CN105847312B - A kind of resource access method and user terminal - Google Patents
A kind of resource access method and user terminal Download PDFInfo
- Publication number
- CN105847312B CN105847312B CN201510018557.2A CN201510018557A CN105847312B CN 105847312 B CN105847312 B CN 105847312B CN 201510018557 A CN201510018557 A CN 201510018557A CN 105847312 B CN105847312 B CN 105847312B
- Authority
- CN
- China
- Prior art keywords
- http proxy
- vpn
- client application
- request
- resource access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The embodiment of the invention discloses a kind of resource access method and user terminals, are related to field of communication technology, to use WebView control to realize the VPN function of application layer.The specific scheme is that the browser kernel in the WebView control of client application obtains resource access request, it include the URL of resource to be visited in resource access request;Resource access request is carried out HTTP Proxy encapsulation by browser kernel, obtains HTTP Proxy request, and send HTTP Proxy request to HTTP Proxy program;HTTP Proxy program obtains the resource access request in HTTP Proxy request, and obtains VPN request message to the tunnel resource access request packaging V PN head;User terminal sends VPN request message to vpn server.
Description
Technical field
The present invention relates to field of communication technology more particularly to a kind of resource access methods and user terminal.
Background technique
Mobile office refers to that mobile terminal can be used in enterprise staff, remotely accesses corporate intranet (English: intranet)
It handles official business.The resource of corporate intranet is accessed than using the browser of mobile terminal to access by the client application of mobile terminal
The user experience of the resource of corporate intranet is more preferable.It is packaged in browser in general, the operating system of mobile terminal can provide one kind
The control of core, i.e. WebView control (English: control).Developer can very easily be developed using WebView control
Client application, without rewriting for realizing the code of browsing webpage function.
For enterprise, guarantee that the safety of the resource of corporate intranet is vital.If using Virtual Private Network
The safety for the resource that network (English: virtual private network, abbreviation: VPN) function improves corporate intranet then needs
Use special mobile terminal, it is difficult to provide and take equipment (English: bring your own device, BYOD) ability certainly.And such as
Fruit realizes VPN function in client application, since WebView control intrinsic function is invisible, is difficult to increase on WebView control
Add VPN function, developer needs to rewrite the code for realizing browsing webpage function of client application to realize VPN
Function.
Summary of the invention
The embodiment of the present invention provides a kind of resource access method and user terminal, to use WebView control to realize
The VPN function of application layer (English: per-app).
In order to achieve the above objectives, the embodiment of the present invention adopts the following technical scheme that
The embodiment of the present invention in a first aspect, providing a kind of resource access method, user terminal is equipped with client application,
The client application includes WebView control and hypertext transfer protocol (English: Hypertext Transfer
Protocol, abbreviation: HTTP) broker program, which comprises
Browser kernel in the WebView control of the client application obtains resource access request, and the resource is visited
Ask request in include resource to be visited uniform resource locator (English: uniform resource locator, abbreviation:
URL);
The resource access request is carried out HTTP Proxy encapsulation by the browser kernel, obtains HTTP Proxy request, and
The HTTP Proxy request is sent to the HTTP Proxy program;
The HTTP Proxy program obtains the resource access request in the HTTP Proxy request, and to the resource
Access request encapsulates Virtual Private Network (English: virtual private network, abbreviation: VPN) tunnel head and obtains VPN
Request message;
The user terminal sends the VPN request message to vpn server.
With reference to first aspect, in the first possible implementation of the first aspect, it is taken in the user terminal to VPN
It is engaged in after the device transmission VPN request message, the method also includes:
The user terminal receives the VPN response message that the vpn server is sent;
The HTTP Proxy program obtains the VPN response message, decapsulates the VPN response message to obtain HTTP generation
Reason response, and the HTTP Proxy response is sent to the WebView control;
The browser kernel in the WebView control parses the HTTP Proxy response, obtains described to be visited
Resource.
With reference to first aspect or the first possible implementation of first aspect, second in first aspect are possible
In implementation, before the browser kernel in the WebView control of the client application obtains resource access request, institute
State method further include:
The user terminal registers HTTP Proxy information to the browser kernel, and the HTTP Proxy information includes described
Internet protocol (English: Internet Protocol, abbreviation: the IP) address of HTTP Proxy program and the HTTP Proxy program
Transmission control protocol (English: Transmission Control Protocol, abbreviation: TCP) port numbers;
Wherein, the IP address of the HTTP Proxy program is local host (English: localhost).
The possible implementation of second with reference to first aspect, in the third possible implementation of first aspect
In, the user terminal registers HTTP Proxy information to the browser kernel, comprising:
Obtain the static fields mLoadedApk of the Application class of the client application;
The Application object for obtaining the client application calls the side get of the static fields mLoadedApk
Method is passed to the Application object of the client application, to obtain the LoadedApk object of the client application;
Obtain the static fields mReceivers of the Class example of LoadedApk class;
The get method for calling the static fields mReceivers, is passed to LoadedApk pairs of the client application
As to obtain the Event receiver of the client application;
It obtains in the Event receiver of the client application and acts on behalf of altering event receiver;
Agent property object is constructed, includes the HTTP Proxy information in the agent property object;
Use the agent property object formation Intent object;
The onRecevie method for acting on behalf of altering event receiver is called, the Intent object is passed to.
The second aspect of the embodiment of the present invention provides a kind of user terminal, and the user terminal is equipped with client application,
The client application includes WebView control and HTTP Proxy program, and the user terminal includes:
Processing unit obtains resource for the browser kernel in the WebView control by the client application and visits
It asks request, includes the URL of resource to be visited in the resource access request;The resource is accessed by the browser kernel
Request carries out HTTP Proxy encapsulation, obtains HTTP Proxy request, and send the HTTP Proxy to the HTTP Proxy program and ask
It asks;The resource access request in the HTTP Proxy request is obtained by the HTTP Proxy program, and to the resource
The tunnel access request packaging V PN head obtains VPN request message;
Transmission unit, for sending the VPN request message to vpn server.
In conjunction with second aspect, in the first possible implementation of the second aspect, the user terminal further include:
Receiving unit, for receiving institute after the transmission unit sends the VPN request message to vpn server
State the VPN response message of vpn server transmission;
The processing unit, is also used to obtain the VPN response message by the HTTP Proxy program, described in decapsulation
VPN response message sends the HTTP Proxy response to the WebView control to obtain HTTP Proxy response;Pass through institute
It states the browser kernel in WebView control and parses the HTTP Proxy response, obtain the resource to be visited.
In conjunction with the possible implementation of the first of second aspect or second aspect, second in second aspect is possible
In implementation, the processing unit, the browser kernel being also used in the WebView control by the client application
Before obtaining resource access request, Xiang Suoshu browser kernel registers HTTP Proxy information, and the HTTP Proxy information includes institute
State the IP address of HTTP Proxy program and the TCP port number of the HTTP Proxy program;
Wherein, the IP address of the HTTP Proxy program is local host.
In conjunction with second of possible implementation of second aspect, in the third possible implementation of second aspect
In, the processing unit is specifically used for:
Obtain the static fields mLoadedApk of the Application class of the client application;
The Application object for obtaining the client application calls the side get of the static fields mLoadedApk
Method is passed to the Application object of the client application, to obtain the LoadedApk object of the client application;
Obtain the static fields mReceivers of the Class example of LoadedApk class;
The get method for calling the static fields mReceivers, is passed to LoadedApk pairs of the client application
As to obtain the Event receiver of the client application;
It obtains in the Event receiver of the client application and acts on behalf of altering event receiver;
Agent property object is constructed, includes the HTTP Proxy information in the agent property object;
Use the agent property object formation Intent object;
The onRecevie method for acting on behalf of altering event receiver is called, the Intent object is passed to.
The third aspect of the embodiment of the present invention provides a kind of computer program product for realizing resource access, described
Computer program product includes client application, and the client application includes WebView control and HTTP Proxy program;
The WebView control includes browser kernel, and the browser kernel is provided for obtaining resource access request
Interface, include the URL of resource to be visited in the resource access request;
The browser kernel is also used to the resource access request carrying out HTTP Proxy encapsulation, to obtain HTTP Proxy
Request, and the HTTP Proxy request is sent to the HTTP Proxy program;
The HTTP Proxy program is used to obtain the resource access request in the HTTP Proxy request, and to described
The tunnel resource access request packaging V PN head obtains VPN request message;
The HTTP Proxy program includes sending instruction, is sent out for the communication interface by operating system to vpn server
Send the VPN request message.
In conjunction with the third aspect, in the first possible implementation of the third aspect, the HTTP Proxy program is also wrapped
Reception instruction is included, for leading to after sending the VPN request message to vpn server by the communication interface of operating system
The communication interface for crossing the operating system receives the VPN response message that the vpn server is sent;
The HTTP Proxy program is also used to obtain the VPN response message, decapsulates the VPN response message to obtain
HTTP Proxy response, and the HTTP Proxy response is sent to the WebView control;
The browser kernel is also used to parse the HTTP Proxy response, obtains the resource to be visited.
In conjunction with the possible implementation of the first of the third aspect or the third aspect, second in the third aspect is possible
In implementation, the client application further includes agency of trademark registration program;
The agency of trademark registration program is used to register HTTP Proxy information, the HTTP Proxy information to the browser kernel
The TCP port number of IP address and the HTTP Proxy program including the HTTP Proxy program;
Wherein, the IP address of the HTTP Proxy program is local host.
In conjunction with second of possible implementation of the third aspect, in the third possible implementation of the third aspect
In, the agency of trademark registration program includes:
For obtaining the instruction of the static fields mLoadedApk of the Application class of the client application;
For obtaining the Application object of the client application, call the static fields mLoadedApk's
Get method is passed to the Application object of the client application, to obtain LoadedApk pairs of the client application
The instruction of elephant;
For obtaining the instruction of the static fields mReceivers of the Class example of LoadedApk class;
For calling the get method of the static fields mReceivers, it is passed to the LoadedApk of the client application
Object, to obtain the instruction of the Event receiver of the client application;
The instruction for acting on behalf of altering event receiver in Event receiver for obtaining the client application;
It include the HTTP Proxy information in the agent property object for constructing the instruction of agent property object;
For using the instruction of the agent property object formation Intent object;
For calling the onRecevie method for acting on behalf of altering event receiver, it is passed to the finger of the Intent object
It enables.
Resource access method and user terminal provided in an embodiment of the present invention, user terminal are equipped with client application, should
Client application includes WebView control and HTTP Proxy program, in the browser in the WebView control of the client application
Core obtain resource access request, then by resource access request carry out HTTP Proxy encapsulation, obtain HTTP Proxy request, and to this
The HTTP Proxy program of client application sends HTTP Proxy request;The HTTP Proxy program of the client application obtains HTTP generation
Resource access request in reason request, and VPN request message is obtained to the tunnel resource access request packaging V PN head;User terminal
VPN request message is sent to vpn server.Using the method for the embodiment of the present invention, developer does not need to rewrite and be used for
It realizes the code of browsing webpage function, and the VPN function of WebView control and HTTP Proxy program realization application layer can be used
Energy.When using the resource of the way access corporate intranet of the embodiment of the present invention, asked since resource access request is encapsulated as VPN
Message is sought, therefore, only vpn server can parse VPN request message and obtain resource access request, and its on public network
He can only obtain VPN request message at equipment, can not obtain resource access request, and therefore, the other equipment on public network can not
The URL for determining resource to be visited thereby may be ensured that the safety of the resource of corporate intranet.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those of ordinary skill in the art, without any creative labor, it can also be obtained according to these attached drawings
His attached drawing.
