CN107257337B - Multi-terminal sharing authority control method and system - Google Patents

Multi-terminal sharing authority control method and system Download PDF

Info

Publication number
CN107257337B
CN107257337B CN201710452694.6A CN201710452694A CN107257337B CN 107257337 B CN107257337 B CN 107257337B CN 201710452694 A CN201710452694 A CN 201710452694A CN 107257337 B CN107257337 B CN 107257337B
Authority
CN
China
Prior art keywords
authority
user
function point
interface
service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201710452694.6A
Other languages
Chinese (zh)
Other versions
CN107257337A (en
Inventor
李立春
谭斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chongqing Upsoft Technology Co ltd
Original Assignee
Chongqing Upsoft Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chongqing Upsoft Technology Co ltd filed Critical Chongqing Upsoft Technology Co ltd
Priority to CN201710452694.6A priority Critical patent/CN107257337B/en
Publication of CN107257337A publication Critical patent/CN107257337A/en
Application granted granted Critical
Publication of CN107257337B publication Critical patent/CN107257337B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/30Creation or generation of source code
    • G06F8/38Creation or generation of source code for implementing user interfaces
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • G06F9/4451User profiles; Roaming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Human Computer Interaction (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a multi-terminal sharing authority control method and a system thereof, comprising four parts, namely a client, a unified access module, an authentication control module and a service module, wherein the control method comprises the steps of initializing function points, abstracting all control authorities into one function point, and expressing a specific function or service by the function points; configuring interface elements for corresponding function points, defining the interface elements corresponding to specific function points, wherein the interface elements are related to the expression of specific interfaces and the expression of specific interfaces, and are associated with specific display ends, and the display ends are carriers for bearing interface displays; authorizing, namely granting function points to the user and the role, and enabling the user and the function points to generate association; and (4) controlling the authority, and calling an authentication control module to determine whether the user has the access authority. According to the method, the functional authority is only distributed to the roles by configuring the authority and the interface element relation, so that multiple terminals share the same authority by one-time authorization, independent authorization is not required for each terminal, and the operation mode is simple.

Description

Multi-terminal sharing authority control method and system
Technical Field
The invention relates to the technical field of software permission control, in particular to a permission control method and a permission control system for multi-terminal sharing.
Background
1. With the popularization of the mobile internet, the appearance of more and more different types of clients (WeChat, mobile phone app and pc browser) enables the expression of interfaces to be more and more diversified, the traditional authorization is performed for each client, the work is heavy, and errors are easy to make.
2. At present, all the traditional mis systems have an authority control module based on RBAC and a control mode based on roles and resources. However, they are often not managed centrally, and the rights data standards are not uniform and difficult to share, and are usually implemented by adding filters and the like in the service system, so that the rights design cannot cross languages, and has certain intrusiveness on services.
3. The traditional authorization mode is usually intercepted at an application layer, and if program control is in problem. Potential safety hazards easily occur, and global knowledge of the configuration rules of the permissions is not convenient.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a multi-terminal sharing authority control method and a multi-terminal sharing authority control system.
The purpose of the invention is realized by the following technical scheme:
a multi-terminal sharing authority control method is characterized by comprising the following steps:
step S01: initializing a function point, abstracting all control authorities into a function point, wherein the function point represents a specific function or service;
step S02: configuring interface elements for corresponding function points, defining the interface elements corresponding to specific function points, wherein the interface elements are related to the expression of specific interfaces and the expression of specific interfaces, and are associated with specific display ends, and the display ends are carriers for bearing interface displays;
step S03: authorizing, namely granting function points to the user and the role, and enabling the user and the function points to generate association;
step S04: and (4) controlling the authority, and calling an authentication control module to determine whether the user has the access authority.
Further, the method also includes step S05: displaying interface elements, namely displaying different interfaces according to the configured permissions of different users, and specifically comprising the following substeps:
substep S51: a user accesses a background management interface;
substep S52: acquiring a current user and a role;
substep S53: finding out corresponding function points according to the user and the role;
substep S54: finding out corresponding interface elements according to the function points;
substep S55: finding all superior interface elements according to the current interface elements;
substep S56: assembling the interface elements according to the upper and lower level relation of the interface elements;
substep S57: and returning to the client and displaying the interface elements.
Further, in step S01, the function point is independent of the specific display, and the initialization operation of the function point is preferably defined in the development stage, and in addition, the initialization operation of the function point may be defined in any other stage.
Further, in step S02, the function point may be a service carried by an interface, or may be an interface without an interface, so that not every function point corresponds to an interface element, and the function point is identified by a URL address of the client or an operation instruction in the command mode.
Further, in step S04, all requests of the user are firstly accessed to the server through the unified access module, and cannot directly access the specific service, and the service system may directly reject the illegal request sent from the front end through a firewall or the like.
Furthermore, the unified access module is responsible for unified interception of authority and definition of routing strategies besides serving reverse proxy, and the unified access module judges according to a return result and an access terminal, directly accesses a service system if authentication is passed, and jumps to a corresponding interface or responds to an error code according to different terminals if authentication is failed.
Further, the step of calling the authentication control module to determine whether the user has the access right in step S04 specifically includes the following sub-steps:
substep S41: finding out corresponding function points according to the accessed interface elements and the current user and role;
substep S42: judging whether the access rule is met or not according to the configuration of the authority points;
substep S43: and returning the authentication result to the proxy server.
A multi-end shared rights control system, comprising the following components:
a client: the program is a program which corresponds to a server and provides local service for a client;
a unified access module: the valve is responsible for reverse proxy service and authority interception of all services and is used for authority control;
an authentication control module: the core controller for the authority control is responsible for checking the specific authority control, and granting the specific logic and authority of the authority control;
a service module: the service or system executing the specific service is the user of the function point;
when a client requests a service module, the client always requests the unified access module, the unified access module accesses the authentication control module according to the client ID, the current user ID and the URL address, the authentication control module obtains whether the user has the related authority according to the related configuration, the unified access module determines whether to reversely proxy the request to the service end or directly return error information to the front end according to the data returned by the authentication control module, if the user has the access authority of the function point by accessing the service module, the authority control is not required to be carried out on the user by related codes, the service module finishes processing the service logic, and directly returns the service logic to the front end through the unified access module.
Furthermore, the authentication control module initializes and defines function points in advance, and configures interface elements for the corresponding function points.
Further, the interface elements mainly include: interface name, interface address, interface level and interface corresponding function point ID.
The invention has the beneficial effects that: 1. the method only authorizes the function points, so that the authorization of the user is more convenient, the management cost is reduced, and all the terminals can use the function points only once; 2. the unified management authority ensures that the business module is transparent to the authority, so that the authority design is simpler and more systematic, safer and more reliable; 3. all the service systems can not be directly accessed by the outside, the permission penetration can be prevented, the service systems directly refuse all the external requests, the configuration is simple, and the error is not easy to occur.
Drawings
FIG. 1 is a schematic diagram of the overall process steps of the present invention;
FIG. 2 is a block diagram of the components of the system of the present invention;
fig. 3 is a detailed flow chart of the working principle of the present invention.
Detailed Description
The technical solutions of the present invention are further described in detail below with reference to the accompanying drawings, but the scope of the present invention is not limited to the following.
As shown in figure 1 of the drawings, in which,
a multi-terminal sharing authority control method is characterized by comprising the following steps:
step S01: initializing a function point, abstracting all control authorities into a function point, wherein the function point represents a specific function or service; the function point is irrelevant to the specific display;
step S02: configuring interface elements for corresponding function points, defining the interface elements corresponding to specific function points, wherein the interface elements are related to the expression of specific interfaces and the expression of specific interfaces, and are associated with specific display ends, and the display ends are carriers for bearing interface displays; the interface elements refer to menus or buttons and the like;
step S03: authorizing, namely granting function points to the user and the role, and enabling the user and the function points to generate association; the reason why the role is not granted interface elements is: based on the assumption that the corresponding interface element is required to be displayed only by the corresponding function point authority, the function point and the interface element are in a relationship, so that the function point and the interface element do not need to be associated with the role, operation and maintenance personnel and business personnel do not need to know the relationship between the function point and the interface, and only need to pay attention to the authority which the role should have, and authorization operation is simplified.
Step S04: and (4) controlling the authority, and calling an authentication control module to determine whether the user has the access authority.
The specific meanings of the function points, the interface elements and the display ends in the embodiment are as follows:
functional points are as follows: a specific function or service, such as: modifying passwords, querying users, querying balances, and the like.
Interface elements: some visible interface visible elements, such as: a form or a button.
The display end is a carrier for bearing interface display, such as: WeChat, pc browser, mobile app, etc.;
further, the method also includes step S05: displaying interface elements, namely displaying different interfaces according to the configured permissions of different users, and specifically comprising the following substeps:
substep S51: a user accesses a background management interface;
substep S52: acquiring a current user and a role;
substep S53: finding out corresponding function points according to the user and the role;
substep S54: finding out corresponding interface elements according to the function points;
substep S55: finding all superior interface elements according to the current interface elements;
substep S56: assembling the interface elements according to the upper and lower level relation of the interface elements;
substep S57: and returning to the client and displaying the interface elements.
Further, in step S01, the function point is independent of the specific display, and the initialization operation of the function point is preferably defined in the development phase; besides, the initialization operation of the function point can be defined at any other stage.
Further, in step S02, the function point may be a service carried by an interface, or may be an interface without an interface, so that not every function point corresponds to an interface element, and the function point is identified by a URL address of the client or an operation instruction in the command mode.
Further, in step S04, all requests of the user are firstly accessed to the server through the unified access module, and cannot directly access the specific service, and the service system may directly reject the illegal request sent from the front end through a firewall or the like.
Furthermore, the unified access module is responsible for unified interception of authority and definition of routing strategies besides serving reverse proxy, and the unified access module judges according to a return result and an access terminal, directly accesses a service system if authentication is passed, and jumps to a corresponding interface or responds to an error code according to different terminals if authentication is failed.
Further, the step of calling the authentication control module to determine whether the user has the access right in step S04 specifically includes the following sub-steps:
substep S41: finding out corresponding function points according to the accessed interface elements and the current user and role;
substep S42: judging whether the access rule is met or not according to the configuration of the authority points;
substep S43: and returning the authentication result to the proxy server.
As shown in fig. 2:
a multi-end shared rights control system, comprising the following components:
a client: the program is a program which corresponds to a server and provides local service for a client;
a unified access module: the valve is responsible for reverse proxy service and authority interception of all services and is used for authority control;
an authentication control module: the core controller for the authority control is responsible for checking the specific authority control, and granting the specific logic and authority of the authority control;
a service module: the service or system executing the specific service is the user of the function point;
when a client requests a service module, the client always requests the unified access module, the unified access module accesses the authentication control module according to the client ID, the current user ID and the URL address, the authentication control module obtains whether the user has the related authority according to the related configuration, the unified access module determines whether to reversely proxy the request to the service end or directly return error information to the front end according to the data returned by the authentication control module, if the user has the access authority of the function point by accessing the service module, the authority control is not required to be carried out on the user by related codes, the service module finishes processing the service logic, and directly returns the service logic to the front end through the unified access module.
Furthermore, the authentication control module initializes and defines function points in advance, and configures interface elements for the corresponding function points.
Further, the interface elements mainly include: interface name, interface address, interface level and interface corresponding function point ID.
Specifically, the multi-terminal sharing authority control system comprises a client, a unified access module, an authentication control module and a service module.
The client, or called user side, refers to a program corresponding to the server and providing local services to the client. Such as: pc browser, WeChat, app.
The unified access module is responsible for reverse proxy service and authority interception of all services and is an authority control valve.
The authentication control module is a core controller for authority control, is responsible for checking specific authority control, and granting specific logic and authority of the authority control.
A service module is a service that performs a specific service or a system is a user of a function point.
These four major structures are the basic elements of authority control, and their relationship is:
when the client requests the service module, the client always requests the unified access module first.
The unified access module accesses the authentication control module according to the client ID, the current user ID and the URL address.
And the authentication control module obtains whether the user has the related authority or not according to the related configuration.
The unified access module determines whether to proxy the request to the service end or directly return the error information to the front end according to the data returned by the authentication control module.
If the access service module indicates that the user has the access right of the function point, the related code is not needed to carry out right control on the user.
The service module processes the service logic and directly returns the service logic to the front end through the unified access module.
And the whole authority related flow is executed.
A multi-terminal sharing authority control method comprises the following steps:
step S01: initialization function point
The function points are the specific description of the functions, and mainly comprise the codes of the authorities (convenient for program identification), the names of the function points, the authority matching rules (supporting the matching of regular expressions), the function points and the roles, and the relationship of users is many-to-many.
The method comprises the following specific steps: the relevant configuration can be directly initialized by means of sql scripts, configuration files and the like.
Step S02: initializing interface elements
The interface elements mainly comprise: interface name, interface address, interface level and interface corresponding function point ID. The relationship between them is configured for the purpose of: in order to reversely inquire the interface elements and the function points of the user according to the relationship among the user, the role, the function points and the interface elements, and reversely inquire the function points of the user through the interface elements.
Step S03: authorization
The user and role related rights are granted, i.e. a functional point is assigned to it. The method has the advantages of enabling the user to have operation authority of related functions and displaying related interface elements.
Step S04: permission control, comprising the following sub-steps:
and S001, when a user accesses a specific front-end page or service through the client, accessing the back-end service through the unified access module.
S002, the unified access module accesses the authentication control module after receiving the request, and firstly judges whether the current request has access authority. The entity requests to authenticate the control module according to the interface element ID, the request address and the current user, and returns whether to have the authority.
And S003, after receiving the request parameters, the authentication control module finds the owned function points according to the current user or role, comprehensively judges the owned function points according to the specific function points corresponding to the current interface element identification, and judges the authentication according to the rule of which function point is currently used.
And S004, judging authentication, namely matching according to the current URL and the authority rules configured on the function points, and returning a matching result to the unified access module. Of course, rules may be defined for matching if other commands are incoming.
And S005, the unified access module processes according to the authentication result after receiving the returned result, if the returned result is successful, the access authority is proved, and the reverse proxy is performed to the real service module for service processing.
S006, if the return fails, jumping to different unauthorized pages according to the requested client, or if the request is ajax, returning a corresponding error code, performing unified processing by the client, jumping to a unified page or calling a native api to perform service processing.
As shown in fig. 3: the specific working principle is as follows:
starting;
a developer initializes the authentication control module;
the operation and maintenance personnel initialize the interface elements of the authentication control module and define the relationship between the interface elements and the function points;
the background manager grants the related function points to the corresponding roles through the authentication control module to complete the authorization operation of the function points;
the client side carries out authority access;
the authentication control module finds out the corresponding function point according to the relation among the user, the role and the function point; or finding the function point according to the relation between the menu and the function point; or finding the function point according to the transmitted rule and the function point expression;
returning the authentication result to the unified access module, and judging whether the unified access module has the access right or not;
and if the access authority exists, the access service system executes, and the operation is finished.
And returning to the front-end interface without access right, and ending.
The foregoing is illustrative of the preferred embodiments of this invention, and it is to be understood that the invention is not limited to the precise form disclosed herein and that various other combinations, modifications, and environments may be resorted to, falling within the scope of the concept as disclosed herein, either as described above or as apparent to those skilled in the relevant art. And that modifications and variations may be effected by those skilled in the art without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (6)

1. A multi-terminal sharing authority control method is characterized by comprising the following steps:
step S01: initializing a function point, directly initializing relevant configuration of the function point through an sql script and a configuration file mode, abstracting all control authorities in a plurality of clients into one function point, enabling the plurality of clients to share the same authority after one-time authorization, and enabling the function point to represent a specific function or service;
step S02: configuring interface elements for corresponding function points, defining the interface elements corresponding to specific function points, wherein the interface elements are related to the expression of specific interfaces and the expression of specific interfaces, and are associated with specific display ends, and the display ends are carriers for bearing interface displays;
step S03: authorizing, namely granting function points to the user and the role, and enabling the user and the function points to generate association;
step S04: the authority control is used for calling an authentication control module to determine whether the user has the access authority;
the authentication control module finds out the corresponding function point according to the relation among the user, the role and the function point; or finding the function point according to the relation between the menu and the function point; or finding the function point according to the transmitted rule and the function point expression;
in step S04, all requests of the user are first accessed to the server through the unified access module according to the client ID, the current user ID and the URL address, but specific services cannot be directly accessed, and the service system can directly reject illegal requests sent from the front end through firewalls and other ways; the unified access module is also responsible for unified interception of authority and routing strategy definition besides the service reverse proxy, and the unified access module judges according to a return result and an access terminal, directly accesses a service system if authentication is passed, and jumps to a corresponding interface or responds to an error code according to different terminals if authentication is failed;
the step of calling the authentication control module to determine whether the user has the access right specifically comprises the following substeps:
substep S41: finding out corresponding function points according to the accessed interface elements and the current user and role;
substep S42: judging whether the access rule is met or not according to the configuration of the authority points;
substep S43: and returning the authentication result to the unified access module.
2. The multi-terminal sharing permission control method according to claim 1, wherein: further comprising step S05: displaying interface elements, namely displaying different interfaces according to the configured permissions of different users, and specifically comprising the following substeps:
substep S51: a user accesses a background management interface;
substep S52: acquiring a current user and a role;
substep S53: finding out corresponding function points according to the user and the role;
substep S54: finding out corresponding interface elements according to the function points;
substep S55: finding all superior interface elements according to the current interface elements;
substep S56: assembling the interface elements according to the upper and lower level relation of the interface elements;
substep S57: and returning to the client and displaying the interface elements.
3. The multi-terminal sharing permission control method according to claim 1, wherein: in step S01, the function point is not related to a specific display, and the initialization operation of the function point is defined in the development phase.
4. The multi-terminal sharing permission control method according to claim 1, wherein: in step S02, the function point may be a service carried by an interface, or may be an interface without an interface, so that not every function point corresponds to an interface element, and the function point is identified by a URL address of the client or an operation instruction in the command mode.
5. A multi-end shared rights control system, comprising the following components:
a client: the program is a program which corresponds to a server and provides local service for a client;
a unified access module: the unified access module judges according to a return result and an access terminal, directly accesses a service system if the authentication is passed, and jumps to a corresponding interface or responds to an error code according to different terminals if the authentication is failed;
an authentication control module: the core controller of the authority control is responsible for checking the specific authority control, granting the specific logic and authority of the authority control, and finding the corresponding function point according to the relation among the user, the role and the function point; or finding the function point according to the relation between the menu and the function point; or finding the function point according to the transmitted rule and the function point expression; all requests of a user are firstly accessed into a server through a uniform access module according to a client ID, a current user ID and a URL address, but specific services cannot be directly accessed, and a service system can directly refuse illegal requests sent by a front end in a firewall mode and the like; the authentication control module determines whether the user has the access right specifically comprises the following substeps:
substep S41: finding out corresponding function points according to the accessed interface elements and the current user and role;
substep S42: judging whether the access rule is met or not according to the configuration of the authority points;
substep S43: returning the authentication result to the unified access module;
the authentication control module initializes and defines function points in advance, configures interface elements for the corresponding function points, abstracts all control authorities in a plurality of clients into one function point, and enables the plurality of clients to share the same authority after one-time authorization;
a service module: the service or system executing the specific service is the user of the function point;
when a client requests a service module, the client always requests the unified access module, the unified access module accesses the authentication control module according to the client ID, the current user ID and the URL address, the authentication control module obtains whether the user has the related authority according to the related configuration, the unified access module determines whether to reversely proxy the request to the service end or directly return error information to the front end according to the data returned by the authentication control module, if the user has the access authority of the function point by accessing the service module, the authority control is not required to be carried out on the user by related codes, the service module finishes processing the service logic, and directly returns the service logic to the front end through the unified access module.
6. The multi-terminal shared permission control system according to claim 5, wherein: the interface elements mainly comprise: interface name, interface address, interface level and interface corresponding function point ID.
CN201710452694.6A 2017-06-15 2017-06-15 Multi-terminal sharing authority control method and system Expired - Fee Related CN107257337B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710452694.6A CN107257337B (en) 2017-06-15 2017-06-15 Multi-terminal sharing authority control method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710452694.6A CN107257337B (en) 2017-06-15 2017-06-15 Multi-terminal sharing authority control method and system

Publications (2)

Publication Number Publication Date
CN107257337A CN107257337A (en) 2017-10-17
CN107257337B true CN107257337B (en) 2021-02-05

Family

ID=60024154

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710452694.6A Expired - Fee Related CN107257337B (en) 2017-06-15 2017-06-15 Multi-terminal sharing authority control method and system

Country Status (1)

Country Link
CN (1) CN107257337B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108646965B (en) * 2018-05-14 2021-06-25 平安科技(深圳)有限公司 Service line processing method, terminal device and medium
CN109766158A (en) * 2018-12-27 2019-05-17 益萃网络科技(中国)有限公司 Methods of exhibiting, device, computer equipment and the storage medium of user interface
CN110059472A (en) * 2019-03-16 2019-07-26 平安城市建设科技(深圳)有限公司 Menu authority configuring method, device, equipment and readable storage medium storing program for executing
CN110780876A (en) * 2019-10-29 2020-02-11 北京北纬通信科技股份有限公司 Web development front-end and back-end separation authority control method and system
CN112202819B (en) * 2020-12-02 2021-02-12 成都掌控者网络科技有限公司 Distributed control authority method and device, computer equipment and storage medium
CN112528248A (en) * 2020-12-08 2021-03-19 北京航天云路有限公司 User authority management scheme facing multiple applications
CN112989373A (en) * 2021-03-08 2021-06-18 北京慧友云商科技有限公司 Hierarchical authorization control management engine based on RBAC
CN113515765A (en) * 2021-07-12 2021-10-19 深圳市金斧子网络科技有限公司 Authority management method, device, equipment and storage medium

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102130894A (en) * 2010-01-12 2011-07-20 大唐移动通信设备有限公司 Authentication and certification method and system
KR20130007797A (en) * 2011-07-11 2013-01-21 삼성전자주식회사 Method and system for open authentication
CN102387139B (en) * 2011-10-17 2014-05-14 迈普通信技术股份有限公司 Authority control method, system and device separated from application services
CN102930189B (en) * 2012-10-12 2015-09-09 中标软件有限公司 A kind of role-security control method and system
CN103065074B (en) * 2012-12-14 2016-03-16 北京思特奇信息技术股份有限公司 A kind of method of carrying out URL control of authority based on fine granularity
CN103500298A (en) * 2013-10-12 2014-01-08 彩虹集团公司 Method for achieving authorization distribution based on rule management

Also Published As

Publication number Publication date
CN107257337A (en) 2017-10-17

Similar Documents

Publication Publication Date Title
CN107257337B (en) Multi-terminal sharing authority control method and system
US10152581B2 (en) Methods and systems for data entry
US10693865B2 (en) Web-based interface integration for single sign-on
US10484385B2 (en) Accessing an application through application clients and web browsers
US10079826B2 (en) Methods and systems for data entry
JP5837597B2 (en) Integrated workspace for thin, remote, and SaaS applications
US9197417B2 (en) Hosted application sandbox model
CN108710528B (en) Desktop cloud virtual machine access and control method, device, equipment and storage medium
US20120266228A1 (en) Secure management of user rights during accessing of external systems
US10771468B1 (en) Request filtering and data redaction for access control
WO2017106208A9 (en) Device management with tunneling
US20220294788A1 (en) Customizing authentication and handling pre and post authentication in identity cloud service
US20220027429A1 (en) Dynamically determining a server for enrollment with management system
JP2023540894A (en) Security zone policy enforcement in cloud infrastructure systems
TWI591998B (en) Method of providing service list in virtual private network service system
KR20150109233A (en) method and server for performing log-in for application
US9848000B2 (en) Resource access
US20220407692A1 (en) Multiple device collaboration authentication
US20210336999A1 (en) System and method for workspace sharing
CN118120181A (en) Single point log-off

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20210205