurred in a security policy | |
CN107196951A (en) | The implementation method and firewall system of a kind of HDFS systems fire wall | |
CN111861140A (en) | Service processing method, device, storage medium and electronic device | |
CN105765901B (en) | Intelligent firewall access rule | |
US20210019400A1 (en) | Security infrastructure as a service | |
CN109714397A (en) | Internet proxy server management system | |
CN106603567A (en) | WEB administrator login management method and device | |
CN105657033B (en) | A kind of user-isolated resource access method and system | |
US11770363B2 (en) | Systems and methods for secure access smart hub for cyber-physical systems | |
US12015594B2 (en) | Policy integration for cloud-based explicit proxy | |
CN108270718A (en) | A kind of control method and system based on Hadoop clusters | |
Sasidharan | Implementation of High Available and Scalable Syslog Server with NoSQL Cassandra Database and Message Queue | |
CN114553828B (en) | DNS operation and maintenance management method, device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |