CN105657033B - A kind of user-isolated resource access method and system - Google Patents

A kind of user-isolated resource access method and system Download PDF

Info

Publication number
CN105657033B
CN105657033B CN201610073295.4A CN201610073295A CN105657033B CN 105657033 B CN105657033 B CN 105657033B CN 201610073295 A CN201610073295 A CN 201610073295A CN 105657033 B CN105657033 B CN 105657033B
Authority
CN
China
Prior art keywords
total system
user
agency plant
resource
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610073295.4A
Other languages
Chinese (zh)
Other versions
CN105657033A (en
Inventor
王序东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MAINBO EDUCATION TECHNOLOGY Co Ltd
Original Assignee
MAINBO EDUCATION TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MAINBO EDUCATION TECHNOLOGY Co Ltd filed Critical MAINBO EDUCATION TECHNOLOGY Co Ltd
Priority to CN201610073295.4A priority Critical patent/CN105657033B/en
Publication of CN105657033A publication Critical patent/CN105657033A/en
Application granted granted Critical
Publication of CN105657033B publication Critical patent/CN105657033B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention relates to a kind of user-isolated resource access methods and system, belong to digitized processing field.In certain system, external registering functional is not provided, user's system visiting abroad asks that system resource can not access, the present invention is in order to solve this problem, it proposes to be free on outside system of systems and goes access system resources, system provides internal account, which shows as the public account of the outer user access resources of system for providing system resource, it uploads, downloading etc..Method of the invention is expansible, and freedom degree is high, and total system is not needed to do any variation, will not be interfered to total system resource data.