Fig. 1 is a kind of flow chart of resource access method provided in an embodiment of the present invention;
Fig. 2 is the flow chart of another resource access method provided in an embodiment of the present invention;
Fig. 3 is the flow chart of another resource access method provided in an embodiment of the present invention;
Fig. 4 is a kind of composition schematic diagram of user terminal provided in an embodiment of the present invention;
Fig. 5 is the composition schematic diagram of another user terminal provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention is clearly retouched
It states.
To facilitate understanding of the present embodiment of the invention, the several arts that can be introduced in description of the embodiment of the present invention are introduced herein first
Language.
(English: uniform resource locator, abbreviation: URL is passed uniform resource locator using hypertext
When sending agreement (English: Hypertext Transfer Protocol, abbreviation: HTTP), URL is also referred to as web page address): be
Indicate the specific character string of the address of a certain resource on internet (English: Internet).
Virtual Private Network (English: virtual private network, abbreviation: VPN): being one kind in public network
The dedicated network communicated for VPN client with vpn server established on (for example, internet), VPN client (English
Text: VPN client) with the content that is communicated between vpn server (English: VPN server) for other on public network
Equipment (equipment in addition to VPN client is with vpn server) is invisible.
The embodiment of the present invention provides a kind of resource access method.User terminal is equipped with client application in this method, should
Client application includes WebView control and HTTP Proxy program.As shown in Figure 1, this method comprises:
S101, client application WebView control in browser kernel obtain resource access request.
Wherein, include the URL of resource to be visited in resource access request, include the address instruction of destination server in URL
Information, destination server can be the server disposed in corporate intranet for providing resource to be visited, destination server.
The format of URL are as follows:
protocol://hostname[:port]/path/[;Parameters] [? query] #fragment.
It wherein, is optional content in square brackets.Protocol is the specified transport protocol used, most common to be
HTTP;Hostname is domain name system (English: Domain Name System, abbreviation: the DNS) master for storing the server of resource
Machine name or Internet protocol (English: InternetProtocol, abbreviation: IP) address;Port is port numbers;Path is path, is
The character string separated by zero or multiple "/" symbols is generally used to indicate a catalogue or file address on host;
Parameters is parameter, is the option for specifying special parameter;Query is inquiry, is joined for transmitting to dynamic web page
Number, can have multiple parameters, be separated with " & " symbol, and the name and value of each parameter are separated with "=" symbol;Fragment is message slot
It is disconnected, it is a character string, for specifying the segment in Internet resources, for example, there are multiple explanations of nouns in a webpage, can be used
Fragment is directly targeted to a certain explanation of nouns.
Hostname in URL is that the address of purpose server indicates information, when hostname is IP address, the IP
Location is the address of destination server;When hostname is DNS host name, since DNS host name is corresponding with IP address, because
This can obtain the address of destination server according to DNS host name.
URL in the embodiment of the present invention can be in the dynamic input client application of user hand, or developer
It is written in client application when developing client application.
Resource access request is carried out HTTP Proxy encapsulation by S102, browser kernel, is obtained HTTP Proxy and is requested, and to
HTTP Proxy program sends HTTP Proxy request.
It wherein, include the IP address of HTTP Proxy program and the biography of HTTP Proxy program in the request header of HTTP Proxy request
Transport control protocol view (English: Transmission Control Protocol, abbreviation: TCP) port numbers.HTTP Proxy program is
The program of one section of function for realizing proxy server in client application.
The IP address of HTTP Proxy program is local host (English: localhost), i.e. 127.0.0.1 (Internet protocol
Edition 4 (English: Internet Protocol version 4, abbreviation: IPv4)) or [:: 1] (6 (English of internet protocol version
Text: Internet Protocol version 6, abridge IPv6)).The TCP port number of HTTP Proxy program is in 0-65535
An integer, such as HTTP Proxy program TCP port number can be 50686.Each run client is answered on user terminal
Used time, idle TCP port number from the client application to one local host of operating system application, as the HTTP Proxy program
TCP port number.
S103, HTTP Proxy program obtain the resource access request in HTTP Proxy request, and seal to resource access request
Dress vpn tunneling head obtains VPN request message.
It wherein, include the address of vpn server in vpn tunneling head, vpn server is deployed in corporate intranet.HTTP generation
Reason program is equivalent to VPN client, establishes connection using vpn tunneling agreement between VPN client and vpn server.Commonly
Vpn tunneling agreement include Point to Point Tunnel Protocol (English: Point-to-Point Tunneling Protocol, abbreviation:
PPTP), Level 2 Tunnel Protocol (English: Layer 2Tunneling Protocol, abbreviation: L2TP) and safe socket character tunnel
Road agreement (English: Secure Socket Tunneling Protocol, abbreviation: SSTP) etc., the embodiment of the present invention is to VPN visitor
Used vpn tunneling agreement is established when connection between family end and vpn server without limitation.
S104, user terminal send VPN request message to vpn server.
After vpn server receives VPN request message, VPN request message can be decapsulated, is asked with obtaining resource access
It asks, and sends resource access request to destination server.
Wherein, vpn server and destination server are deployed in corporate intranet, and vpn server and destination server can
Think two independent servers, or two with the different function module on the same server.
Resource access method provided in an embodiment of the present invention, user terminal are equipped with client application, the client application
Including WebView control and HTTP Proxy program, the browser kernel in the WebView control of the client application obtains resource
Then resource access request is carried out HTTP Proxy encapsulation by access request, obtain HTTP Proxy request, and to the client application
HTTP Proxy program send HTTP Proxy request;The HTTP Proxy program of the client application obtains in HTTP Proxy request
Resource access request, and VPN request message is obtained to the tunnel resource access request packaging V PN head;User terminal is to vpn server
Send VPN request message.Using the method for the embodiment of the present invention, developer does not need to rewrite for realizing browsing webpage
The code of function, and the VPN function of WebView control and HTTP Proxy program realization application layer can be used.When using this hair
When the resource of the way access corporate intranet of bright embodiment, since resource access request is encapsulated as VPN request message,
Only vpn server can parse VPN request message and obtain resource access request, and the other equipment on public network can only obtain
VPN request message is taken, resource access request can not be obtained, therefore, the other equipment on public network can not determine money to be visited
The URL in source thereby may be ensured that the safety of the resource of corporate intranet.
Further, after destination server receives resource access request, destination server can be returned to user terminal
Return resource to be visited.As shown in Fig. 2, after S104, resource access method provided in an embodiment of the present invention further include:
S105, user terminal receive the VPN response message that vpn server is sent.
Wherein, VPN response message is response message corresponding with the VPN request message in S104, and VPN response message is
The page comprising resource to be visited received from destination server is carried out VPN encapsulation (tunnel packaging V PN head) and obtained by vpn server
It arrives.The TCP port number of IP address and HTTP Proxy program in the head response of VPN response message comprising HTTP Proxy program.
S106, HTTP Proxy program obtain VPN response message, decapsulate VPN response message and are responded with obtaining HTTP Proxy,
And HTTP Proxy response is sent to WebView control.
Due to using vpn tunneling agreement to establish connection, VPN between VPN client (HTTP Proxy program) and vpn server
Response message is encapsulated by VPN, and therefore, only HTTP Proxy program can decapsulate the VPN response message, and public
Other equipment on common network network can not decapsulate the VPN response message.
Browser kernel in S107, WebView control parses HTTP Proxy response, obtains resource to be visited.
When using the resource of above method access corporate intranet, since VPN response message is to encapsulate to obtain by VPN
, the other equipment on public network can not decapsulate the VPN response message, can not obtain HTTP Proxy response, therefore, public
Other equipment on network are unable to get resource to be visited, thereby may be ensured that the safety of the resource of corporate intranet.
Further, as shown in figure 3, before S101, resource access method provided in an embodiment of the present invention further include:
S100, user terminal register HTTP Proxy information to browser kernel.
Wherein, HTTP Proxy information includes the IP address of HTTP Proxy program and the TCP port number of HTTP Proxy program.
The IP address of HTTP Proxy program is local host, and the TCP port number of HTTP Proxy program is an integer in 0-65535.
The TCP port number of HTTP Proxy program can be dynamic allocation.Each run client application on user terminal
When, idle TCP port number from the client application to one local host of operating system application, as the HTTP Proxy program
TCP port number.For example, on user terminal when the 1st operation client application, local host which arrives
Idle TCP port number is 50686, then the TCP port number of HTTP Proxy program is 50686;2nd operation client on user terminal
End is in application, the idle TCP port number of local host that the client application application is arrived is 50700, then HTTP Proxy program
TCP port number is 50700.
It is generated in real time when due to each run client application with the relevant object of client application, so cannot
Directly modification WebView control is to register HTTP Proxy information.Therefore agency is added in the embodiment of the present invention in client application
Accreditation process, agency of trademark registration program execute following procedure in operation to complete the registration of HTTP Proxy information:
A, the static fields mLoadedApk of the Application class of client application is obtained.Generation in client application
Reason accreditation process can obtain the static fields of the Application class of the client application by Java method for reflection
mLoadedApk。
B, the Application object of client application is obtained, the get method of static fields mLoadedApk is called, is passed
Enter the Application object of client application, to obtain the LoadedApk object of client application.Client can be answered
LoadedApk object is denoted as currentLoadedApk object.
C, the static fields mReceivers of the Class example of LoadedApk class is obtained.Agency's note in client application
Volume program can first obtain the Class example of LoadedApk class by Java method for reflection, then be obtained by Java method for reflection
The static fields mReceivers of the Class example of LoadedApk class.
D, the get method of static fields mReceivers is called, currentLoadedApk object is passed to, to obtain client
Hold the Event receiver of application.What agency of trademark registration program obtained here is all Event receivers of client application, if objective
The application of family end has multiple Event receivers, will obtain multiple Event receivers here.The event that agency of trademark registration program obtains connects
Receivers can be denoted as by receiving device.
E, it obtains in the Event receiver of client application and acts on behalf of altering event receiver.If had in receivers
Multiple Event receivers, agency of trademark registration program can traverse receivers, act on behalf of altering event receiver with determination.It depends on
The version of operating system, acting on behalf of altering event receiver can be the Event receiver that class name is ProxyChangeListenter
Or the Event receiver of the entitled ProxyReceiver of class.
F, agent property object is constructed, includes HTTP Proxy information, the i.e. IP of HTTP Proxy program in agent property object
The TCP port number of address and HTTP Proxy program.Agent property object is the object of agency of trademark registration program neotectonics, can be denoted as
ProxyProperties。
G, using ProxyProperties object formation Intent object.Intent is a kind of data structure, and description is primary
The operation that will be performed, effect is to connect two different components in operation (English: runtime), of the invention real
It applies in example, Intent for connecting agency of trademark registration program and WebView control in operation.
H, the onRecevie method for acting on behalf of altering event receiver is called, Intent object is passed to.Such client application
WebView control in altering event receiver of acting on behalf of be received by HTTP Proxy information, thus complete HTTP Proxy letter
The registration of breath.
The embodiment of the present invention also provides a kind of user terminal.The user terminal is equipped with client application, which answers
With including WebView control and HTTP Proxy program.As shown in figure 4, the user terminal includes: processing unit 21, transmission unit
22 and receiving unit 23.
Processing unit 21, for obtaining resource access by the browser kernel in the WebView control of client application
It requests, includes the URL of resource to be visited in resource access request;Resource access request is subjected to HTTP generation by browser kernel
Reason encapsulation obtains HTTP Proxy request, and sends HTTP Proxy request to HTTP Proxy program;It is obtained by HTTP Proxy program
Resource access request in HTTP Proxy request, and VPN request message is obtained to the tunnel resource access request packaging V PN head.
Transmission unit 22, for sending the VPN request message that processing unit 21 obtains to vpn server.
Receiving unit 23, for after transmission unit 22 sends VPN request message to vpn server, receiving VPN service
The VPN response message that device is sent.
Processing unit 21, be also used to by HTTP Proxy program obtain VPN response message, decapsulate VPN response message with
HTTP Proxy response is obtained, and sends HTTP Proxy response to WebView control;By in the browser in WebView control
Core parses HTTP Proxy response, obtains resource to be visited.
Further, processing unit 21, the browser kernel being also used in the WebView control by client application
Before obtaining resource access request, HTTP Proxy information is registered to browser kernel, HTTP Proxy information includes HTTP Proxy journey
The IP address of sequence and the TCP port number of HTTP Proxy program.
Wherein, the IP address of HTTP Proxy program is local host.
Further, processing unit 21 is specifically used for:
A, the static fields mLoadedApk of the Application class of client application is obtained;
B, the Application object of client application is obtained, the get method of static fields mLoadedApk is called, is passed
Enter the Application object of client application, to obtain the LoadedApk object of client application.
C, the static fields mReceivers of the Class example of LoadedApk class is obtained.
D, the get method of static fields mReceivers is called, the LoadedApk object of client application is passed to, with
To the Event receiver of client application.
E, it obtains in the Event receiver of client application and acts on behalf of altering event receiver.
F, agent property object is constructed, includes HTTP Proxy information in agent property object.
G, using agent property object formation Intent object.
H, the onRecevie method for acting on behalf of altering event receiver is called, Intent object is passed to.
It should be noted that the specific descriptions of part functional module can join in user terminal provided in an embodiment of the present invention
Corresponding content in test method embodiment, the present embodiment are no longer described in detail here.
User terminal provided in an embodiment of the present invention, user terminal are equipped with client application, which includes
The processing unit 21 of WebView control and HTTP Proxy program, user terminal passes through in the WebView control of the client application
Browser kernel obtain resource access request, then by browser kernel by resource access request carry out HTTP Proxy envelope
Dress obtains HTTP Proxy request, and sends HTTP Proxy request to the HTTP Proxy program of the client application;Processing unit 21
The resource access request in HTTP Proxy request is obtained by the HTTP Proxy program of the client application, and resource access is asked
The tunnel packaging V PN head is asked to obtain VPN request message;Transmission unit 22 sends VPN request message to vpn server.Using this hair
The method of bright embodiment, developer does not need to rewrite the code for realizing browsing webpage function, and can be used
WebView control and HTTP Proxy program realize the VPN function of application layer.When the way access enterprise using the embodiment of the present invention
When the resource of Intranet, since resource access request is encapsulated as VPN request message, only vpn server can parse
VPN request message obtains resource access request, and the other equipment on public network can only obtain VPN request message, can not obtain
Resource access request is obtained, therefore, the other equipment on public network can not determine the URL of resource to be visited, thereby may be ensured that
The safety of the resource of corporate intranet.
The embodiment of the present invention also provides a kind of user terminal.The user terminal is equipped with client application, which answers
With including WebView control and HTTP Proxy program.As shown in figure 5, the user terminal includes: processor 31,32 and of transceiver
Memory 33.
User terminal in the embodiment of the present invention can be smart phone, tablet computer and vehicle-mounted computer etc..
Processor 31 is asked for obtaining resource access by the browser kernel in the WebView control of client application
It asks, includes the URL of resource to be visited in resource access request;Resource access request is subjected to HTTP Proxy by browser kernel
Encapsulation obtains HTTP Proxy request, and sends HTTP Proxy request to HTTP Proxy program;It is obtained by HTTP Proxy program
Resource access request in HTTP Proxy request, and VPN request message is obtained to the tunnel resource access request packaging V PN head.
Processor 31 is also used to send the VPN request message that processor 31 obtains to vpn server by transceiver 32.
Processor 31 is also used to sending the VPN request message that processor 31 obtains to vpn server by transceiver 32
Later, the VPN response message that vpn server is sent is received by transceiver 32.
Processor 31 is also used to obtain VPN response message by HTTP Proxy program, decapsulates VPN response message to obtain
It is responded to HTTP Proxy, and sends HTTP Proxy response to WebView control;Pass through the browser kernel in WebView control
HTTP Proxy response is parsed, resource to be visited is obtained.
Further, processor 31, the browser kernel being also used in the WebView control by client application obtain
Before taking resource access request, HTTP Proxy information is registered to browser kernel, HTTP Proxy information includes HTTP Proxy program
IP address and HTTP Proxy program TCP port number.
It can also include agency of trademark registration program in client application in the embodiment of the present invention, processor 31 executes agency's note
Volume program, to complete the registration of HTTP Proxy information, detailed process are as follows:
A, the static fields mLoadedApk of the Application class of client application is obtained;
B, the Application object of client application is obtained, the get method of static fields mLoadedApk is called, is passed
Enter the Application object of client application, to obtain the LoadedApk object of client application.
C, the static fields mReceivers of the Class example of LoadedApk class is obtained.
D, the get method of static fields mReceivers is called, the LoadedApk object of client application is passed to, with
To the Event receiver of client application.
E, it obtains in the Event receiver of client application and acts on behalf of altering event receiver.
F, agent property object is constructed, includes HTTP Proxy information in agent property object.
G, using agent property object formation Intent object.
H, the onRecevie method for acting on behalf of altering event receiver is called, Intent object is passed to.
