CN108875410A - Distributed search cluster right management method and device calculate equipment - Google Patents
Distributed search cluster right management method and device calculate equipment Download PDFInfo
- Publication number
- CN108875410A CN108875410A CN201810699629.8A CN201810699629A CN108875410A CN 108875410 A CN108875410 A CN 108875410A CN 201810699629 A CN201810699629 A CN 201810699629A CN 108875410 A CN108875410 A CN 108875410A
- Authority
- CN
- China
- Prior art keywords
- user
- index data
- configuration file
- operating right
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a kind of distributed search cluster right management method and device, equipment is calculated, the method includes:The configuration file of rights management is configured in management node;Wherein, configuration file record has user to the operating right of index data;The configuration file for being used for rights management is loaded into each node of distributed search cluster;Each node obtains the operating right with the associated index data of login user according to the User ID of login user, to determine the login user operation executable to index data.Distributed search cluster, to the operating right of index data, user and index data permission is managed using configuration file configuration user.In each node loading configuration file, allow each node user according to recorded in configuration file to the operating right of index data, the effective operation for controlling login user to index data.
Description
Technical field
The present invention relates to software fields, and in particular to a kind of distributed search cluster right management method and device, calculating
Equipment.
Background technique
Distributed search cluster itself is not provided with rights management, it means that as long as knowing the distributed search cluster
IP address, port information can directly access the distributed search cluster, get the index data of its storage.Index data
In the presence of the risks such as leakage, stolen.Meanwhile distributed search cluster is not provided with rights management, accordingly also just not to index
The problems such as operation of data is protected, and maloperation to index data, misoperation or even malicious modification are easy to produce, pole
Easily cause the loss of index data.
Rights management effectively can carry out safety management to index data, and the problems such as above is avoided to cause index data
Adverse effect.Therefore, it is necessary to a kind of distributed search cluster right management methods.
Summary of the invention
In view of the above problems, it proposes on the present invention overcomes the above problem or at least be partially solved in order to provide one kind
State the distributed search cluster right management method and device, calculating equipment of problem.
According to an aspect of the invention, there is provided a kind of distributed search cluster right management method comprising:
The configuration file of rights management is configured in management node;Wherein, configuration file record has user to index
The operating right of data;
The configuration file for being used for rights management is loaded into each node of distributed search cluster;
Each node obtains the operating right with the associated index data of login user according to the User ID of login user, with
Determine the operation that index data can be performed in login user.
According to another aspect of the present invention, a kind of distributed search cluster rights management device is provided comprising:
Management module, suitable for being configured to the configuration file of rights management;Wherein, configuration file record has user to index
The operating right of data;
Loading module, suitable for the configuration file for being used for rights management to be loaded into each node of distributed search cluster
In;
Determining module, suitable for obtaining the operating rights with the associated index data of login user according to the User ID of login user
Limit, to determine the login user operation executable to index data.
According to another aspect of the invention, a kind of calculating equipment is provided, including:Processor, memory, communication interface and
Communication bus, processor, memory and communication interface complete mutual communication by communication bus;
Memory makes processor execute above-mentioned distributed search collection for storing an at least executable instruction, executable instruction
The corresponding operation of group's right management method.
In accordance with a further aspect of the present invention, a kind of computer storage medium is provided, at least one is stored in storage medium
Executable instruction, executable instruction make processor execute such as the corresponding operation of above-mentioned distributed search cluster right management method.
The distributed search cluster right management method and device that there is provided according to the present invention calculate equipment, in management node
In be configured to the configuration file of rights management;Wherein, configuration file record has user to the operating right of index data;It will use
In each node that the configuration file of rights management is loaded into distributed search cluster;Each node is according to the use of login user
Family ID obtains the operating right with the associated index data of login user, to determine the login user behaviour executable to index data
Make.Distributed search cluster, to the operating right of index data, user and index data is weighed using configuration file configuration user
Limit is managed.In each node loading configuration file, allow each node user couple according to recorded in configuration file
The operating right of index data, the effective operation for controlling login user to index data.The present invention is to user to index data
Operating right is defined, and realizes the protection to index data operation, avoids faulty operation or illegal behaviour to index data
Make.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,
And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage can
It is clearer and more comprehensible, the followings are specific embodiments of the present invention.
Detailed description of the invention
By reading the following detailed description of the preferred embodiment, various other advantages and benefits are common for this field
Technical staff will become clear.The drawings are only for the purpose of illustrating a preferred embodiment, and is not considered as to the present invention
Limitation.And throughout the drawings, the same reference numbers will be used to refer to the same parts.In the accompanying drawings:
Fig. 1 shows the flow chart of distributed search cluster right management method according to an embodiment of the invention;
Fig. 2 shows the flow charts of distributed search cluster right management method in accordance with another embodiment of the present invention;
Fig. 3 shows the functional block diagram of distributed search cluster rights management device according to an embodiment of the invention;
Fig. 4 shows a kind of structural schematic diagram for calculating equipment according to an embodiment of the invention.
Specific embodiment
Exemplary embodiments of the present disclosure are described in more detail below with reference to accompanying drawings.Although showing the disclosure in attached drawing
Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here
It is limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure
It is fully disclosed to those skilled in the art.
Fig. 1 shows the flow chart of distributed search cluster right management method according to an embodiment of the invention.Such as
Shown in Fig. 1, distributed search cluster right management method specifically comprises the following steps:
Step S101 is configured to the configuration file of rights management in management node.
It include a management node in distributed search cluster, management node may be configured to the configuration text of rights management
Part, wherein configuration file record has user to the operating right of index data.Configuration file is suitable for distributed search cluster
The index data that each node is stored.The operating right of index data includes read-only operation, read-write operation, creation operation, repairs
Change operation, delete operation etc..Read-only operation, which limits, the operation such as can only be inquired index data, be read;Read-write operation can
The operation such as to be inquired index data, be read, be written;Creation operation can create new index data;Modification operation can
To modify existing index data;Delete operation can delete existing index data.The operating right of index data is according to reality
Applying situation can be set one or more, herein without limitation.
In management node configure configuration file when, need for different user, different index data operating right into
Row configuration.As record has user A to there is read-only operation permission, user B to have to index data b index data a in configuration file
There are modification operating right and delete operation permission, user C that there is creation operating right etc. to index data.Management node is according to industry
Business needs, and can be pre-configured with different business user to the different operation authority of index data, and save it in configuration file
In.
The configuration file for being used for rights management is loaded into each node of distributed search cluster by step S102.
The configured configuration file for being used for rights management is loaded into each node of distributed search cluster, makes to match
File is set to come into force.After only configuration file is loaded into each node, each node could be according to the user recorded in configuration file
To the operating right of index, user judges the operation of the index data stored in node.
Step S103, each node obtain the behaviour with the associated index data of login user according to the User ID of login user
Make permission, to determine the login user operation executable to index data.
Each node User ID according to used in currently logged on user, it is available to arrive rope associated with login user
The operating right of argument evidence.If login user User ID be user A, get user A it is associated to index data a have only
Read operation permission.According to the operating right with the associated index data of login user got, it is determined that login user can be with
The operation that index data is executed.
When login user does not meet the operation that login user can execute index data to the operation that index data executes
When, the corresponding node for storing the index data can not execute the operation;Alternatively, not open executable operation interface is stepped on
Employ family.As user A there is read-only operation permission to deposit when user A is read index data a index data a
The node of storage index data a executes the operation, other nodes do not execute the operation;When user A modifies behaviour to index data a
When making, the node of storage index data a does not execute the operation, other nodes do not execute the operation yet.
The distributed search cluster right management method provided according to the present invention, is configured to permission pipe in management node
The configuration file of reason;Wherein, configuration file record has user to the operating right of index data;It will be used for the configuration of rights management
File is loaded into each node of distributed search cluster;Each node obtains according to the User ID of login user and logs in use
The operating right of the associated index data in family, to determine the login user operation executable to index data.Distributed search collection
Group, to the operating right of index data, user and index data permission is managed using configuration file configuration user.Each
A node loading configuration file allows each node user according to recorded in configuration file to the operating rights of index data
Limit, the effective operation for controlling login user to index data.The present invention is defined user to index data operating right,
The protection to index data operation is realized, the faulty operation or illegal operation to index data are avoided.
Fig. 2 shows the flow charts of distributed search cluster right management method in accordance with another embodiment of the present invention.
As shown in Fig. 2, distributed search cluster right management method specifically comprises the following steps:
Step S201 is configured to the configuration file of rights management in management node.
For convenience of being managed to configuration file, configuration of multiple configuration files completions to rights management can be used.Match
Setting file includes index data operating right configuration file, user and index data operating right associated configuration file, Yong Huguan
Manage multiple configuration files such as configuration file.
The different operating rights of each index data, such as index data are recorded in index data operating right configuration file
The read-only authority of a, modification operating right, the delete operation permission of index data b of index data b etc.;Preferably, every record
One operating right of one index data is only set, in the configuration user operating right different to index data, Ke Yizhi
It connects a plurality of record and user-association of index data different operation authority, without being directed to each user to index data
Different operation authority establishes a plurality of record.The item number recorded in index data operating right configuration file in this way is less, saves text
Part occupies resource.Such as user B has modification operating right and delete operation permission, user C to index data index data b
B has delete operation permission to index data b with modification operating right, user D, if index data operating right configuration text
An operating right of an index data is only arranged in every record in part, can be directly by user B and index data operating rights
Modification operating right, the delete operation permission of index data b for limiting index data b in configuration file are associated, by user C and rope
Argument is associated according to the modification operating right of index data b in operating right configuration file, by user D and index data operating rights
The delete operation permission for limiting index data b in configuration file is associated.Rope is only saved in index data operating right configuration file
Argument is according to the modification operating right of b, delete operation permission 2 records of index data b.But work as index data operating right
When every index data operating right for recording corresponding user is arranged in configuration file, for user B, C and D, index data behaviour
Need to be arranged delete operation permission, the index number of the modification operating right and index data b of index data b as competence profile
It could be by the operating rights of user and index data according to delete operation permission three records of the modification operating right of b, index data b
Limit is associated, increases the data volume that index data operating right configuration file needs to record.
Users' correlations such as User ID, login password, the User Status of each user letter is recorded in user management configuration file
Breath, it is convenient that user is managed.When creating new user, added in user management configuration file new user User ID,
The user related informations such as login password, User Status;It, can be in user management configuration file when needing to modify certain user information
In modify to user related informations such as login password, the User Status of the user.
The operation of the index data of each user-association is recorded in user and index data operating right associated configuration file
Permission.Wherein, in the operating right to different user association index data, specifically, receiving as worked as new user configuration
When the order of the operating right of corresponding assigned indexes data, whether first search index data manipulation competence profile has been recorded
The operating right of assigned indexes data;If it is not, first in the behaviour of index data operating right configuration file addition assigned indexes data
Make permission;The operating right note of one or more assigned indexes data is newly increased in index data operating right configuration file
Record.For new user, it is also necessary to be that new user creates new User ID, and improves the use of new user in user management configuration file
Family relevant information.The operating right of new User ID and assigned indexes data is associated again, is stored in user and index data
In operating right associated configuration file.It is specified to increase new User ID-in user and index data operating right associated configuration file
The record of the operating right of index data.Alternatively, when receiving the operation for configuring corresponding assigned indexes data for existing subscriber
When the order of permission, whether first search index data manipulation competence profile records the operating right of assigned indexes data;
If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;I.e. in index data operating rights
Limit configuration file newly increases the operating right record of one or more assigned indexes data.For existing subscriber, from user management
Existing subscriber ID can be directly acquired in configuration file;It is closed by existing subscriber ID and the operating right of assigned indexes data
Connection is stored in user and index data operating right associated configuration file.User and index data operating right associated configuration
Increase the record of the operating right of existing subscriber ID- assigned indexes data in file.
By handling above, the configuration file that rights management is configured in management node is completed.
The configuration file for being used for rights management is loaded into each node of distributed search cluster by step S202.
Configured multiple configuration files are loaded into each node of distributed search cluster, each configuration text is made
Part comes into force.
Step S203 extracts rights management related data according to user and index data operating right associated configuration file,
And it saves it in database.
It, can also be according to user and index data operating rights for convenience of quick obtaining user to the operating right of index data
Associated configuration file is limited, therefrom rights management related data at extraction.Rights management related data include User ID, log in it is close
The operating right of code, corresponding index data.Each use can be clearly understood that by these rights management related datas
The operating right of the corresponding index data in family.Further, the rights management related data extracted is saved in the database.It protects
When depositing, the modification behaviour that User ID is A1, the operating right of login password XX, index data is index data a can be saved as
Make permission;The delete operation permission etc. that User ID is A1, the operating right of login password XX, index data is index data a.
That is a data saves an operating right of an index data of a User ID.It can once get and step on from database
The operating right of all index datas in family is employed, efficiency is higher.Inquiry database is obtained with from each node reading configuration file
The operating right of the index data of login user is taken to compare, speed faster, more saves the time.
Further, it after configuration file is modified, needs to re-execute the steps S202 and S203, by new configuration file
It is loaded into each node of distributed search cluster, it is made to come into force.Meanwhile the rights management saved in more new database is related
Data avoid judging the operation of user and index data using expired rights management related data.
Step S204, each node obtain the behaviour of corresponding index data according to the User ID of login user from database
Make permission.
Each node searches the rights management related data that database saves, from data according to the User ID of login user
The operating right of corresponding index data is got in library.If the User ID of login user A is A1, User ID in database is searched
For all data of A1, the deletion behaviour of modification operating right and index data a of the login user A with index data a is got
Make permission.
Further, the password inputted when user logs in can also be judged according to the login password of the user saved in database
It is whether correct, it avoids that the problems such as illegally logging in occurs.
Step S205 determines the operation that index data can be performed in login user according to the operating right of index data.
According to the operating right of the corresponding index data of the login user of acquisition, each node can determine login user pair
Whether the operation of index data can be performed.Such as get modification operating right and index number that login user A has index data a
According to the delete operation permission of a, when login user A, which modifies to index data a, to be operated, determine that the operation is executable behaviour
Make, modifies to index data a;When login user A, which modifies to index data b, to be operated, determining that the operation is not can
The operation of execution does not modify to index data b;When login user A carries out delete operation to index data a, determining should
Operation is executable operation, is deleted etc. index data a.
The distributed search cluster right management method provided according to the present invention, is respectively configured rope in each configuration file
The operating right of argument evidence, user information, user and associated index data operating right, complete user and index data behaviour
Make the association of permission.Configuration file is loaded into each node, configuration file is made to come into force.Further, it according to configuration file, extracts
Rights management related data out is saved into database.The corresponding index number of login user is obtained by inquiry database
According to operating right compared with reading configuration file and obtaining the operating right of the corresponding index data of login user, speed faster,
The time is more saved, is improved efficiency.
Fig. 3 shows the functional block diagram of distributed search cluster rights management device according to an embodiment of the invention.
As shown in figure 3, distributed search cluster rights management device includes following module:
Management module 310 is suitable for:It is configured to the configuration file of rights management;Wherein, configuration file record has user couple
The operating right of index data.
Loading module 320 is suitable for:The configuration file for being used for rights management is loaded into each section of distributed search cluster
Point in.
Determining module 330 is suitable for:The behaviour with the associated index data of login user is obtained according to the User ID of login user
Make permission, to determine the login user operation executable to index data.
Further, management module 310 includes new user right associative cell 311 and existing subscriber's permission associative cell 312.
New user right associative cell 311 is suitable for:When receiving as the behaviour of the corresponding assigned indexes data of new user configuration
When making the order of permission, whether search index data manipulation competence profile records the operating right of assigned indexes data;
If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;In user management configuration file
In be that new user creates new User ID;The operating right of new User ID and assigned indexes data is associated, user is stored in
In index data operating right associated configuration file.
Existing subscriber's permission associative cell 312 is suitable for:Corresponding assigned indexes data are configured when receiving for existing subscriber
Operating right order when, whether search index data manipulation competence profile records the operating rights of assigned indexes data
Limit;If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;Text is configured from user management
Existing subscriber ID is obtained in part;Existing subscriber ID and the operating right of assigned indexes data are associated, be stored in user with
In index data operating right associated configuration file.
Further, device further includes preserving module 340.Preserving module 340 is suitable for:According to user and index data operating rights
Associated configuration file is limited, extracts rights management related data, and save it in database;Wherein, rights management dependency number
According to the operating right including User ID, login password and/or index data.
Further, determining module 330 is further adapted for:Each node is obtained from database according to the User ID of login user
Take the operating right of corresponding index data;According to the operating right of index data, determine that login user can hold index data
Capable operation.
It is described in the specific descriptions reference method embodiment of above each module, details are not described herein.
The distributed search cluster rights management device provided according to the present invention, is configured to permission pipe in management node
The configuration file of reason;Wherein, configuration file record has user to the operating right of index data;It will be used for the configuration of rights management
File is loaded into each node of distributed search cluster;Each node obtains according to the User ID of login user and logs in use
The operating right of the associated index data in family, to determine the login user operation executable to index data.Distributed search collection
Group, to the operating right of index data, user and index data permission is managed using configuration file configuration user.Each
A node loading configuration file allows each node user according to recorded in configuration file to the operating rights of index data
Limit, the effective operation for controlling login user to index data.The present invention is defined user to index data operating right,
The protection to index data operation is realized, the faulty operation or illegal operation to index data are avoided.
Present invention also provides a kind of nonvolatile computer storage media, the computer storage medium is stored at least
The distributed search cluster permission in above-mentioned any means embodiment can be performed in one executable instruction, the computer executable instructions
Management method.
Fig. 4 shows a kind of structural schematic diagram for calculating equipment according to an embodiment of the invention, and the present invention is specifically real
Example is applied not limit the specific implementation for calculating equipment.
As shown in figure 4, the calculating equipment may include:Processor (processor) 402, communication interface
(Communications Interface) 404, memory (memory) 406 and communication bus 408.
Wherein:
Processor 402, communication interface 404 and memory 406 complete mutual communication by communication bus 408.
Communication interface 404, for being communicated with the network element of other equipment such as client or other servers etc..
Processor 402 can specifically execute above-mentioned distributed search cluster right management method for executing program 410
Correlation step in embodiment.
Specifically, program 410 may include program code, which includes computer operation instruction.
Processor 402 may be central processor CPU or specific integrated circuit ASIC (Application
Specific Integrated Circuit), or be arranged to implement the integrated electricity of one or more of the embodiment of the present invention
Road.The one or more processors that equipment includes are calculated, can be same type of processor, such as one or more CPU;It can also
To be different types of processor, such as one or more CPU and one or more ASIC.
Memory 406, for storing program 410.Memory 406 may include high speed RAM memory, it is also possible to further include
Nonvolatile memory (non-volatile memory), for example, at least a magnetic disk storage.
Program 410 specifically can be used for so that processor 402 executes the distributed search in above-mentioned any means embodiment
Cluster right management method.The specific implementation of each step may refer to above-mentioned distributed search cluster rights management in program 410
Corresponding description in corresponding steps and unit in embodiment, this will not be repeated here.Those skilled in the art can be clearly
Recognize, for convenience and simplicity of description, the equipment of foregoing description and the specific work process of module, preceding method can be referred to
Corresponding process description in embodiment, details are not described herein.
Algorithm and display are not inherently related to any particular computer, virtual system, or other device provided herein.
Various general-purpose systems can also be used together with teachings based herein.As described above, it constructs required by this kind of system
Structure be obvious.In addition, the present invention is also not directed to any particular programming language.It should be understood that can use various
Programming language realizes summary of the invention described herein, and the description done above to language-specific is to disclose this hair
Bright preferred forms.
In the instructions provided here, numerous specific details are set forth.It is to be appreciated, however, that implementation of the invention
Example can be practiced without these specific details.In some instances, well known method, structure is not been shown in detail
And technology, so as not to obscure the understanding of this specification.
Similarly, it should be understood that in order to simplify the disclosure and help to understand one or more of the various inventive aspects,
Above in the description of exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes
In example, figure or descriptions thereof.However, the disclosed method should not be interpreted as reflecting the following intention:It is i.e. required to protect
Shield the present invention claims features more more than feature expressly recited in each claim.More precisely, as following
Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
Thus the claims for following specific embodiment are expressly incorporated in the specific embodiment, wherein each claim itself
All as a separate embodiment of the present invention.
Those skilled in the art will understand that can be carried out adaptively to the module in the equipment in embodiment
Change and they are arranged in one or more devices different from this embodiment.It can be the module or list in embodiment
Member or component are combined into a module or unit or component, and furthermore they can be divided into multiple submodule or subelement or
Sub-component.Other than such feature and/or at least some of process or unit exclude each other, it can use any
Combination is to all features disclosed in this specification (including adjoint claim, abstract and attached drawing) and so disclosed
All process or units of what method or apparatus are combined.Unless expressly stated otherwise, this specification is (including adjoint power
Benefit require, abstract and attached drawing) disclosed in each feature can carry out generation with an alternative feature that provides the same, equivalent, or similar purpose
It replaces.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments
In included certain features rather than other feature, but the combination of the feature of different embodiments mean it is of the invention
Within the scope of and form different embodiments.For example, in the following claims, embodiment claimed is appointed
Meaning one of can in any combination mode come using.
Various component embodiments of the invention can be implemented in hardware, or to run on one or more processors
Software module realize, or be implemented in a combination thereof.It will be understood by those of skill in the art that can be used in practice
Microprocessor or digital signal processor (DSP) realize distributed search cluster rights management according to an embodiment of the present invention
The some or all functions of some or all components in device.The present invention is also implemented as being retouched here for executing
The some or all device or device programs (for example, computer program and computer program product) for the method stated.
It is such to realize that program of the invention can store on a computer-readable medium, or can have one or more signal
Form.Such signal can be downloaded from an internet website to obtain, be perhaps provided on the carrier signal or with it is any its
He provides form.
It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and ability
Field technique personnel can be designed alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference symbol between parentheses should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element or step listed in the claims.Word "a" or "an" located in front of the element does not exclude the presence of multiple such
Element.The present invention can be by means of including the hardware of several different elements and being come by means of properly programmed computer real
It is existing.In the unit claims listing several devices, several in these devices can be through the same hardware branch
To embody.The use of word first, second, and third does not indicate any sequence.These words can be explained and be run after fame
Claim.
The invention discloses:A1. a kind of distributed search cluster right management method, including:
The configuration file of rights management is configured in management node, wherein the configuration file record has user couple
The operating right of index data;
The configuration file for being used for rights management is loaded into each node of distributed search cluster;
Each node obtains the behaviour with the associated index data of the login user according to the User ID of login user
Make permission, the operation that the index data can be performed with the determination login user.
A2. method according to a1, wherein the configuration file includes index data operating right configuration file, uses
Family and index data operating right associated configuration file and/or user management configuration file.
A3. the method according to A2, wherein the configuration file that rights management is configured in management node into
One step includes:
When receiving as the order of the operating right of the corresponding assigned indexes data of new user configuration, search index data
Whether operating right configuration file records the operating right of the assigned indexes data;
If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;
It is that new user creates new User ID in user management configuration file;
The operating right of new User ID and the assigned indexes data is associated, user is stored in and index data is grasped
Make in permission associated configuration file.
A4. the method according to A2, wherein the configuration file that rights management is configured in management node into
One step includes:
When receiving the order for the operating right for configuring corresponding assigned indexes data for existing subscriber, search index number
The operating right of the assigned indexes data whether is recorded according to operating right configuration file;
If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;
Existing subscriber ID is obtained from user management configuration file;
Existing subscriber ID and the operating right of the assigned indexes data are associated, user and index data are stored in
In operating right associated configuration file.
A5. the method according to any one of A1-A4, wherein the operating right of the index data includes read-only behaviour
Work, read-write operation, creation operation, modification operation and/or delete operation.
A6. the method according to any one of A2-A4, wherein the method also includes:
According to the user and index data operating right associated configuration file, rights management related data is extracted, and will
It is saved in the database, wherein the rights management related data includes User ID, login password and/or index data
Operating right.
A7. the method according to A6, wherein each node is obtained according to the User ID of login user and stepped on described
Employ the operating right of the associated index data in family, with the determination login user to the index data can be performed operation into
One step includes:
Each node obtains the operating rights of corresponding index data according to the User ID of login user from database
Limit;
According to the operating right of the index data, the behaviour that the index data can be performed in the login user is determined
Make.
The invention also discloses:B8. a kind of distributed search cluster rights management device comprising:
Management module, suitable for being configured to the configuration file of rights management, wherein the configuration file record has user couple
The operating right of index data;
Loading module, suitable for the configuration file for being used for rights management to be loaded into each section of distributed search cluster
Point in;
Determining module obtains and the associated index of the login user suitable for each node according to the User ID of login user
The operating right of data, the operation that the index data can be performed with the determination login user.
B9. the device according to B8, wherein the configuration file includes index data operating right configuration file, uses
Family and index data operating right associated configuration file and/or user management configuration file.
B10. the device according to B9, wherein the management module further comprises:
New user right associative cell, receives suitable for working as the operating rights of the corresponding assigned indexes data of new user configuration
When the order of limit, whether search index data manipulation competence profile records the operating right of the assigned indexes data;
If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;In user management configuration file
In be that new user creates new User ID;The operating right of new User ID and the assigned indexes data is associated, is stored in
In user and index data operating right associated configuration file.
B11. the device according to B9, wherein the management module further comprises:
Existing subscriber's permission associative cell receives the behaviour that corresponding assigned indexes data are configured for existing subscriber suitable for working as
When making the order of permission, whether search index data manipulation competence profile records the operating rights of the assigned indexes data
Limit;If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;Text is configured from user management
Existing subscriber ID is obtained in part;Existing subscriber ID and the operating right of the assigned indexes data are associated, use is stored in
In family and index data operating right associated configuration file.
B12. the device according to any one of B7-B11, wherein the operating right of the index data includes read-only
Operation, read-write operation, creation operation, modification operation and/or delete operation.
B13. the device according to any one of B8-B11, wherein described device further includes:
Preserving module is suitable for extracting rights management according to the user and index data operating right associated configuration file
Related data, and saving it in database, wherein the rights management related data include User ID, login password and/
Or the operating right of index data.
B14. device according to b13, wherein the determining module is further adapted for:
Each node obtains the operating right of corresponding index data according to the User ID of login user from database;Root
According to the operating right of the index data, the operation that the index data can be performed in the login user is determined.
The invention also discloses:C15. a kind of calculating equipment, including:Processor, memory, communication interface and communication are total
Line, the processor, the memory and the communication interface complete mutual communication by the communication bus;
The memory executes the processor such as storing an at least executable instruction, the executable instruction
The corresponding operation of distributed search cluster right management method described in any one of A1-A7.
The invention also discloses:D16. a kind of computer storage medium, being stored at least one in the storage medium can hold
Row instruction, the executable instruction make processor execute the distributed search cluster rights management as described in any one of A1-A7
The corresponding operation of method.
Claims (10)
1. a kind of distributed search cluster right management method, including:
The configuration file of rights management is configured in management node, wherein the configuration file record has user to index
The operating right of data;
The configuration file for being used for rights management is loaded into each node of distributed search cluster;
Each node obtains the operating rights with the associated index data of the login user according to the User ID of login user
Limit, the operation that the index data can be performed with the determination login user.
2. according to the method described in claim 1, wherein, the configuration file include index data operating right configuration file,
User and index data operating right associated configuration file and/or user management configuration file.
3. according to the method described in claim 2, wherein, the configuration file that rights management is configured in management node
Further comprise:
When receiving as the order of the operating right of the corresponding assigned indexes data of new user configuration, search index data manipulation
Whether competence profile records the operating right of the assigned indexes data;
If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;
It is that new user creates new User ID in user management configuration file;
The operating right of new User ID and the assigned indexes data is associated, user and index data operating rights are stored in
It limits in associated configuration file.
4. according to the method described in claim 2, wherein, the configuration file that rights management is configured in management node
Further comprise:
When receiving the order for the operating right for configuring corresponding assigned indexes data for existing subscriber, search index data behaviour
Make the operating right whether competence profile records the assigned indexes data;
If it is not, in the operating right of index data operating right configuration file addition assigned indexes data;
Existing subscriber ID is obtained from user management configuration file;
Existing subscriber ID and the operating right of the assigned indexes data are associated, user is stored in and index data operates
In permission associated configuration file.
5. method according to any of claims 1-4, wherein the operating right of the index data includes read-only behaviour
Work, read-write operation, creation operation, modification operation and/or delete operation.
6. the method according to any one of claim 2-4, wherein the method also includes:
According to the user and index data operating right associated configuration file, rights management related data is extracted, and is protected
It deposits in the database, wherein the rights management related data includes the operation of User ID, login password and/or index data
Permission.
7. according to the method described in claim 6, wherein, each node according to the User ID of login user obtain with it is described
The operating right of the associated index data of login user, the operation that the index data can be performed with the determination login user
Further comprise:
Each node obtains the operating right of corresponding index data according to the User ID of login user from database;
According to the operating right of the index data, the operation that the index data can be performed in the login user is determined.
8. a kind of distributed search cluster rights management device comprising:
Management module, suitable for being configured to the configuration file of rights management, wherein the configuration file record has user to index
The operating right of data;
Loading module, suitable for the configuration file for being used for rights management to be loaded into each node of distributed search cluster
In;
Determining module obtains and the associated index data of the login user suitable for each node according to the User ID of login user
Operating right, with the determination login user to the index data can be performed operation.
9. a kind of calculating equipment, including:Processor, memory, communication interface and communication bus, the processor, the storage
Device and the communication interface complete mutual communication by the communication bus;
The memory executes the processor as right is wanted for storing an at least executable instruction, the executable instruction
Ask the corresponding operation of distributed search cluster right management method described in any one of 1-7.
10. a kind of computer storage medium, an at least executable instruction, the executable instruction are stored in the storage medium
Processor is set to execute such as the corresponding operation of distributed search cluster right management method of any of claims 1-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810699629.8A CN108875410A (en) | 2018-06-29 | 2018-06-29 | Distributed search cluster right management method and device calculate equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810699629.8A CN108875410A (en) | 2018-06-29 | 2018-06-29 | Distributed search cluster right management method and device calculate equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108875410A true CN108875410A (en) | 2018-11-23 |
Family
ID=64297198
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810699629.8A Pending CN108875410A (en) | 2018-06-29 | 2018-06-29 | Distributed search cluster right management method and device calculate equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108875410A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110889142A (en) * | 2019-12-20 | 2020-03-17 | 中国银行股份有限公司 | Data authority management method, device, system and equipment |
CN112506579A (en) * | 2020-12-15 | 2021-03-16 | 深圳晶泰科技有限公司 | Multi-service multi-environment management method and system |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103744960A (en) * | 2014-01-06 | 2014-04-23 | 河海大学 | Metadata indexing module and method based on cloud platform |
CN104899268A (en) * | 2015-05-25 | 2015-09-09 | 浪潮集团有限公司 | Distributed enterprise information vertical search method |
US9524308B2 (en) * | 2012-03-12 | 2016-12-20 | Oracle International Corporation | System and method for providing pluggable security in an enterprise crawl and search framework environment |
CN106599294A (en) * | 2016-12-27 | 2017-04-26 | 山东开创云软件有限公司 | Distributed multi-tenant WEB page operation search engine construction platform |
CN107544999A (en) * | 2016-06-28 | 2018-01-05 | 百度在线网络技术(北京)有限公司 | Sychronisation and synchronous method, searching system and method for searching system |
CN107579865A (en) * | 2017-10-18 | 2018-01-12 | 北京奇虎科技有限公司 | Right management method, the apparatus and system of distributed code server |
CN108073617A (en) * | 2016-11-14 | 2018-05-25 | 北京航天长峰科技工业集团有限公司 | A kind of distributed search method based on Solr |
-
2018
- 2018-06-29 CN CN201810699629.8A patent/CN108875410A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9524308B2 (en) * | 2012-03-12 | 2016-12-20 | Oracle International Corporation | System and method for providing pluggable security in an enterprise crawl and search framework environment |
CN103744960A (en) * | 2014-01-06 | 2014-04-23 | 河海大学 | Metadata indexing module and method based on cloud platform |
CN104899268A (en) * | 2015-05-25 | 2015-09-09 | 浪潮集团有限公司 | Distributed enterprise information vertical search method |
CN107544999A (en) * | 2016-06-28 | 2018-01-05 | 百度在线网络技术(北京)有限公司 | Sychronisation and synchronous method, searching system and method for searching system |
CN108073617A (en) * | 2016-11-14 | 2018-05-25 | 北京航天长峰科技工业集团有限公司 | A kind of distributed search method based on Solr |
CN106599294A (en) * | 2016-12-27 | 2017-04-26 | 山东开创云软件有限公司 | Distributed multi-tenant WEB page operation search engine construction platform |
CN107579865A (en) * | 2017-10-18 | 2018-01-12 | 北京奇虎科技有限公司 | Right management method, the apparatus and system of distributed code server |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110889142A (en) * | 2019-12-20 | 2020-03-17 | 中国银行股份有限公司 | Data authority management method, device, system and equipment |
CN112506579A (en) * | 2020-12-15 | 2021-03-16 | 深圳晶泰科技有限公司 | Multi-service multi-environment management method and system |
CN112506579B (en) * | 2020-12-15 | 2024-05-10 | 深圳晶泰科技有限公司 | Multi-service multi-environment management method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10540350B2 (en) | Source code search engine | |
CN106503053B (en) | UTXO querying method and device | |
KR101911793B1 (en) | Managing data set objects in a dataflow graph that represents a computer program | |
US11886507B2 (en) | Multi-tenant knowledge graph databases with dynamic specification and enforcement of ontological data models | |
CN107688591B (en) | A kind of actuarial treating method and apparatus | |
US20120072988A1 (en) | Detection of global metamorphic malware variants using control and data flow analysis | |
US20130174142A1 (en) | Reconfiguration of computer system to allow application installation | |
CN107563201A (en) | Association sample lookup method, device and server based on machine learning | |
EP3877840B1 (en) | Sort and merge instruction for a general-purpose processor | |
US11886596B2 (en) | Precision-tuned runtime monitoring | |
US20210096876A1 (en) | Saving and restoring machine state between multiple executions of an instruction | |
US20040226009A1 (en) | System and method for software application task abstraction | |
CN108875410A (en) | Distributed search cluster right management method and device calculate equipment | |
US10642903B2 (en) | Tagging and querying system objects | |
EP3877842B1 (en) | Migration of partially completed instructions | |
CN106528876A (en) | Information processing method for distributed system and distributed information processing system | |
US11361055B1 (en) | Protection of a content repository using dynamic watermarking | |
CN109947429A (en) | Data processing method and device | |
CN110147671A (en) | Text string extracting method and device in a kind of program | |
US11681934B2 (en) | System and method for differential testing of evolving rules | |
CN115391780B (en) | Security reinforcement method, system, equipment and storage medium for application code | |
US20230259360A1 (en) | Software code analysis using fuzzy fingerprinting | |
US20240022578A1 (en) | Invoking response(s) based on analysis of a dataset obtained from searching a security endpoint | |
WO2015141002A1 (en) | Data management method | |
CN115495096A (en) | Application deployment method, device, equipment, storage medium and product |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181123 |
|
RJ01 | Rejection of invention patent application after publication |