CN107317800A - Safe checking method, terminal and computer-readable recording medium - Google Patents
Safe checking method, terminal and computer-readable recording medium Download PDFInfo
- Publication number
- CN107317800A CN107317800A CN201710404772.5A CN201710404772A CN107317800A CN 107317800 A CN107317800 A CN 107317800A CN 201710404772 A CN201710404772 A CN 201710404772A CN 107317800 A CN107317800 A CN 107317800A
- Authority
- CN
- China
- Prior art keywords
- checking information
- checking
- check
- information
- safe
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The invention discloses a kind of safe checking method, terminal and computer-readable recording medium, belong to communication technical field.The method comprising the steps of:The first system obtains the first checking information of second system to check system, and first checking information is added in the interface requests for calling the second system;Second system receives the interface requests, and the second checking information for distributing to the first system is obtained from the check system, when judging that first checking information is consistent with second checking information, then verification passes through.So as to which each system need not change code or configuration file, you can in development environment, test environment from using different safety check information in formal environments.
Description
Technical field
The present invention relates to network communication technology field, more particularly to safe checking method, terminal and computer-readable storage
Medium.
Background technology
When interacting between each system on fixed terminal or mobile terminal, it is required for using Hyper text transfer
Agreement (HyperText Transfer Protocol, HTTP) interface.In order to ensure safety, often it is required for using safe school
Test mechanism.Wherein, the more verification scheme used is BaseAuth mechanism, i.e., accessed system is to the system for needing to access
Distribute a username and password.Current scheme is that these username and passwords are placed on into every destination code or configuration text
In part.
However, at least there is problems with currently existing scheme:
1st, developer and operation maintenance personnel can know username and password, there is greatly leakage in terms of information security
Hole and hidden danger.
2nd, each system has exploitation, test and formal environments, and each partition gives the username and password of remaining system all
Different, it is necessary to go modification manually so in handoff environment, efficiency is low and easy error.
3rd, each system all uses the same BaseAuth mechanism, there is more repeated work, and the efficiency of exploitation and joint debugging is low.
Therefore, it is necessary to propose a kind of safe checking method, terminal and computer-readable recording medium, asked with solving these
Topic.
The content of the invention
It is a primary object of the present invention to propose a kind of safe checking method, terminal and computer-readable recording medium, purport
Solving system safety problem.
To achieve the above object, a kind of safe checking method that the present invention is provided, methods described includes step:
The first system obtains the first checking information of second system to check system, and first checking information is added
Into the interface requests for calling the second system;
The second system receives the interface requests, and the first system is distributed in acquisition from the check system
The second checking information, when judging that first checking information is consistent with second checking information, then verification pass through.
Alternatively, methods described also includes:
The second system sets the update cycle of checking information, and the update cycle is sent to the verification system
System;
When reaching the update cycle, the check system is updated to checking information.
Alternatively, methods described also includes:
Message center, which is detected, have updated the checking information, and be sent out respectively to the first system and the second system
Send notice;
Notified according to described, the first system and the second system are obtained to the check system after updating respectively
Checking information.
Alternatively, before the first checking information that the first system obtains second system to check system, methods described is also
Including:
The checking information for distributing to each system is sent to the check system registered in advance by the second system;
The check system Generates Certificate according to the checking information;
The second system downloads the certificate, is communicated with being encrypted by the certificate with the check system.
In addition, to achieve the above object, the present invention also proposes a kind of safe checking method, runs in check system, institute
Stating method includes step:
When the first system, which is sent, calls the interface requests of second system, send second system to the first system first is tested
Demonstrate,prove information;
The second system is received after the interface requests, is sent to the second system and is distributed to the first system
Second checking information, when the second system judges that first checking information is consistent with second checking information, then
Verification passes through.
Alternatively, methods described also includes:
Receive the update cycle for the checking information that the second system is sent;
When reaching the update cycle, then checking information is updated.
Alternatively, methods described also includes:
According to the request of the first system and the renewal checking information of the second system, respectively to the first system
The checking information after updating is sent with second system.
Alternatively, before first checking information that second system is sent to the first system, methods described also includes:
The checking information of each system is pre-assigned to according to the second system, and is registered;
Generated Certificate, communicated with being encrypted by the certificate with the second system according to the checking information.
In addition, to achieve the above object, the present invention also proposes a kind of terminal, the terminal includes processor and storage
Device;
The processor is used to perform the safety check routines stored in memory, to realize above-mentioned method.
In addition, to achieve the above object, the present invention also proposes a kind of computer-readable recording medium, described computer-readable
Be stored with safety check routines on storage medium, and the safety check routines realize above-mentioned safety check when being executed by processor
The step of method.
Safe checking method proposed by the present invention, terminal and computer-readable recording medium, by the first system to verification
System obtains the first checking information of second system, and the first checking information is added to the interface requests for calling second system
In, after the request of second system receiving interface, the second checking information for distributing to the first system is obtained from check system, when
When judging that the first checking information is consistent with the second checking information, then verification passes through, so that each system need not change code or match somebody with somebody
Put file, you can in development environment, test environment from using different safety check information in formal environments.
Brief description of the drawings
The schematic flow sheet for the safe checking method that Fig. 1 provides for first embodiment of the invention;
The sub-process schematic diagram for the safe checking method that Fig. 2 provides for first embodiment of the invention;
The another schematic flow sheet for the safe checking method that Fig. 3 provides for first embodiment of the invention;
The another schematic flow sheet for the safe checking method that Fig. 4 provides for first embodiment of the invention;
Fig. 5 be check system in preserve each system distribution username and password information table schematic diagram;
The schematic flow sheet for the safe checking method that Fig. 6 provides for second embodiment of the invention;
The another schematic flow sheet for the safe checking method that Fig. 7 provides for second embodiment of the invention;
The another schematic flow sheet for the safe checking method that Fig. 8 provides for second embodiment of the invention;
The structural representation for the safety check system that Fig. 9 provides for third embodiment of the invention.
The realization, functional characteristics and advantage of the object of the invention will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
In follow-up description, the suffix using such as " module ", " part " or " unit " for representing element is only
Be conducive to the explanation of the present invention, itself there is no a specific meaning.Therefore, " module ", " part " or " unit " can be mixed
Ground is used.
Fig. 1 is refer to, first embodiment of the invention provides a kind of safe checking method, the described method comprises the following steps:
Step 110, the first system obtains the first checking information of second system to check system, and described first is verified
Information is added in the interface requests for calling the second system.
Specifically, the first system first judges whether to obtain second system distribution when calling the interface of second system
First checking information, if not obtaining, into step 110, if having obtained, is directly entered step 120.
In step 110, the first system can be according to the domain of the environment of the second system to be accessed, that is, second system
Name, asks to obtain to check system by HTTP (HyperText TransferProtocol, HTTP) first
Second system is pre-assigned to the first checking information of the first system in the present context.The first system preserves the first checking information,
And the first checking information is added in the header of HTTP request.
Further, the first checking information be at least included in stored in check system distribute to first by second system and be
The username and password of system.
Step 120, second system receives the interface requests, and acquisition distributes to described first from the check system
Second checking information of system, when judging that first checking information is consistent with second checking information, is then verified logical
Cross.
Specifically, Fig. 2 is refer to, step 120 further comprises:
Step 210, second system receives the interface requests of the first system;
Step 220, second system judges whether to obtain the second checking information for distributing to the first system;If so, then entering
Enter step 240, if it is not, then entering step 230;
Specifically, the second checking information includes:Under the present circumstances, second system is pre-assigned to the user of the first system
Name and password.
Step 230, second system obtains the second checking information for distributing to the first system from check system;
Specifically, check system preserves the second checking information after the second checking information that second system is sent is received
In checking system.
Step 240, second system judges whether the first checking information is consistent with the second checking information;If so, then entering step
Rapid 250, if it is not, then flow terminates;
Specifically, second system is by the use in the username and password and the header of interface requests in the second checking information
Name in an account book and password are compared, if unanimously, into step 250, if inconsistent, verification fails and flow terminates.
Further, the checking action in step 240 is all the tangent plane in the JAR bags provided by safety check system
Intercept what is carried out.By way of tangent plane is intercepted, unified processing is carried out to total interface.In the present embodiment, based on
BaseAuth verification schemes, realize a set of check system, and the system tests the client of this safety check mechanism with service end
Code is demonstrate,proved all to be realized, and by the form of tangent plane, to intercept the interface processing of each system, to carry out at unified client
Reason and service end checking.Safety check system packs the code of this part, is supplied to each system to make in the form of JAR bags
With.So, each system avoids the need for oneself going to write the code of repetition again realizing interface check function.
Further, for the security of strengthening system, each system user name and password preserved in check system is all
It is encrypting storing, the information that keeper is seen also all is the information after encryption, so as to ensure information security.
Step 250, verification passes through.
After verification passes through, then second system performs interface, and returns to implementing result to the first system.
Further, Fig. 3 is refer to, as to further improvement of this embodiment, before step 110, methods described
Also include:
Step 310, the checking information for distributing to each system is sent to the check system carry out in advance by second system
Registration.
Specifically, check system provides enrollment page, believes in checking of the related field provided with each system of enrollment page
Breath, the checking information at least includes:Systematic name, the domain for accessing systematic name, unique identifying number, exploitation test and formal environments
Name etc..For example:Second system according to the environment at place (such as:Test environment either formal environments etc.), at least one will be distributed to
The checking information of individual the first system is sent to check system and registered.
Correspondingly, the username and password information table of each system distribution is preserved in check system.
Step 320, check system Generates Certificate according to the checking information.
Specifically, after succeeding in registration, according to the checking information of reception, check system, which generates a https traffic, to be needed
The certificate used.
Step 330, second system downloads the certificate, logical to be encrypted by the certificate and the check system
Letter.
Specifically, second system is downloaded after the certificate, is encrypted and communicated with safety check system using the certificate, to obtain
The username and password for taking second system to need calling system to distribute to oneself.
Further, Fig. 4 is refer to, as a further improvement on the present invention, after step 120, in addition to step:
Step 410, second system sets the update cycle of checking information, and the update cycle is sent to the verification
System.
Specifically, the update cycle can be one month or 1 year, and second system sends the update cycle being provided with
To check system.
Step 420, when reaching the update cycle, the check system is updated to checking information.
Specifically, the checking information after renewal can second system set the update cycle when be configured, also may be used
To be set by check system.After the update cycle is reached, check system is according to default or randomly update checking information.
Step 430, message center, which is detected, have updated the checking information, and respectively to the first system and described
Two system, which is sent, to be notified.
Specifically, in the present embodiment, message center can be Zookeeper, that is to say, that when Zookeeper detections
When have updated checking information to check system, Zookeeper notifies the first system and second system to carry out checking letter by HTTPS
The renewal of breath.In the present embodiment, unified check system provides Zookeeper as message center, when secure authentication information becomes
During change, each system can be notified by the message center in time.
Step 440, notified according to described, the first system and the second system are obtained to the check system respectively
Checking information after renewal.
Specifically, after the first system and second system receive Zookeeper message, obtained respectively by check system
Take the checking information after updating.
Exemplarily, the username and password information table of each system distribution preserved in the check system shown in Fig. 5 shows
It is intended to.In Figure 5, the enrollment page field of check system includes:Systematic name, environment, domain name, access system, it is user name, close
Code and update cycle.System B needs calling system A interface, and the environment residing for system A is development environment, and domain name is
A.dev.com, then check system B process is as follows:
(1) system B obtains the user name that system B is distributed under the system A environment by HTTPS request to check system
And password (bdeva) (adevb).
(2) system B preserves the username and password, and username and password is added in the header of HTTP request.
(3) system A is obtained to check system after system B request is received and is distributed to system B's under development environment
User name (adevb) and password (bdeva), and preserve in systems.
(4) username and password is compared by system A with the user name password in system B request header informations, and result is
Consistent, then it is verified.
The safe checking method of the present embodiment, the first checking for obtaining second system to check system by the first system is believed
Breath, and the first checking information is added in the interface requests for calling second system, after the request of second system receiving interface, from school
Obtained in check system and distribute to the second checking information of the first system, when judging the first checking information and the second checking information
When consistent, then verification passes through, so that each system need not change code or configuration file, you can in development environment, test environment
From using different safety check information in formal environments.
Fig. 6 is refer to, the safe checking method provided for second embodiment of the invention, this method runs on check system
In, comprise the following steps:
Step 610, when the first system, which is sent, calls the interface requests of second system, second system is sent to the first system
The first checking information.
Specifically, the first system can be according to the domain name of the environment of the second system to be accessed, that is, second system, first
The first checking information that second system is pre-assigned to the first system in the present context is sent to the first system by HTTP request.
The first system preserves the first checking information, and the first checking information is added in the header of HTTP request.
Further, the first checking information be at least included in stored in check system distribute to first by second system and be
The username and password of system.
Step 620, second system is received after the interface requests, and distributing to described first to second system transmission is
Second checking information of system, when the second system judges that first checking information is consistent with second checking information
When, then verification passes through.
Specifically, after second system receives interface requests, the request sent according to second system is sent out to second system
The second checking information for being pre-assigned to the first system is sent, second system is by the username and password in the second checking information with connecing
Username and password in the header of mouth request is compared, if unanimously, verification passes through, if inconsistent, verification failure.
Second checking information includes:Under the present circumstances, second system is pre-assigned to the user name of the first system and close
Code.
The checking for carrying out second system is further intercepted there is provided the tangent plane in JAR bags.By way of tangent plane is intercepted,
Unified processing is carried out to total interface.In the present embodiment, based on BaseAuth verification schemes, by this safety check machine
The client and service end Validation Code of system all realized, and by the form of tangent plane, is handled the interface that intercepts each system,
To carry out unified client process and service end checking.The code of this part is packed, each is supplied in the form of JAR bags
System is used.
Further, for the security of strengthening system, in addition it is also necessary to each system user name of encrypting storing and password, keeper
The information seen also all is the information after encryption, so as to ensure information security.
Further, Fig. 7 is refer to, as further improvement of this embodiment, before step 610, methods described is also
Including:
Step 710, the checking information of each system is pre-assigned to according to institute's second system, and registered.
Specifically, in checking information of the related field provided with each system of enrollment page, the checking information at least includes:
Systematic name, the domain name for accessing systematic name, unique identifying number, exploitation test and formal environments etc..For example:Second system according to
The environment at place is (such as:Test environment either formal environments etc.), receive that second system sends distribute at least one first
The checking information of system, and registered.
Correspondingly, the username and password information table of each system distribution is preserved.
Step 720, Generated Certificate according to the checking information, to be encrypted by the certificate with the second system
Communication.
Specifically, after succeeding in registration, according to the checking information of reception, one https traffic of generation needs the card used
Book.Second system is downloaded after the certificate, is encrypted and communicated with second system using the certificate, and tune is needed to obtain second system
The username and password of oneself is distributed to system.
Further, Fig. 8 is refer to, as a further improvement on the present invention, after step 620, in addition to step:
Step 810, the update cycle for the checking information that second system is sent is received.
Specifically, the update cycle can be one month or 1 year, receive the renewal being provided with that second system is sent
Cycle.
Step 820, when reaching the update cycle, then checking information is updated.
Specifically, the checking information after renewal can second system set the update cycle when be configured, also may be used
To be set by check system.After the update cycle is reached, according to default or randomly update checking information.
Step 830, according to the request of the first system and the renewal checking information of the second system, respectively to described
The first system and second system send the checking information after updating.
Specifically, when the first system and second system receive message center transmission message after, receive the first system and
Second system sends the request for updating checking information, and is sent respectively to the first system and second system after renewal according to the request
Checking information.
The safe checking method of the present embodiment, when the first system, which is sent, calls the interface requests of second system, to first
System sends the first checking information of second system, after the request of second system receiving interface, is sent to second system and distributes to the
Second checking information of one system, when second system judges that the first checking information is consistent with the second checking information, is then verified
Pass through, so that each system need not change code or configuration file, you can used in development environment, test environment and formal environments
Different safety check information.
Fig. 9 is refer to, third embodiment of the invention also provides a kind of safety check system, and the system includes:Check system
910 and the first system 920 and second system 930 that are communicated respectively with the check system 910, wherein,
The first system 920, the first checking information for obtaining second system 930 to check system 910, and by described the
One checking information is added in the interface requests for calling the second system 930.
Specifically, the first system 920 first judges whether to obtain second system when calling the interface of second system 930
First checking information of 930 distribution, if not obtaining, is first obtained to check system 910, if having obtained, is touched
Send out second system 920.
The first system 920 can be first according to the domain name of the environment of the second system 930 to be accessed, that is, second system 930
HTTP (HyperText TransferProtocol, HTTP) is first passed through to ask to obtain the to check system 910
Two system 930 is pre-assigned to the first checking information of the first system 920 in the present context.The first system 920 preserves first and tested
Information is demonstrate,proved, and the first checking information is added in the header of HTTP request.
Further, the first checking information is at least included in being distributed to by second system 930 of being stored in check system 910
The username and password of the first system 920.
Second system 930, for receiving the interface requests, and obtain from the check system 910 distribute to it is described
Second checking information of the first system 920, when judging that first checking information is consistent with second checking information, then
Verification passes through.
Specifically, second system 930 specifically for:
Receive the interface requests of the first system 920;
Judge whether to obtain the second checking information for distributing to the first system 920;First is distributed to when judgement is obtained
Second checking information of system 920, then judge whether the first checking information is consistent with the second checking information, if unanimously, verifying
Pass through, if inconsistent, verification failure;
When the second checking information of the first system 920 is distributed in judgement without acquisition, then obtain and divide from check system 910
Second checking information of dispensing the first system 920;
Specifically, the second checking information includes:Under the present circumstances, second system 930 is pre-assigned to the first system 920
Username and password.
Second checking information is stored in by check system 910 after the second checking information that second system 930 is sent is received
In checking system.
More specifically, second system 930 is by the username and password and the header of interface requests in the second checking information
In username and password be compared, if unanimously, enter step verification passes through, if inconsistent, verification failure and flow
Terminate.
Further, during the checking action in the present embodiment is all the JAR bags provided by safety check system 910
Tangent plane intercepts what is carried out.By way of tangent plane is intercepted, unified processing is carried out to total interface.In the present embodiment, it is based on
With BaseAuth verification schemes, a set of check system 910 is realized, the system is by the client of this safety check mechanism and service
Validation Code is held all to be realized, and by the form of tangent plane, to intercept the interface processing of each system, to carry out unified client
End processing and service end checking.Safety check system 910 packs the code of this part, and each is supplied in the form of JAR bags
System is used.So, each system avoids the need for oneself going to write the code of repetition again realizing interface check function.
Further, for the security of strengthening system, each system user name and password preserved in check system 910
All it is encrypting storing, the information that keeper is seen also all is the information after encryption, so as to ensure information security.
After verification passes through, then second system 930 performs interface, and returns to implementing result to the first system 920.
Further, second system 930, are additionally operable in advance send the checking information for distributing to each system to the school
Check system 910 is registered.
Specifically, check system 910 provides enrollment page, and the checking of each system is provided with the related field of enrollment page
Information, the checking information at least includes:Systematic name, access systematic name, unique identifying number, exploitation test and formal environments
Domain name etc..For example:Second system 930 according to the environment at place (such as:Test environment either formal environments etc.), will distribute to
The checking information of a few the first system 920 is sent to check system 910 and registered.
Correspondingly, the username and password information table of each system distribution is preserved in check system 910.
Check system 910, is additionally operable to be Generated Certificate according to the checking information.
Specifically, after succeeding in registration, according to the checking information of reception, check system 910 generates a https traffic and needed
The certificate to be used.
Second system 930, is additionally operable to download the certificate, to be added by the certificate and the check system 910
Close communication.
Specifically, second system 930 is downloaded after the certificate, is encrypted using the certificate and safety check system 910 logical
Letter, to obtain the username and password that second system 930 needs calling system to distribute to oneself.
Further, second system 930, are additionally operable to set the update cycle of checking information, and the update cycle is sent out
Deliver to the check system 910.
Specifically, the update cycle can be one month or 1 year, and second system 930 sends out the update cycle being provided with
Deliver to check system 910.
The check system 910, is additionally operable to, when reaching the update cycle, be updated checking information.
Specifically, the checking information after renewal can second system 930 set the update cycle when be configured,
It can be set by check system 910.After the update cycle is reached, check system 910 is according to default or randomly update
Checking information.
Further, system also includes message center 940, and the message center 940 have updated described test for detecting
Information is demonstrate,proved, and sends notice to the first system 920 and the second system 930 respectively.
Specifically, in the present embodiment, message center 940 can be Zookeeper, that is to say, that when Zookeeper inspections
When measuring check system 910 and have updated checking information, Zookeeper passes through HTTPS and notifies the first system 920 and second system
930 carry out the renewal of checking information.In the present embodiment, unified check system 910 provides Zookeeper and is used as message center
940, when secure authentication information changes, each system can be notified by the message center 940 in time.
Notified according to described, the first system 920 and the second system 930 are obtained to the check system 910 respectively
Take the checking information after updating.
Specifically, after the first system 920 and second system 930 receive Zookeeper message, verification is passed through respectively
System 910 obtains the checking information after updating.
Exemplarily, the username and password information table of each system distribution preserved in the check system 910 shown in Fig. 5
Block diagram.In Figure 5, the enrollment page field of check system 910 includes:Systematic name, environment, domain name, access system, user
Name, password and update cycle.System B needs calling system A interface, and the environment residing for system A is development environment, and domain name is
A.dev.com, then check system 910B process is as follows:
(1) system B obtains the user that system B is distributed under the system A environment by HTTPS request to check system 910
Name (adevb) and password (bdeva).
(2) system B preserves the username and password, and username and password is added in the header of HTTP request.
(3) system A is obtained to check system 910 after system B request is received and is distributed to system under development environment
B user name (adevb) and password (bdeva), and preserve in systems.
(4) username and password is compared by system A with the user name password in system B request header informations, and result is
Consistent, then it is verified.
The safety check system of the present embodiment, second system 930 is obtained by the first system 920 to check system 910
First checking information, and the first checking information is added in the interface requests for calling second system 930, second system 930 connects
Receive after interface requests, obtained from check system 910 and distribute to the second checking information of the first system 920, when judging the
When one checking information is consistent with the second checking information, then verification passes through, so that each system need not change code or configuration file,
Can be in development environment, test environment from using different safety check information in formal environments.
Fifth embodiment of the invention further provides for a kind of terminal, based on the above embodiments, terminal include processor, with
And memory;
Processor is used to perform the safety check routines stored in memory, to realize following steps:
When the first system, which is sent, calls the interface requests of second system, send second system to the first system first is tested
Demonstrate,prove information;
Second system is received after the interface requests, is sent to the second system and is distributed to the second of the first system
Checking information, when the second system judges that first checking information is consistent with second checking information, is then verified
Pass through.
Specifically, the first system can be according to the domain name of the environment of the second system to be accessed, that is, second system, first
The first checking information that second system is pre-assigned to the first system in the present context is sent to the first system by HTTP request.
The first system preserves the first checking information, and the first checking information is added in the header of HTTP request.
Further, the first checking information be at least included in stored in check system distribute to first by second system and be
The username and password of system.
After second system receives interface requests, the request sent according to second system sends advance to second system
Distribute to the second checking information of the first system, second system is by the username and password and interface requests in the second checking information
Header in username and password be compared, if unanimously, verification pass through, if inconsistent, verification failure.
Second checking information includes:Under the present circumstances, second system is pre-assigned to the user name of the first system and close
Code.
The checking for carrying out second system is further intercepted there is provided the tangent plane in JAR bags.By way of tangent plane is intercepted,
Unified processing is carried out to total interface.In the present embodiment, based on BaseAuth verification schemes, by this safety check machine
The client and service end Validation Code of system all realized, and by the form of tangent plane, is handled the interface that intercepts each system,
To carry out unified client process and service end checking.The code of this part is packed, each is supplied in the form of JAR bags
System is used.
Further, for the security of strengthening system, in addition it is also necessary to each system user name of encrypting storing and password, keeper
The information seen also all is the information after encryption, so as to ensure information security.
Alternatively, processor is additionally operable to perform the safety check routines stored in memory, to realize following steps:
The checking information of each system is pre-assigned to according to institute's second system, and registered;
Generated Certificate, communicated with being encrypted by the certificate with the second system according to the checking information.
Specifically, in checking information of the related field provided with each system of enrollment page, the checking information at least includes:
Systematic name, the domain name for accessing systematic name, unique identifying number, exploitation test and formal environments etc..For example:Second system according to
The environment at place is (such as:Test environment either formal environments etc.), receive that second system sends distribute at least one first
The checking information of system, and registered.
Correspondingly, the username and password information table of each system distribution is preserved.
After succeeding in registration, according to the checking information of reception, one https traffic of generation needs the certificate used.Second
System is downloaded after the certificate, is encrypted and communicated with second system using the certificate, calling system is needed to obtain second system
Distribute to the username and password of oneself.
Alternatively, processor is additionally operable to perform the safety check routines stored in memory, to realize following steps:
Receive the update cycle for the checking information that second system is sent;
When reaching the update cycle, then checking information is updated;
According to the request of the first system and the renewal checking information of the second system, respectively to the first system
The checking information after updating is sent with second system.
Specifically, the update cycle can be one month or 1 year, receive the renewal being provided with that second system is sent
Cycle.
Checking information after renewal can be that second system is configured when setting the update cycle or by school
What check system was set.After the update cycle is reached, according to default or randomly update checking information.
After the first system and second system receive the message of message center transmission, the first system and second system are received
The request for updating checking information is sent, and the checking after updating is sent to the first system and second system according to the request respectively and is believed
Breath.
The terminal of the present embodiment, when the first system, which is sent, calls the interface requests of second system, sends to the first system
First checking information of second system, after the request of second system receiving interface, sends to second system and distributes to the first system
Second checking information, when second system judges that the first checking information is consistent with the second checking information, then verification passes through, so that
Each system need not change code or configuration file, you can in development environment, test environment from using different peaces in formal environments
Full check information.
The embodiment of the present application additionally provides a kind of computer-readable recording medium.Here computer-readable recording medium is deposited
Contain one or more program.Wherein, computer-readable recording medium can include volatile memory, such as arbitrary access
Memory;Memory can also include nonvolatile memory, and such as read-only storage, flash memory, hard disk or solid-state are hard
Disk;Memory can also include the combination of the memory of mentioned kind.When one or more in computer-readable recording medium
Program can be by one or more computing device, to realize safe checking method that above-mentioned second embodiment is provided.
It should be noted that herein, term " comprising ", "comprising" or its any other variant are intended to non-row
His property is included, so that process, method, article or device including a series of key elements not only include those key elements, and
And also including other key elements being not expressly set out, or also include for this process, method, article or device institute inherently
Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including this
Also there is other identical element in process, method, article or the device of key element.
The embodiments of the present invention are for illustration only, and the quality of embodiment is not represented.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Understood based on such, technical scheme is substantially done to prior art in other words
Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium
In (such as ROM/RAM, magnetic disc, CD), including some instructions are to cause a station terminal (can be mobile phone, computer, service
Device, air conditioner, or network equipment etc.) perform method described in each of the invention embodiment.
Embodiments of the invention are described above in conjunction with accompanying drawing, but the invention is not limited in above-mentioned specific
Embodiment, above-mentioned embodiment is only schematical, rather than restricted, one of ordinary skill in the art
Under the enlightenment of the present invention, in the case of present inventive concept and scope of the claimed protection is not departed from, it can also make a lot
Form, these are belonged within the protection of the present invention.
Claims (10)
1. a kind of safe checking method, it is characterised in that methods described includes step:
The first system obtains the first checking information of second system to check system, and first checking information is added into tune
In interface requests with the second system;
The second system receives the interface requests, and obtains from the check system and to distribute to the of the first system
Two checking informations, when judging that first checking information is consistent with second checking information, then verification passes through.
2. safe checking method according to claim 1, it is characterised in that methods described also includes:
The second system sets the update cycle of checking information, and the update cycle is sent to the check system;
When reaching the update cycle, the check system is updated to checking information.
3. safe checking method according to claim 2, it is characterised in that methods described also includes:
Message center, which is detected, have updated the checking information, and send logical to the first system and the second system respectively
Know;
Notified according to described, the first system and the second system obtain the checking after updating to the check system respectively
Information.
4. safe checking method according to claim 1, it is characterised in that obtain second to check system in the first system
Before first checking information of system, methods described also includes:
The checking information for distributing to each system is sent to the check system registered in advance by the second system;
The check system Generates Certificate according to the checking information;
The second system downloads the certificate, is communicated with being encrypted by the certificate with the check system.
5. a kind of safe checking method, it is characterised in that run in check system, methods described includes step:
When the first system, which is sent, calls the interface requests of second system, the first checking for sending second system to the first system is believed
Breath;
The second system is received after the interface requests, is sent to the second system and is distributed to the second of the first system
Checking information, when the second system judges that first checking information is consistent with second checking information, is then verified
Pass through.
6. safe checking method according to claim 5, it is characterised in that methods described also includes:
Receive the update cycle for the checking information that the second system is sent;
When reaching the update cycle, then checking information is updated.
7. safe checking method according to claim 6, it is characterised in that methods described also includes:
According to the request of the first system and the renewal checking information of the second system, respectively to the first system and
Two system sends the checking information after updating.
8. safe checking method according to claim 5, it is characterised in that described to the first system transmission second system
The first checking information before, methods described also includes:
The checking information of each system is pre-assigned to according to the second system, and is registered;
Generated Certificate, communicated with being encrypted by the certificate with the second system according to the checking information.
9. a kind of terminal, it is characterised in that the terminal includes processor and memory;
The processor is used to perform the safety check routines stored in memory, to realize described in claim any one of 5-8
Method.
10. a kind of computer-readable recording medium, it is characterised in that be stored with safe school on the computer-readable recording medium
Program is tested, the safety check side as described in claim any one of 5-8 is realized when the safety check routines are executed by processor
The step of method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710404772.5A CN107317800A (en) | 2017-06-01 | 2017-06-01 | Safe checking method, terminal and computer-readable recording medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710404772.5A CN107317800A (en) | 2017-06-01 | 2017-06-01 | Safe checking method, terminal and computer-readable recording medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107317800A true CN107317800A (en) | 2017-11-03 |
Family
ID=60182268
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710404772.5A Pending CN107317800A (en) | 2017-06-01 | 2017-06-01 | Safe checking method, terminal and computer-readable recording medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107317800A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107302526A (en) * | 2017-06-07 | 2017-10-27 | 努比亚技术有限公司 | System interface call method, equipment and computer-readable recording medium |
CN110399411A (en) * | 2019-06-21 | 2019-11-01 | 中国平安财产保险股份有限公司 | Data source switch method, device, equipment and computer readable storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103701761A (en) * | 2012-09-28 | 2014-04-02 | 中国电信股份有限公司 | Authentication method for invoking open interface and system |
CN104301331A (en) * | 2014-10-31 | 2015-01-21 | 北京思特奇信息技术股份有限公司 | Service interface permissions validation method and device |
CN105262717A (en) * | 2015-08-31 | 2016-01-20 | 福建天晴数码有限公司 | Network service security management method and device |
CN106453519A (en) * | 2016-09-21 | 2017-02-22 | 合网络技术(北京)有限公司 | Interface call method and device |
CN107241308A (en) * | 2017-04-27 | 2017-10-10 | 努比亚技术有限公司 | A kind of method, device and mobile terminal for realizing safety check |
-
2017
- 2017-06-01 CN CN201710404772.5A patent/CN107317800A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103701761A (en) * | 2012-09-28 | 2014-04-02 | 中国电信股份有限公司 | Authentication method for invoking open interface and system |
CN104301331A (en) * | 2014-10-31 | 2015-01-21 | 北京思特奇信息技术股份有限公司 | Service interface permissions validation method and device |
CN105262717A (en) * | 2015-08-31 | 2016-01-20 | 福建天晴数码有限公司 | Network service security management method and device |
CN106453519A (en) * | 2016-09-21 | 2017-02-22 | 合网络技术(北京)有限公司 | Interface call method and device |
CN107241308A (en) * | 2017-04-27 | 2017-10-10 | 努比亚技术有限公司 | A kind of method, device and mobile terminal for realizing safety check |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107302526A (en) * | 2017-06-07 | 2017-10-27 | 努比亚技术有限公司 | System interface call method, equipment and computer-readable recording medium |
CN110399411A (en) * | 2019-06-21 | 2019-11-01 | 中国平安财产保险股份有限公司 | Data source switch method, device, equipment and computer readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104378342B (en) | Many accounts verification method, Apparatus and system | |
CN106506146A (en) | Based on the Transaction Information method of calibration of block chain technology, apparatus and system | |
CN103581105B (en) | Login validation method and login authentication system | |
US9059978B2 (en) | System and methods for remote maintenance in an electronic network with multiple clients | |
CN108416589A (en) | Connection method, system and the computer readable storage medium of block chain node | |
US9641535B2 (en) | Apparatus and data processing systems for accessing an object | |
CN110519115A (en) | Gateway interface test method, terminal device, storage medium and device | |
CN106304074A (en) | Auth method and system towards mobile subscriber | |
CN104980393B (en) | Method of calibration, system, server and terminal | |
CN105991709A (en) | Cloud desktop account number management method and apparatus thereof | |
CN103812651B (en) | Method of password authentication, apparatus and system | |
CN206212040U (en) | A kind of real-name authentication system for express delivery industry | |
CN102143492B (en) | Method for establishing virtual private network (VPN) connection, mobile terminal and server | |
CN108322416A (en) | A kind of safety certification implementation method, apparatus and system | |
CN109040069A (en) | A kind of dissemination method, delivery system and the access method of cloud application program | |
CN110175439A (en) | User management method, device, equipment and computer readable storage medium | |
CN103944889A (en) | Method for online identity authentication of network user and authentication server | |
CN110708162A (en) | Resource acquisition method and device, computer readable medium and electronic equipment | |
CN103401686B (en) | A kind of user's OTP WEB Authentication System and application process thereof | |
CN106203021A (en) | The application login method of a kind of many certification modes integration and system | |
CN107317800A (en) | Safe checking method, terminal and computer-readable recording medium | |
CN111431957B (en) | File processing method, device, equipment and system | |
CN109981677A (en) | A kind of credit management method and device | |
CN110362984A (en) | Method and device for operating service system by multiple devices | |
CN109495458A (en) | A kind of method, system and the associated component of data transmission |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171103 |