Memory 33 specifically can be used for storing the client application in the embodiment of the present invention for storing program code
Program code.Memory 33 may include volatile memory (English: volatile memory), such as arbitrary access is deposited
Reservoir (English: random-access memory, abbreviation: RAM);Memory 33 also may include nonvolatile memory (English
Text: non-volatile memory), for example, read-only memory (English: read-only memory, abbreviation: ROM), flash memory
Reservoir (English: flash memory), hard disk (English: hard disk drive, abbreviation: HDD) or solid state hard disk (English:
Solid-state drive, abbreviation: SSD);Memory 33 can also include the combination of the memory of mentioned kind.
Wherein, it is connected between processor 31, transceiver 32 and memory 33 by bus and completes mutual communication.
Processor 31 can be central processing unit (English: central processing unit, abbreviation: CPU), can also
Think the combination of CPU and digital signal processor (English: digital signal processor, abbreviation: DSP).
Transceiver 32 can be WLAN (English: wireless local area networks, abbreviation: WLAN)
Module, 2nd generation mobile communication technology (English: second generationwireless telephone technology, contracting
Write: 2G) module, third generation mobile communications technology (English: third generation wireless telephone
Technology, abbreviation: 3G) and the 4th third-generation mobile communication technology (English: fourth generation wireless
Telephone technology, abbreviation: 4G) etc..
It should be noted that the specific descriptions of part functional module can join in user terminal provided in an embodiment of the present invention
Corresponding content in test method embodiment, the present embodiment are no longer described in detail here.
User terminal provided in an embodiment of the present invention, user terminal are equipped with client application, which includes
WebView control and HTTP Proxy program, the browser kernel in WebView control that processor 31 passes through the client application
Resource access request is obtained, resource access request is then carried out by HTTP Proxy encapsulation by browser kernel, obtains HTTP generation
Reason request, and HTTP Proxy request is sent to the HTTP Proxy program of the client application;Processor 31 is answered by the client
HTTP Proxy program obtains the resource access request in HTTP Proxy request, and to the tunnel resource access request packaging V PN
Head obtains VPN request message;Processor 31 sends VPN request message to vpn server by transceiver 32.Using of the invention real
The method for applying example, developer does not need to rewrite the code for realizing browsing webpage function, and WebView can be used
Control and HTTP Proxy program realize the VPN function of application layer.When the way access corporate intranet using the embodiment of the present invention
When resource, since resource access request is encapsulated as VPN request message, only vpn server can parse VPN request
Message obtains resource access request, and the other equipment on public network can only obtain VPN request message, can not obtain resource visit
Ask request, therefore, the other equipment on public network can not determine the URL of resource to be visited, thereby may be ensured that corporate intranet
Resource safety.
The embodiment of the present invention also provides a kind of computer program product for realizing resource access.The computer program produces
Product include client application, and client application includes WebView control and HTTP Proxy program.
Wherein, WebView control includes browser kernel, and browser kernel is provided for obtaining connecing for resource access request
Mouthful, it include the URL of resource to be visited in resource access request.
Browser kernel is also used to resource access request carrying out HTTP Proxy encapsulation, to obtain HTTP Proxy request, and
The HTTP Proxy request is sent to the HTTP Proxy program.
HTTP Proxy program is used to obtain the resource access request in the HTTP Proxy request, and to the resource
The tunnel access request packaging V PN head obtains VPN request message.
HTTP Proxy program includes sending instruction, sends VPN to vpn server for the communication interface by operating system
Request message.The communication interface of operating system can be the application programming interfaces (English: application that operating system provides
Programming interface, abbreviation: API), in the present embodiment, the communication interface of operating system is specifically as follows TCP
Socket (English: socket).
Further, HTTP Proxy program further includes receiving instruction, for by the communication interface of operating system to VPN
After server sends VPN request message, the VPN that vpn server is sent is received by the communication interface of operating system and responds report
Text.
HTTP Proxy program is also used to obtain VPN response message, decapsulates VPN response message and is rung with obtaining HTTP Proxy
It answers, and sends HTTP Proxy response to WebView control.
Browser kernel is also used to parse HTTP Proxy response, obtains resource to be visited.
Further, the client application in the embodiment of the present invention further includes agency of trademark registration program.
Agency of trademark registration program is used to register HTTP Proxy information to browser kernel, and HTTP Proxy information includes HTTP Proxy
The IP address of program and the TCP port number of HTTP Proxy program.
Wherein, the IP address of HTTP Proxy program is local host.
Specifically, agency of trademark registration program includes:
For obtaining the instruction of the static fields mLoadedApk of the Application class of the client application.
For obtaining the Application object of the client application, call the static fields mLoadedApk's
Get method is passed to the Application object of the client application, to obtain LoadedApk pairs of the client application
The instruction of elephant.
For obtaining the instruction of the static fields mReceivers of the Class example of LoadedApk class.
For calling the get method of the static fields mReceivers, it is passed to the LoadedApk of the client application
Object, to obtain the instruction of the Event receiver of the client application.
The instruction for acting on behalf of altering event receiver in Event receiver for obtaining the client application.
It include the HTTP Proxy information in the agent property object for constructing the instruction of agent property object.
For using the instruction of the Intent object of agent property object described in the agent property object formation.
For calling the onRecevie method for acting on behalf of altering event receiver, it is passed to the agent property object
The instruction of Intent object.
Client application in the embodiment of the present invention can be the final application that can be installed on the subscriber terminal, can also be with
It is for developing the Software Development Kit of the final application (English: software development kit, abbreviation: SDK).
In general, the SDK is provided to each enterprise, the application for accessing respective vpn server is developed using this SDK by enterprise.
Since the SDK has included the program for realizing the embodiment of the present invention, as long as the general developing user interface of each enterprise, write-in
Final application can be completed in vpn server address etc., can simplify the process of each enterprise development final application.And due to this
SDK has included the program for realizing the embodiment of the present invention, when the final application comprising the SDK is run on the subscriber terminal,
Therefore the SDK is also regarded as client application by the scheme that the program provided by the SDK executes the embodiment of the present invention.
Through the above description of the embodiments, it is apparent to those skilled in the art that, for description
It is convenienct and succinct, only the example of the division of the above functional modules, in practical application, can according to need and will be upper
It states function distribution to be completed by different functional modules, i.e., the internal structure of device is divided into different functional modules, to complete
All or part of function described above.The specific work process of the system, apparatus, and unit of foregoing description, before can referring to
The corresponding process in embodiment of the method is stated, details are not described herein.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer readable storage medium.Based on this understanding, all or part of the invention can be with
It is expressed in the form of software products, which is stored in a storage medium, including some instructions are used
So that a computer equipment (can be personal computer, server or the network equipment etc.) or processor execute this hair
The all or part of the steps of bright each embodiment the method.And storage medium above-mentioned includes: USB flash drive (English: USB
Flash drive), mobile hard disk, read-only memory, random access memory, magnetic or disk etc. is various can store journey
The medium of sequence code.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
Those familiar with the art in the technical scope disclosed by the present invention, can easily think of the change or the replacement, and should all contain
Lid is within protection scope of the present invention.Therefore, protection scope of the present invention should be subject to the protection scope in claims.
Claims (6)
1. a kind of resource access method, which is characterized in that user terminal is equipped with client application, and the client application includes
WebView control and hypertext transfer protocol HTTP Proxy program, which comprises
Browser kernel in the WebView control of the client application obtains resource access request, and the resource access is asked
It include the uniform resource position mark URL of resource to be visited in asking;
The resource access request is carried out HTTP Proxy encapsulation by the browser kernel, obtains HTTP Proxy request, and to institute
It states HTTP Proxy program and sends the HTTP Proxy request;
The HTTP Proxy program obtains the resource access request in the HTTP Proxy request, and accesses the resource
Request encapsulation Virtual Private Network vpn tunneling head obtains VPN request message;
The user terminal sends the VPN request message to vpn server;
Before browser kernel in the WebView control of the client application obtains resource access request, the user is whole
It holds to the browser kernel and registers HTTP Proxy information, comprising:
Obtain the static fields mLoadedApk of the Application class of the client application;
The Application object for obtaining the client application calls the get method of the static fields mLoadedApk,
It is passed to the Application object of the client application, to obtain the LoadedApk object of the client application;
Obtain the static fields mReceivers of the Class example of LoadedApk class;
The get method for calling the static fields mReceivers is passed to the LoadedApk object of the client application, with
Obtain the Event receiver of the client application;
It obtains in the Event receiver of the client application and acts on behalf of altering event receiver;
Agent property object is constructed, includes the HTTP Proxy information in the agent property object;
Use the agent property object formation Intent object;
The onRecevie method for acting on behalf of altering event receiver is called, the Intent object is passed to.
2. the method according to claim 1, wherein sending the VPN to vpn server in the user terminal
After request message, the method also includes:
The user terminal receives the VPN response message that the vpn server is sent;
The HTTP Proxy program obtains the VPN response message, decapsulates the VPN response message to obtain HTTP Proxy and ring
It answers, and sends the HTTP Proxy response to the WebView control;
The browser kernel in the WebView control parses the HTTP Proxy response, obtains the resource to be visited.
3. method according to claim 1 or 2, which is characterized in that in the WebView control of the client application
Before browser kernel obtains resource access request, the method also includes:
The user terminal registers HTTP Proxy information to the browser kernel, and the HTTP Proxy information includes the HTTP
The transmission control protocol TCP port numbers of the Internet protocol IP address of broker program and the HTTP Proxy program;
Wherein, the IP address of the HTTP Proxy program is local host localhost.
4. a kind of user terminal, which is characterized in that the user terminal is equipped with client application, and the client application includes
WebView control and hypertext transfer protocol HTTP Proxy program, the user terminal include:
Processing unit obtains resource access for the browser kernel in the WebView control by the client application and asks
It asks, includes the uniform resource position mark URL of resource to be visited in the resource access request;By the browser kernel by institute
It states resource access request and carries out HTTP Proxy encapsulation, obtain HTTP Proxy request, and to described in HTTP Proxy program transmission
HTTP Proxy request;The resource access request in the HTTP Proxy request is obtained by the HTTP Proxy program, and
VPN request message is obtained to resource access request encapsulation Virtual Private Network vpn tunneling head;
Transmission unit, for sending the VPN request message to vpn server;
The processing unit, the browser kernel being also used in the WebView control by the client application obtain money
Before the access request of source, Xiang Suoshu browser kernel registers HTTP Proxy information, comprising:
Obtain the static fields mLoadedApk of the Application class of the client application;
The Application object for obtaining the client application calls the get method of the static fields mLoadedApk,
It is passed to the Application object of the client application, to obtain the LoadedApk object of the client application;
Obtain the static fields mReceivers of the Class example of LoadedApk class;
The get method for calling the static fields mReceivers is passed to the LoadedApk object of the client application, with
Obtain the Event receiver of the client application;
It obtains in the Event receiver of the client application and acts on behalf of altering event receiver;
Agent property object is constructed, includes the HTTP Proxy information in the agent property object;
Use the agent property object formation Intent object;
The onRecevie method for acting on behalf of altering event receiver is called, the Intent object is passed to.
5. user terminal according to claim 4, which is characterized in that the user terminal further include:
Receiving unit, for receiving the VPN after the transmission unit sends the VPN request message to vpn server
The VPN response message that server is sent;
The processing unit is also used to obtain the VPN response message by the HTTP Proxy program, decapsulates the VPN
Response message sends the HTTP Proxy response to the WebView control to obtain HTTP Proxy response;By described
The browser kernel in WebView control parses the HTTP Proxy response, obtains the resource to be visited.
6. user terminal according to claim 4 or 5, which is characterized in that the processing unit is also used to by described
Before browser kernel in the WebView control of client application obtains resource access request, Xiang Suoshu browser kernel note
Volume HTTP Proxy information, the HTTP Proxy information include the HTTP Proxy program Internet protocol IP address and the HTTP
The transmission control protocol TCP port numbers of broker program;
Wherein, the IP address of the HTTP Proxy program is local host localhost.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510018557.2A CN105847312B (en) | 2015-01-14 | 2015-01-14 | A kind of resource access method and user terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510018557.2A CN105847312B (en) | 2015-01-14 | 2015-01-14 | A kind of resource access method and user terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105847312A CN105847312A (en) | 2016-08-10 |
| CN105847312B true CN105847312B (en) | 2019-05-10 |
Family
ID=56580739
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510018557.2A Active CN105847312B (en) | 2015-01-14 | 2015-01-14 | A kind of resource access method and user terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105847312B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105991568A (en) * | 2015-02-09 | 2016-10-05 | 苏州精易会信息技术有限公司 | Proxy realizing device |
| CN106452896A (en) * | 2016-11-01 | 2017-02-22 | 赛尔网络有限公司 | Method and system for realizing virtual special network platform |
| CN108156210B (en) * | 2016-12-06 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Target resource acquisition method and device |
| CN106789535B (en) * | 2016-12-29 | 2019-12-06 | 杭州迪普科技股份有限公司 | IP access method and device of SSL VPN |
| CN108965203B (en) * | 2017-05-18 | 2020-12-29 | 腾讯科技(深圳)有限公司 | Resource access method and server |
| CN109802925B (en) * | 2017-11-17 | 2021-10-29 | 阿里巴巴(中国)有限公司 | Authentication method and system for public WiFi access |
| CN110769020B (en) * | 2018-07-28 | 2022-04-08 | 阿里巴巴集团控股有限公司 | Resource request processing method, device, equipment and system |
| CN109299423A (en) * | 2018-10-30 | 2019-02-01 | 中译语通科技股份有限公司 | A method of obtaining network data |
| CN109462589B (en) * | 2018-11-13 | 2021-08-24 | 北京天融信网络安全技术有限公司 | Method, device and equipment for controlling network access of application program |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2226988A1 (en) * | 2009-03-03 | 2010-09-08 | NEC Corporation | Method for accessing to local resources of a client terminal in a client/server architecture |
| CN102436391A (en) * | 2010-09-29 | 2012-05-02 | 卓望数码技术(深圳)有限公司 | Android WebKit control method and system |
| CN103065078A (en) * | 2013-01-04 | 2013-04-24 | 无锡矽鼎科技有限公司 | Method of loading client certificate for Android system by OpenSSL engine |
| CN103067417A (en) * | 2011-10-19 | 2013-04-24 | 华耀(中国)科技有限公司 | Web service mapping method and system of security agent in virtual private network (VPN) |
| CN103873491A (en) * | 2012-12-07 | 2014-06-18 | 华耀(中国)科技有限公司 | VPN safe browser system and setting method |
-
2015
- 2015-01-14 CN CN201510018557.2A patent/CN105847312B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2226988A1 (en) * | 2009-03-03 | 2010-09-08 | NEC Corporation | Method for accessing to local resources of a client terminal in a client/server architecture |
| CN102436391A (en) * | 2010-09-29 | 2012-05-02 | 卓望数码技术(深圳)有限公司 | Android WebKit control method and system |
| CN103067417A (en) * | 2011-10-19 | 2013-04-24 | 华耀(中国)科技有限公司 | Web service mapping method and system of security agent in virtual private network (VPN) |
| CN103873491A (en) * | 2012-12-07 | 2014-06-18 | 华耀(中国)科技有限公司 | VPN safe browser system and setting method |
| CN103065078A (en) * | 2013-01-04 | 2013-04-24 | 无锡矽鼎科技有限公司 | Method of loading client certificate for Android system by OpenSSL engine |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105847312A (en) | 2016-08-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105847312B (en) | A kind of resource access method and user terminal | |
| CN104580192B (en) | The treating method and apparatus of the network access request of application program | |
| CN104754030A (en) | User information obtaining method and device | |
| CN104796396A (en) | Network proxy layer for policy-based application proxies | |
| CN101262478A (en) | Method and device for penetrating NAT | |
| CN103384993B (en) | The reorientation method of user equipment access webpage, gateway and server | |
| CN104219125B (en) | The method, apparatus and system to be E-Packeted centered on information in network ICN | |
| US8171541B2 (en) | Enabling provider network inter-working with mobile access | |
| CN108401037A (en) | User terminal and the binding method of equipment, device and system | |
| CN106790098A (en) | A kind of IPv4/IPv6 intercommunicating systems based on HTTP ALG Yu NAT64 technologies | |
| CN107659485A (en) | A kind of method and device of equipment and server communication in VPN VPN | |
| CN107508907A (en) | A kind of data transmission method and device | |
| CN102783119A (en) | Access control method and system, and access terminal | |
| CN102845123A (en) | Virtual private cloud connection method and tunnel proxy server | |
| CN108156210A (en) | The acquisition methods and device of target resource | |
| CN105577632A (en) | Secure network access method based on network isolation and terminal | |
| CN105556932B (en) | The method and apparatus for enabling mobile application to obtain MAC Address to obtain location information | |
| CN107463453A (en) | Method, apparatus, equipment and the storage medium to be communicated between same terminal different application | |
| CN102752411A (en) | Redirection method and device | |
| CN105450585A (en) | Information transmission method and device | |
| CN107872548A (en) | Web page interlinkage method, apparatus and readable storage medium storing program for executing | |
| CN105324961B (en) | Gre tunneling implementation method, access point and gateway | |
| CN101378407B (en) | Method, system and equipment for pushing information | |
| US10225358B2 (en) | Page push method, device, server and system | |
| CN103634396A (en) | Method, gateway equipment and system for accessing intranet webpage service data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |