CN106713300A - WEBDAV (Web-based Distributed Authoring and Versioning) based general file sharing system and method - Google Patents
WEBDAV (Web-based Distributed Authoring and Versioning) based general file sharing system and method Download PDFInfo
- Publication number
- CN106713300A CN106713300A CN201611168171.0A CN201611168171A CN106713300A CN 106713300 A CN106713300 A CN 106713300A CN 201611168171 A CN201611168171 A CN 201611168171A CN 106713300 A CN106713300 A CN 106713300A
- Authority
- CN
- China
- Prior art keywords
- client
- service end
- shared
- file
- hash value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1095—Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a system and a method for sharing files on the network, and particularly relates to a WEBDAV (Web-based Distributed Authoring and Versioning) based file sharing system and method. The system comprises a server and a plurality of clients, and is characterized in that the server comprises a desktop configuration unit, a configuration execution unit and s sharing unit, wherein the desktop configuration unit configures parameters related with the access authority of a client to be accessed and the operation authority of a file to be shared by adopting a visual desktop operating mode; the configuration execution unit executes the parameters configured by the desktop configuration unit; and one or more catalogs to be shared at the server are added to the sharing unit according to the parameters configured by the desktop configuration unit so as to share the one or more catalogs to the plurality of clients. Each client comprises an access unit, and access to the shared catalogs according to the access authority. According to the invention, shared files and clients allowed to access can be directly added at the desktop of the server, and the operation authority of each client for the shared files is configured, so that the convenience is improved.
Description
Technical field
The present invention relates to a kind of system and method for sharing file on the network, more particularly to a kind of text based on WEBDAV
Part shared system and method.
Background technology
WebDAV (Web-based Distributed Authoring and Versioning, the distribution based on Web
Creation and Version Control) it is a kind of communication protocol based on http1.1 agreements.It extends http1.1, get, post,
Some new methods are with the addition of beyond several http standard methods such as head, application program is directly read Web Server
Write, and support that written document locks (Locking) and unblock (Unlock), the Version Control of file can also be supported.
In the earlier network world, transmission of the file data between different main frames is transmitted using ftp.
But, the problem for being existed using ftp transmission archives is cannot directly to change the file data above main frame.That is you want
Change Linux main frames on certain archives when, it is necessary to from Server ends the archives are locally downloading after could change, also therefore
The archives can all exist in service end and client.
People need a kind of network file-sharing, but need shared service again with synchronous function.As micro-
Soft CIFS (Common Internet File System, universal network file system), after enabling the service, other
Windows main frames can find that this is shared in People Near Me, then the operating shared resource as operation local file, but it
Can only be used on Windows.
CIFS, NFS (Network File System, network that file-sharing mode known to current linux system has
File system), WebDAV.But using these sharing modes, it is necessary to manually boot and configuration server, manage it is not convenient enough,
Intuitively.The configuration of Samba (Server Messages Block, information service block) and NFS on the other hand, under CIFS and NFS
File is all very huge, but user needs many configuration items such as configuration work catalogue, resource name, user, authority, configuration compared with
It is complexity.
The content of the invention
The above mentioned problem that file-sharing for current linux system is present, the present invention provides a kind of based on WebDAV's
General file sharing method.
The technical proposal for solving the technical problem of the invention is:
A kind of general file shared system based on WebDAV, is applied in Linux system, including:
Service end and multiple client, the service end are connected with multiple client remotes respectively;
The service end includes:
Desktop dispensing unit, for configuring the client with wanted access service end using visual desktop operated mode
The access rights parameter relevant with the operating right of the file to be shared, and the parameter is stored to a memory cell
In;
Configuration execution unit, the configuration execution unit is connected with the desktop dispensing unit and the memory cell, holds
The parameter that the row desktop dispensing unit is configured;
Shared cell, the shared cell is connected with the desktop dispensing unit and the configuration execution unit, according to institute
The parameter of desktop configuration of described dispensing unit is stated, one or more files that will be shared in the service end are added to the shared list
Unit, shares with to multiple client;
The client includes:
Access unit, the access unit is connected with the shared cell, and the client is accessed altogether according to access rights
The file enjoyed.
Preferably, the service end also includes:
Authentication unit, the authentication unit is connected with the desktop dispensing unit and the shared cell, for client
Before first time accesses the shared cell, the information according to the client carries out safety certification to the client, and
Allow to access the service end by the client of the safety certification;
Whether the authentication unit first determined whether the client before the safety certification is carried out to the client
Pass through certification, and client to passing through certification is no longer authenticated, and directly allows the client to access described
Service end.
Preferably, the authentication unit includes:
Encrypting module, in advance from the service end obtain saved and the unverified client client
Information, and be encrypted according to the client-side information, to produce one first Hash Value;
Matching module, the matching module is connected with the encrypting module, and the client of certification is needed for obtaining
The client-side information, and produce one second Hash Value;
The matching module is additionally operable to be compared first Hash Value with second Hash Value:
When second Hash Value is identical with first Hash Value, the authentication unit judges the client certificate
Success;
When second Hash Value is differed with first Hash Value, the authentication unit judges that the client is recognized
Card failure.
Preferably, the client-side information includes the corresponding username information of the client, the domain of the client
Name information and the corresponding encrypted message of the username information;
Client-side information encryption is produced first Hash Value and the by the encrypting module using md5 encryption mode
Two Hash Values.
Preferably, also including the rights management unit being connected with the authentication unit and the desktop dispensing unit respectively,
The rights management unit includes:
Memory module, stores information of each described client to the operating right of the service end,
Priority assignation module, the priority assignation module is connected with the memory module, for receiving the desktop configuration
The information of the operating right to the client of unit configuration, and the information of the operating right for receiving is stored in described
In memory module;
Authority acquiring module, the authority acquiring module connects with the memory module and the priority assignation module respectively
Connect, the authority acquiring module obtains the client letter that request accesses the client of the service end from the service end
Breath, and the information for obtaining and assigning the corresponding operating right of the client is searched from the memory module.
A kind of general file sharing method of the general file shared system based on above-mentioned WebDAV, is applied to linux
System, including:Service end and multiple client, the service end are connected with multiple client remotes respectively;
Step 1, service end configures the visit with the client at wanted access service end using visual desktop operated mode
Ask authority the parameter relevant with the operating right of the file to be shared, and preserve the parameter;
Step 2, performs configured parameter;
Step 3, according to configuration parameter, add one or more for share file to the service end, with to many
Individual client is shared;
Wherein, the client accesses shared file according to the access rights of configuration.
Preferably, before the client accesses shared file according to the access rights of configuration, also include:
Step S1, the service end judges whether the client is to access the service end for the first time, when judging
It is when accessing the service end for the first time, to perform step S2 to state client, otherwise performs step S3;
Step S2, the service end is authenticated interacting with the client, and service end is submitted to according to the client
Information carries out safety certification to it,
When the client is by the safety certification, it is allowed to which the client accesses the service end, and preservation should
The client-side information;
When the client is not by the safety certification, forbid accessing the service end;
Step S3, the service end allows the direct access service end of client by the safety certification, without
Safety certification is carried out again.
Preferably, the method for the safety certification in the step S2 includes:
Step S21, in advance from the service end obtain saved and the unverified client client
Information, and one first Hash Value is generated according to the information of the client;
Step S22, the client-side information of the client for needing certification is obtained from the client, and is produced
One second Hash Value;
Step S23, first Hash Value is compared with second Hash Value:
When second Hash Value is identical with first Hash Value, the client certificate success;
When second Hash Value is differed with first Hash Value, the client certificate failure.
Preferably, the client-side information generation digest authentication data in the step S21 are stored in the service end.
Preferably, after step S2 or S3, also include:
Step A, the service end receives the operation requests of file of the client to sharing;
Step B, operating right of the saved client to the shared file is read from the service end
Parameter;
Step C, the parameter operation response corresponding to the client executing according to the operating right for reading.
Beneficial effects of the present invention:Shared file can be directly added or update in the visual desktop of service end, add
Plus the client of access service end shared file is allowed, and configure operating right of each client to shared file.This hair
It is bright to substantially increase the convenience for accessing shared resource, under the linux platforms, shared text is just may have access to by web browser
Part, it is not necessary to install extra instrument.And the maturity of agreement is used based on it, improve shared service stability and
Security;User under linux platforms can eliminate the reliance on order line and config option to start shared service, simpler straight
See.
Brief description of the drawings
Fig. 1 is a kind of system block diagram of general file shared system based on WEBDAV of the invention;
Fig. 2 is the system block diagram of the authentication unit of system;
Fig. 3 is the system block diagram of the rights management unit of system;
Fig. 4 is a kind of flow chart of general file sharing method based on WEBDAV of the invention;
Fig. 5 is the flow chart that client access service end carries out safety certification;
Fig. 6 is the method flow diagram of safety certification in Fig. 5;
Fig. 7 be client after safety certification is carried out, client request is to the flow chart that is operated of file shared;
Fig. 8 is the business process map of service end.
Specific embodiment
The invention will be further described with specific embodiment below in conjunction with the accompanying drawings, but not as limiting to the invention.
The core of the present invention program is used webdav agreements, and webdav agreements are the communication protocol based on http,
Corresponding extension has been done on the basis of http.
As shown in figure 1, a kind of general file shared system based on WebDAV of the invention, is applied in Linux system,
Including:Service end 1 and multiple client 2 (being illustrated only with a client 2 in Fig. 1), service end 1 respectively with multiple
Client 2 is remotely connected;
Service end 1 includes:
Desktop dispensing unit 11, for configuring the visitor with wanted access service end 1 using visual desktop operated mode
The access rights at family end 2 parameter relevant with the operating right of the file to be shared, and parameter is stored to a memory cell
In 16;
Configuration execution unit 12, configuration execution unit 12 is connected with desktop dispensing unit 11 and memory cell 16, performs table
The parameter that face dispensing unit 11 is configured;
Shared cell 13, shared cell 13 is connected with desktop dispensing unit 11 and configuration execution unit 12, is matched somebody with somebody according to desktop
The parameter of the configuration of unit 11 is put, one or more catalogues that will be shared in service end 1 are added to shared cell 13, with to multiple
Client 2 is shared;
Client 2 includes:
Access unit 21, access unit 21 is connected with shared cell 13, and client 2 accesses shared mesh according to access rights
Record.
In the above-described embodiments, it is possible to achieve a kind of puppy parc, platform-independent, support multiple user authentications and authority
Grade, configurable file-sharing service.User terminal can visual KDE (Kool Desktop Environment,
K desktop environments) desktop dispensing unit 11 times completes matching somebody with somebody for operating right to the access rights of client 2 and shared file etc
Put, configuration execution unit 12 performs the parameter of configuration;Shared cell 13 will configure the file-sharing to be shared to service end 1,
Shared service is provided with for each client 2.Compared with conventional method, the startup and configuration of service end 1 are without relying on behaviour manually
Make, for the user that get used to graphic user interface, resource with the advantage in experience and shared can be based on matching somebody with somebody
File is put to be managed, it is convenient, directly perceived.
The preferred embodiment of the present invention, service end 1 also includes:
Authentication unit 14, authentication unit 14 is connected with desktop dispensing unit 11 and shared cell 13, for client 2
Before once accessing shared cell 13, the information according to client 2 carries out safety certification to client 2, and allows by safety
The access service end 1 of client 2 of certification;
Authentication unit 14 first determined whether whether client 2 passes through and recognizes before safety certification is carried out to client 2
Card, and client 2 to passing through certification is no longer authenticated, directly permission client 2 access service end 1.
Client 2 needs through safety certification access when shared file is accessed.Accessed for the first time in client 2
Before service end 1, keeper needs to configure the information of the client 2 for allowing access service end 1 in service end 1, so as to client
End 2 carries out safety certification at first time access service end 1 for service end 1, prevents the client 2 of malice from distorting or attacking clothes
Business end 1.When first time access service end 1 client 2 through safety certification after, service end 1 can preserve the client 2 and visit
The record of service end 1 was asked, when the next access service end 1 of the client 2, service end 1 will recognise that this had accessed clothes
The client 2 at business end 1, so that its direct access is allowed, without carrying out safety certification again.This mode simplifies safety certification
Flow, accelerate the time at the access service end 1 of client 2.
As shown in Fig. 2 the preferred embodiment of the present invention, authentication unit 14 includes:
Encrypting module 141, acquisition has been saved and the client 2 of unverified client 2 is believed from service end 1 in advance
Breath, and be encrypted according to the information of client 2, to produce one first Hash Value;
Matching module 142, matching module 142 is connected with encrypting module 141, and the client 2 of certification is needed for obtaining
The information of client 2 simultaneously produces one second Hash Value;
Matching module 142 is additionally operable to be compared the first Hash Value with the second Hash Value:
When the second Hash Value is identical with the first Hash Value, authentication unit 14 judges the certification of client 2 success;
When the second Hash Value and the first Hash Value are differed, authentication unit 14 judges the authentification failure of client 2.
The preferred embodiment of the present invention, the information of client 2 includes the corresponding username information of client 2, client 2
Domain-name information and the corresponding encrypted message of username information;
The encryption of the information of client 2 is produced the first Hash Value by encrypting module 141 using md5 cipher modes.
The present invention is using the security authentication mechanism based on md5.It is to believe the corresponding username information of client 2, domain name
Breath encrypted message corresponding with the user name after md5 encryptions by producing 32 Hash Values for code that can not be cracked.
Before client 2 first time access service end 1, keeper is configured with the unverified information of client 2 in service end 1, service
Device end generates the file of a digest authentication data according to the information of the client 2.Server end reads the summary on startup
The file of authentication data, initializes digest authentication data, and encrypted by md5 according to the digest authentication data of the client 2
After generate the first Hash Value.When client 2 sends the request message for representing the file in accessing share directory to service end 1
(parameter of the multiple client 2 such as user name, domain name, present value, response comprising client 2 in the message header of the message)
When, service end 1 by these parameters by calculating second Hash Value after md5 encryptions, first Hash Value and the second hash
Value is compared, and certification success, otherwise authentification failure are represented when both are identical.Service end 1 does not allow the client of authentification failure
Hold 2 access service ends 1.
As shown in figures 1 and 3, the preferred embodiment of the present invention, also including being configured with authentication unit 14 and desktop respectively
The rights management unit 15 of the connection of unit 11, rights management unit 15 includes:
Memory module 151, stores information of each client 2 to the operating right of service end 1,
Priority assignation module 152, priority assignation module 152 is connected with memory module 151, for receiving desktop dispensing unit
The information of the operating right to client 2 of 11 configurations, and the information of the operating right of reception is stored in memory module 151
In;
Authority acquiring module 153, authority acquiring module 153 connects with memory module 151 and priority assignation module 152 respectively
Connect, authority acquiring module 153 obtains the information of client 2 of the client 2 at request access service end 1 from service end 1, and from storage
The information for obtaining and assigning the corresponding operating right of client 2 is searched in module 151.
2 pairs of operating rights of shared file of each client, the behaviour are configured and kept in priority assignation module 152
Make the storage of information of authority similar to Hash table.When client 2 through safety certification after, send to the shared file behaviour
When asking, it is shared that authority acquiring module 153 can search the client 2 pairs from the file of connected memory cell 16
The operating right that file has, then service end 1 assign the corresponding operating right of client 2.As shown in figure 8, client 2
Operating right to service end 1 includes write permission and read right, any all to have reading to weigh with the client 2 at access service end 1
Limit.And the write operations such as PUT, MOVE, DELETE are carried out to the file shared, client 2 needs to meet write permission.Therefore, take
Business end 1 can judge whether the client 2 has write permission, if user does not have when this kind of request message that client 2 sends is processed
Write permission, then refuse.Final service end 1 can be sent to 2 one message of carrying response contents of client.
Additionally, shared file can be accessed in the present invention in the web browser of client 2, because WebDAV is one
The server of individual http agreements, it can access WebDAV servers by the integrated function of file browser.Different are shared
File, keeper can set the access rights of different clients 2 in the desktop dispensing unit 11 of service end 1, and this is visited
Ask that the information of authority is stored in the file of memory cell 16, wherein the information can be stored as digest authentication data.When service end 1
Receive when the accessing the message of shared file of the transmission of access unit 21 of client 2, the authentication unit 14 in service end 1
The access of the client 2 can be searched into this document at any time, then perform corresponding response.
When client 2 needs to carry out write operation to the file shared, the rights management unit 15 of service end 1 is needed from this
Search whether the client 2 has the authority of write operation in the file of digest authentication data, when without write permission, refusal should
The response of the write operation of client 2.Rights management based on authentication management, it is necessary to client before shared file is accessed
End 2 is authenticated, and without the client 2 of safety certification necessarily without access rights, the client 2 of certification is then according to asking
The path and the corresponding authority for distributing to the client 2 asked conduct interviews limitation.This mode ensure that shared file
Safety, prevents from being distorted by the client 2 of malice.
A kind of general file sharing method of the general file shared system based on above-mentioned WebDAV, is applied to linux systems
System, including:Service end 1 and multiple client 2, service end 1 are remotely connected with multiple client 2 respectively;As shown in Figure 4:
Step 1, service end 1 is configured and the client 2 at wanted access service end 1 using visual desktop operated mode
The access rights parameter relevant with the operating right of the file to be shared, and preserve parameter;
Step 2, performs configured parameter;
Step 3, according to the parameter of configuration, add one or more for share file to service end 1, with to multiple objective
Shared at family end 2;
Wherein, client 2 accesses shared file according to the access rights of configuration.
The preferred embodiment of the present invention, before client 2 accesses shared file according to the access rights of configuration, such as
Shown in Fig. 5, also include:
Step S1, service end 1 judges whether client 2 is first time access service end 1, when judging that client 2 is
During access service end 1, step S2 is performed, otherwise perform step S3;
Step S2, service end 1 is authenticated interacting with client 2, and the information that service end 1 is submitted to according to client 2 is to it
Carry out safety certification,
When client 2 through safety certification when, it is allowed to the access service end 1 of client 2, and preserve the information of client 2;
When client 2 not through safety certification when, forbid access service end 1;
Step S3, service end 1 allows the direct access service end 1 of client 2 through safety certification, without entering again
Row safety certification.
In this embodiment, whether service end 1 first determined whether client 2 before safety certification is carried out to client 2
Through by certification, and will be stored in service end 1 by the information of client 2 of certification, directly access convenient next time.And for
No longer it is authenticated through the client 2 by certification, directly allows the access service end 1 of client 2.
The preferred embodiment of the present invention, as shown in fig. 6, the method for the safety certification in step S2 includes:
Step S21, in advance from service end 1 obtain saved and unverified client 2 the information of client 2,
And one first Hash Value is generated according to the information of client 2;
Step S22, the information of client 2 of the client 2 for needing certification is obtained from client 2, and generation one second is miscellaneous
Gather value;
Step S23, the first Hash Value is compared with the second Hash Value:
When the second Hash Value is identical with the first Hash Value, the certification of client 2 success;
When the second Hash Value and the first Hash Value are differed, the authentification failure of client 2.
The information of client 2 generation digest authentication data in step S21 are stored in clothes by the preferred embodiment of the present invention
In business end 1.
The information of client 2 generation digest authentication data are stored in service end 1, convenient service end 1 adds automatically when starting
The information of client 2 is carried, and without the information of manual loading client 2 on the server.
The preferred embodiment of the present invention, as shown in fig. 7, after step S2 or S3, also including:
Step A, service end 1 receives 2 pairs of operation requests of shared file of client;
Step B, 2 pairs of parameters of the operating right of shared file of saved client are read from service end 1;
Step C, the parameter according to the operating right for reading performs corresponding operation response to client 2.
Client 2 only through safety certification could send operation requests to service end 1.Client through safety certification
End 2 can send read operation request or write operation requests to service end 1.The operating right of different operation requests is in service
The configuration of end 1 is finished.Therefore, when service end 1 receives the operation requests of shared file to be operated, service end 1 can be from configuring
Operating right parameter file in search operating right of the client 2 to different sharing file, and by the operating right
Client 2 is given to be performed.
In embodiment shown in Fig. 8, service end 1 can monitor the port of configuration parameter after opening.When it receives client 2
A message flow is begun to after request.Active client 2 can ask GET, PROPFIND, PUT, MOVE, DELETE,
PROPPATCH, MKCOL, LOCK, UNLOCK etc. are operated, and wherein PUT, MOVE, DELETE operation requirement client 2 have writes power
Limit.Before the operation is performed, the access rights of file of the service end 1 firstly the need of identifying user to sharing.Visited for first time
The client 2 of service end 1 is asked, service end 1 can send Authentication Response to client 2, its access rights is verified;If authentication
Success, that is, safety certification success, then can perform read operation, and whether executable write operation is, it is necessary to service end 1 is from saving
The executable operation of 2 pairs of shared files of the client is searched in the file of authority information, if this document describes the client 2
Write operation can be carried out to this document, then can perform PUT, MOVE, DELETE operation, cannot otherwise perform write operation.If client
2 failed authentications are held, then refuses its access.For the client 2 at non-first time access service end 1, when client 2 asks to visit again
When asking service end 1, service end 1 can identify the client 2 according to session control (session), then directly receive the client
The access request at end 2.Final service end 1 can return to whether client 2 one allows to perform the message for operating, and be taken in the message
Content with response.
The present invention substantially increases the convenience for accessing shared resource, any client 2 based on the platform, as long as there is net
Network browser just may have access to shared resource, without installing extra instrument;The maturity of agreement is used based on it, is improved
The stability and security of shared service;User under linux can eliminate the reliance on order line and config option to start altogether
The service of enjoying, more simple, intuitive.
Preferred embodiments of the present invention are the foregoing is only, embodiments of the present invention and protection model is not thereby limited
Enclose, to those skilled in the art, should can appreciate that what all utilization description of the invention and diagramatic content were made
Scheme obtained by equivalent and obvious change, should be included in protection scope of the present invention.
Claims (10)
1. a kind of general file shared system based on WebDAV, is applied in Linux system, it is characterised in that including:
Service end and multiple client, the service end are connected with multiple client remotes respectively;
The service end includes:
Desktop dispensing unit, for configuring the visit with the client at wanted access service end using visual desktop operated mode
Ask authority the parameter relevant with the operating right of the file to be shared, and the parameter is stored into a memory cell;
Configuration execution unit, the configuration execution unit is connected with the desktop dispensing unit and the memory cell, performs institute
State the parameter that desktop dispensing unit is configured;
Shared cell, the shared cell is connected with the desktop dispensing unit and the configuration execution unit, according to the table
The parameter of face configuration of described dispensing unit, one or more files that will be shared in the service end are added to the shared cell,
Shared with to multiple client;
The client includes:
Access unit, the access unit is connected with the shared cell, and the client accesses what is shared according to access rights
File.
2. the general file shared system based on WebDAV according to claim 1, it is characterised in that the service end is also
Including:
Authentication unit, the authentication unit is connected with the desktop dispensing unit and the shared cell, for client
Before once accessing the shared cell, the information according to the client carries out safety certification to the client, and allows
The service end is accessed by the client of the safety certification;
Whether the authentication unit first determined whether the client before the safety certification is carried out to the client
By certification, and client to passing through certification is no longer authenticated, and directly allows the client to access the service
End.
3. the general file shared system based on WebDAV according to claim 2, it is characterised in that the authentication unit
Including:
Encrypting module, acquisition has been saved and the client of the unverified client is believed from the service end in advance
Breath, and be encrypted according to the client-side information, to produce one first Hash Value;
Matching module, the matching module is connected with the encrypting module, the institute for obtaining the client for needing certification
Client-side information is stated, and produces one second Hash Value;
The matching module is additionally operable to be compared first Hash Value with second Hash Value:
When second Hash Value is identical with first Hash Value, the authentication unit judge the client certificate into
Work(;
When second Hash Value is differed with first Hash Value, the authentication unit judges that the client certificate loses
Lose.
4. the general file shared system based on WebDAV according to claim 3, it is characterised in that the client letter
Breath includes the corresponding username information of the client, the domain-name information of the client and username information correspondence
Encrypted message;
The encrypting module is miscellaneous by client-side information encryption generation first Hash Value and second using md5 encryption mode
Gather value.
5. the general file shared system based on WebDAV according to claim 1, it is characterised in that also including respectively with
The authentication unit and the rights management unit of desktop dispensing unit connection, the rights management unit include:
Memory module, stores information of each described client to the operating right of the service end,
Priority assignation module, the priority assignation module is connected with the memory module, for receiving the desktop dispensing unit
The information of the operating right to the client of configuration, and the information of the operating right for receiving is stored in the storage
In module;
Authority acquiring module, the authority acquiring module is connected with the memory module and the priority assignation module respectively, institute
State authority acquiring module and obtain the client-side information that request accesses the client of the service end from the service end, and from
The information for obtaining and assigning the corresponding operating right of the client is searched in the memory module.
6. a kind of general file sharing method based on WebDAV, is applied to Linux system, it is characterised in that including:Service end
And multiple client, the service end is connected with multiple client remotes respectively;
Step 1, service end configures the access right with the client at wanted access service end using visual desktop operated mode
The limit parameter relevant with the operating right of the file to be shared, and preserve the parameter;
Step 2, performs configured parameter;
Step 3, according to the parameter of configuration, add one or more for share file to the service end, with to multiple objective
Shared at family end;
Wherein, the client accesses shared file according to the access rights of configuration.
7. the file sharing method of the general file shared system of WebDAV according to claim 6, it is characterised in that
Before the client accesses shared file according to the access rights of configuration, also include:
Step S1, the service end judges whether the client is to access the service end for the first time, when judging the visitor
Family end is when accessing the service end for the first time, to perform step S2, otherwise performs step S3;
Step S2, the service end is authenticated interacting with the client, the information that service end is submitted to according to the client
Safety certification is carried out to it,
When the client is by the safety certification, it is allowed to which the client accesses the service end, and it is described to preserve this
Client-side information;
When the client is not by the safety certification, forbid accessing the service end;
Step S3, the service end allows the direct access service end of client by the safety certification, without again
Carry out safety certification.
8. the file sharing method of the general file shared system of WebDAV according to claim 7, it is characterised in that institute
The method for stating the safety certification in step S2 includes:
Step S21, in advance from the service end obtain saved and the unverified client client-side information,
And one first Hash Value is generated according to the information of the client;
Step S22, the client-side information of the client for needing certification is obtained from the client, and produce one the
Two Hash Values;
Step S23, first Hash Value is compared with second Hash Value:
When second Hash Value is identical with first Hash Value, the client certificate success;
When second Hash Value is differed with first Hash Value, the client certificate failure.
9. the file sharing method of the general file shared system of WebDAV according to claim 8, it is characterised in that will
Client-side information generation digest authentication data in the step S21 are stored in the service end.
10. the file sharing method of the general file shared system of WebDAV according to claim 7, it is characterised in that
After step S2 or S3, also include:
Step A, the service end receives the operation requests of file of the client to sharing;
Step B, the ginseng of operating right of the saved client to the shared file is read from the service end
Number;
Step C, the parameter operation response corresponding to the client executing according to the operating right for reading.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611168171.0A CN106713300A (en) | 2016-12-16 | 2016-12-16 | WEBDAV (Web-based Distributed Authoring and Versioning) based general file sharing system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611168171.0A CN106713300A (en) | 2016-12-16 | 2016-12-16 | WEBDAV (Web-based Distributed Authoring and Versioning) based general file sharing system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106713300A true CN106713300A (en) | 2017-05-24 |
Family
ID=58939038
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611168171.0A Pending CN106713300A (en) | 2016-12-16 | 2016-12-16 | WEBDAV (Web-based Distributed Authoring and Versioning) based general file sharing system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106713300A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108366085A (en) * | 2017-12-01 | 2018-08-03 | 孔朝晖 | Support the cloud system of desktop file synchronization coordination sharing |
| CN110233830A (en) * | 2019-05-20 | 2019-09-13 | 中国银行股份有限公司 | Domain name identification and domain name identification model generation method, device and storage medium |
| CN112711385A (en) * | 2021-01-07 | 2021-04-27 | 苏州云智谷显示科技有限公司 | Household private shared storage display system |
| CN113282953A (en) * | 2021-05-14 | 2021-08-20 | 山东英信计算机技术有限公司 | Samba sharing authority authentication method, system, terminal and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7873765B1 (en) * | 2005-03-31 | 2011-01-18 | Google, Inc. | Method and system for detection of peripheral devices and communication of related devices |
| CN104683453A (en) * | 2015-02-10 | 2015-06-03 | 西安理工大学 | Family affection sharing system of photos, videos and congratulation cards based on cloud platform |
| CN104767732A (en) * | 2015-03-18 | 2015-07-08 | 深圳市杰和科技发展有限公司 | File sharing permission control method suitable for Linux server |
| CN105471945A (en) * | 2014-09-04 | 2016-04-06 | 中国石油化工股份有限公司 | Application method of cloud storage in seismic integrated interpretation |
| CN105468643A (en) * | 2014-09-09 | 2016-04-06 | 博雅网络游戏开发(深圳)有限公司 | Distributed file system access method and system |
-
2016
- 2016-12-16 CN CN201611168171.0A patent/CN106713300A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7873765B1 (en) * | 2005-03-31 | 2011-01-18 | Google, Inc. | Method and system for detection of peripheral devices and communication of related devices |
| CN105471945A (en) * | 2014-09-04 | 2016-04-06 | 中国石油化工股份有限公司 | Application method of cloud storage in seismic integrated interpretation |
| CN105468643A (en) * | 2014-09-09 | 2016-04-06 | 博雅网络游戏开发(深圳)有限公司 | Distributed file system access method and system |
| CN104683453A (en) * | 2015-02-10 | 2015-06-03 | 西安理工大学 | Family affection sharing system of photos, videos and congratulation cards based on cloud platform |
| CN104767732A (en) * | 2015-03-18 | 2015-07-08 | 深圳市杰和科技发展有限公司 | File sharing permission control method suitable for Linux server |
Non-Patent Citations (2)
| Title |
|---|
| 孙志敏: "于多种通信方式的远程文件传输系统的设计与实现", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
| 孟显英: "一种在Ubuntu下基于Apache的SVN管理工具的构建方法", 《电脑知识与技术》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108366085A (en) * | 2017-12-01 | 2018-08-03 | 孔朝晖 | Support the cloud system of desktop file synchronization coordination sharing |
| CN110233830A (en) * | 2019-05-20 | 2019-09-13 | 中国银行股份有限公司 | Domain name identification and domain name identification model generation method, device and storage medium |
| CN112711385A (en) * | 2021-01-07 | 2021-04-27 | 苏州云智谷显示科技有限公司 | Household private shared storage display system |
| CN113282953A (en) * | 2021-05-14 | 2021-08-20 | 山东英信计算机技术有限公司 | Samba sharing authority authentication method, system, terminal and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8326981B2 (en) | Method and system for providing secure access to private networks | |
| US7877440B2 (en) | Web resource request processing | |
| CN100511203C (en) | Database access control method, database access controller, agent processing server | |
| US8117344B2 (en) | Global server for authenticating access to remote services | |
| EP1442580B1 (en) | Method and system for providing secure access to resources on private networks | |
| US6029247A (en) | Method and apparatus for transmitting secured data | |
| US7278021B2 (en) | Information processing device, information processing system, authentication method, storage medium and program | |
| CN109165500B (en) | Single sign-on authentication system and method based on cross-domain technology | |
| CN109558721A (en) | The Secure Single Sign-on and conditional access of client application | |
| CN108011862A (en) | The mandate of mirror image warehouse, access, management method and server and client side | |
| JP2022508899A (en) | Container builder for personalized network services | |
| US20060173810A1 (en) | Controlling access to a database using database internal and external authorization information | |
| US20090300168A1 (en) | Device-specific identity | |
| CN105516110A (en) | Mobile equipment secure data transmission method | |
| CN106713300A (en) | WEBDAV (Web-based Distributed Authoring and Versioning) based general file sharing system and method | |
| CN105450750A (en) | Secure interaction method for intelligent terminal | |
| CN101986598A (en) | Authentication method, server and system | |
| JP2003122635A (en) | Access right control system | |
| JP2002189646A (en) | Repeating installation | |
| CN104813607B (en) | The two-level access control method and apparatus based on electronic collection for dedicated network | |
| US20180227297A1 (en) | Enterprise key and password management system | |
| US20030163707A1 (en) | Information management apparatus and method | |
| CN112417403B (en) | Automatic system authentication and authorization processing method based on GitLab API | |
| WO2011022813A1 (en) | System and method for remotely accessing and controlling a networked computer | |
| JP2000172645A (en) | Server computer and certificate information managing method for the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170524 |