Description

A kind of user-isolated resource access method and system
Technical field
Present invention relates particularly to a kind of user-isolated resource access methods and system, belong to digitized processing field.
Background technique
Often occur following two prompt in windows system: " login failure: not authorizing user on this computer Request log in type." or " can not access, you may use Internet resources without permission.Please with the administrator of this server Connection is to find out whether you have access authority.If " there is second situation, it may be possible to the security setting problem of computer makes Object-computer can not access.If there is the first situation, it may be possible to which user does not have permission to enter the system.
Along with the propulsion of computer technology and cybertimes, certain systems do not provide external user's registration, cause external User can not access system resources.Therefore, under the premise of not breaking system user present maintenance system, it is desirable to provide system Outer user's access system resources.
Summary of the invention
The present invention be exactly in order to solve it is above-mentioned needed for use and give birth to, do not break the user maintenance system of system, can allow trip From in user's access system resources outside system, and these free user access resources systems can control.Cancel user Access only needs to stop service, and system does not need to carry out later maintenance to the user being free on outside system.
Specifically, the present invention provides a kind of user-isolated resource access method, described method includes following steps:
Step 1 disposes an independent agency plant, for safeguarding the user management outside total system;
Step 2, agency plant between proxy server and total system by being interacted;
Step 3, agency plant receive user access resources, parse to access parameter, act on behalf of if parameter is legal System sends to total system and requests, if parameter does not conform to rule and do not send request;
Step 4, total system parse the parameter, resource data are returned to agency plant;
Step 5, agency plant receive the resource data of total system return, operate to resource data.
Further, user-isolated resource access method as described above, the user management in the step 1 includes pipe User's registration is managed, user logs in, permission control or modification resource.
Further, user-isolated resource access method as described above, the interaction in the step 2 includes: agency system It is under unified central planning to set total system information, total system access address, proxy user account number cipher, simulation proxy user login total system, setting Timer accesses total system every a set time, and the log-on message for preventing agents from system login user is destroyed;Generation Reason system saves the cookie information that total system returns, when each access proxies of agency plant, if total system returns Login banner then simulates login total system.
Further, user-isolated resource access method as described above, the set time are five minutes.
Further, user-isolated resource access method as described above, the operation in the step 5 includes traversal, sieve Choosing rendering resources data and is shown again.
In addition, the present invention also provides a kind of user-isolated resources to access system, the system comprises agency plant and always System, wherein the agency plant is used to safeguard the user management outside total system;Agency plant passes through proxy server and total system It is interacted between system;Agency plant receives user access resources, parses to access parameter, acts on behalf of if parameter is legal System sends to total system and requests, if parameter does not conform to rule and do not send request;Total system parses the parameter, by resource data Return to agency plant;Agency plant receives the resource data of total system return, operates to resource data.
Further, user-isolated resource as described above accesses system, and the user management includes managing users registration, User logs in, permission control or modification resource.
Further, user-isolated resource as described above accesses system, and the interaction includes: the total system of agency plant configuration System information, total system access address, proxy user account number cipher, simulation proxy user log in total system, timer are arranged, every One set time accesses total system, and the log-on message for preventing agents from system login user is destroyed;Agency plant saves The cookie information that total system returns, when each access proxies of agency plant, if total system returns to login banner, Simulation logs in total system.
Further, user-isolated resource as described above accesses system, and the set time is five minutes.
Further, user-isolated resource as described above accesses system, and the operation includes traversing, screening, again wash with watercolours Dye resource data is simultaneously shown.
Method of the invention is expansible, and freedom degree is high, and total system does not need to do any variation, will not be to total system number of resources According to interfering.
Detailed description of the invention
Fig. 1 is flow chart when not needing access total system in the user-isolated resource access method of the present invention.
Fig. 2 is the schematic illustration of the user-isolated resource access method of the present invention.
Fig. 3 is the maintenance strategy schematic diagram of the user-isolated resource access method of the present invention.
Specific embodiment
The present invention is described in detail below with reference to the accompanying drawings and embodiments.
The present invention realizes a kind of method of resource in user-isolated access system (hereinafter referred to as total system).It is individually independent One system (hereinafter referred to as agency plant), agency plant simulate a total system logging in system by user, and agency plant is independent It safeguards the user outside total system, user management module is provided, user's registration, user's login etc. is safeguarded by agency plant, is acted on behalf of Agency plant of the system as total system, if total system is not provided to user access resources outside system, it is only necessary to close agency System.Total system only needs to safeguard the proxy user of agency plant.Therefore, shadow will not be caused to system resource access It rings.Agency plant receives total system data, data screening, traversal etc. can be carried out to total system data, to total system number of resources According to being controlled, extension etc. increases the control freedom degree to total system resource.
As shown in Figure 1, not need flow chart when access total system in the user-isolated resource access method of the present invention. The outer user of system carries out user's registration by agency plant, and user logs in, user right control, modifying user resources etc..? When not needing access total system, agency plant directly returns result to user.
As shown in Fig. 2, user-isolated resource access method provided by the invention includes the following steps:
Step 1 disposes an independent agency system, and agency plant safeguards the user's registration outside total system, logs in, modification The maintenance of the functions such as resource.
Step 2, as shown in figure 3, agency plant configuration total system information, total system access address, proxy user account are close Code, simulation proxy user log in total system, timer are arranged, and total system was accessed every five minutes, and maintenance agency plant is stepped on Record state, if it find that not logging in, simulation proxy account number logs in total system, saves proxy user information again.It prevents agents from and is Login user log-on message of uniting is destroyed.Save the cookie information etc. that total system returns, each access agent clothes of agency plant Business device then simulates login total system if total system returns to login banner.
Step 3, agency plant receive user access resources, parse to access parameter, the legal then agency plant of parameter It sends and requests to total system.
Step 4, total system parse the parameter, resource data are returned to agency plant.
Step 5, agency plant receive the resource data of total system return, traverse to data, agency plant is to total The resource data that system returns is traversed, and is screened, and rendering resources data are shown again.
To sum up, main idea of the present invention is in 4 elements.First point, agency plant oneself safeguards the outer user's service network of total system. Second point, agency plant simulate a proxy user and log in total system, and the outer user access resources of any system are all to act on behalf of use Name in an account book justice goes to operate the resource in total system.Thirdly, the resource data that agency plant can return to total system controls, Deletion does not need the outer user of system and sees certain resource type etc..4th point, total system does not need to do any variation, if halt system Outer user access resources only need to close agency plant, and cleaning data only need to safeguard the data of proxy user, Total system resource data will not be interfered.
Obviously, various changes and modifications can be made to the invention without departing from essence of the invention by those skilled in the art Mind and range.If in this way, belonging to the model of the claims in the present invention and its equivalent technology to these modifications and changes of the present invention Within enclosing, then the present invention is also intended to include these modifications and variations.

Claims (6)

1. a kind of user-isolated resource access method, it is characterised in that described method includes following steps:
Step 1 disposes an independent agency plant, for safeguarding the user management outside total system,
User management includes managing users registration, and permission control, user logs in or modification resource;
Step 2, agency plant passes through to be interacted between proxy server and total system,
Specifically include agency plant configuration total system information, total system access address, proxy user account number cipher, simulation agency's use Family logs in total system, and timer is arranged, accesses total system every a set time, prevents agents from system login user's Log-on message is destroyed;Agency plant saves the cookie information that total system returns, each access proxies of agency plant When, if total system returns to login banner, simulate login total system;
Step 3, agency plant receive user access resources, parse to access parameter, the agency plant if parameter is legal It sends and requests to total system, if parameter does not conform to rule and do not send request;
Step 4, total system parse the parameter, resource data are returned to agency plant;
Step 5, agency plant receive the resource data of total system return, operate to resource data.
2. user-isolated resource access method as described in claim 1, it is characterised in that:
The set time is five minutes.
3. user-isolated resource access method as described in claim 1, it is characterised in that:
Operation in the step 5 includes traversal, screening, rendering resources data and is shown again.
4. a kind of user-isolated resource accesses system, it is characterised in that:
The system comprises agency plants and total system, wherein and the agency plant is used to safeguard user management outside total system, Wherein user management includes managing users registration, and user logs in, permission control, or modification resource;Agency plant passes through agency's clothes It is interacted between business device and total system, specifically includes agency plant configuration total system information, total system access address, Dai Liyong Family account number cipher, simulation proxy user log in total system, timer are arranged, accesses total system every a set time, The log-on message for preventing agents from system login user is destroyed;Agency plant saves the cookie information that total system returns, agency When each access proxies of system, if total system returns to login banner, login total system is simulated;Agency plant receives User access resources parse access parameter, and agency plant sends to total system and requests if parameter is legal, if ginseng Number does not conform to rule and does not send request;Total system parses the parameter, and resource data is returned to agency plant;Agency plant receives The resource data that total system returns, operates resource data.
5. user-isolated resource as claimed in claim 4 accesses system, it is characterised in that:
The set time is five minutes.
6. user-isolated resource as claimed in claim 4 accesses system, it is characterised in that:
The operation includes traversal, and screening rendering resources data and is shown again.
CN201610073295.4A 2016-02-02 2016-02-02 A kind of user-isolated resource access method and system Active CN105657033B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610073295.4A CN105657033B (en) 2016-02-02 2016-02-02 A kind of user-isolated resource access method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610073295.4A CN105657033B (en) 2016-02-02 2016-02-02 A kind of user-isolated resource access method and system

Publications (2)

Publication Number Publication Date
CN105657033A CN105657033A (en) 2016-06-08
CN105657033B true CN105657033B (en) 2019-04-23

Family

ID=56488241

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610073295.4A Active CN105657033B (en) 2016-02-02 2016-02-02 A kind of user-isolated resource access method and system

Country Status (1)

Country Link
CN (1) CN105657033B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101207517A (en) * 2007-12-12 2008-06-25 浙江大学 Method for reliability maintenance of distributed enterprise service bus node
CN105072149A (en) * 2015-06-30 2015-11-18 青岛海尔智能家电科技有限公司 Method and device for building remote communication through proxy gateway

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8856881B2 (en) * 2009-02-26 2014-10-07 Genpact Global Holdings (Bermuda) Ltd. Method and system for access control by using an advanced command interface server
CN101877695A (en) * 2009-04-30 2010-11-03 中国移动通信集团江西有限公司 System and method for controlling access right
CN104751030A (en) * 2013-12-31 2015-07-01 中国科学院信息工程研究所 User access permission control method and device
CN103944883B (en) * 2014-03-19 2017-08-11 华存数据信息技术有限公司 The system and method for cloud application access control under a kind of cloud computing environment

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101207517A (en) * 2007-12-12 2008-06-25 浙江大学 Method for reliability maintenance of distributed enterprise service bus node
CN105072149A (en) * 2015-06-30 2015-11-18 青岛海尔智能家电科技有限公司 Method and device for building remote communication through proxy gateway

Also Published As

Publication number Publication date
CN105657033A (en) 2016-06-08

Similar Documents

Publication Publication Date Title
CN111488595B (en) Method for realizing authority control and related equipment
US10764290B2 (en) Governed access to RPA bots
CN106031118B (en) Cloud service security broker and proxy
CN105991734B (en) A kind of cloud platform management method and system
US9237130B2 (en) Hierarchical rule development and binding for web application server firewall
EP2866411A1 (en) Method and system for detecting unauthorized access to and use of network resources with targeted analytics
CN110764871B (en) Cloud platform-based mimicry application packaging and control system and method
US10491621B2 (en) Website security tracking across a network
CN104219080B (en) A kind of website faulty page log recording method
CN107733706A (en) The illegal external connection monitoring method and system of a kind of no agency
CN103067344A (en) Non-invasive method and equipment for automatically issuing safety regulations in cloud environment
CN103329113A (en) Proxy server configured for hierarchical caching and dynamic site acceleration and custom object and associated method
US11363068B2 (en) Method and system for providing a complete traceability of changes incurred in a security policy
CN107196951A (en) The implementation method and firewall system of a kind of HDFS systems fire wall
CN111861140A (en) Service processing method, device, storage medium and electronic device
CN105765901B (en) Intelligent firewall access rule
US20210019400A1 (en) Security infrastructure as a service
CN109714397A (en) Internet proxy server management system
CN106603567A (en) WEB administrator login management method and device
CN105657033B (en) A kind of user-isolated resource access method and system
US11770363B2 (en) Systems and methods for secure access smart hub for cyber-physical systems
US12015594B2 (en) Policy integration for cloud-based explicit proxy
CN108270718A (en) A kind of control method and system based on Hadoop clusters
Sasidharan Implementation of High Available and Scalable Syslog Server with NoSQL Cassandra Database and Message Queue
CN114553828B (en) DNS operation and maintenance management method, device, equipment and medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant