CN108901022A - A kind of micro services universal retrieval method and gateway - Google Patents
A kind of micro services universal retrieval method and gateway Download PDFInfo
- Publication number
- CN108901022A CN108901022A CN201810689051.8A CN201810689051A CN108901022A CN 108901022 A CN108901022 A CN 108901022A CN 201810689051 A CN201810689051 A CN 201810689051A CN 108901022 A CN108901022 A CN 108901022A
- Authority
- CN
- China
- Prior art keywords
- micro services
- gateway
- authentication
- sent
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/16—Gateway arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/133—Protocols for remote procedure calls [RPC]
Abstract
The embodiment of the invention discloses a kind of micro services universal retrieval method for realizing a variety of service types micro services authentication, have the characteristics that flexibly configurable, to micro services business module without intrusion, improve micro services authenticate flexibility.Present invention method includes:Gateway receives the micro services authentication request sent by client, and URI uniform resource identifier is extracted from authentication request;URI is sent to gateway management micro services by gateway, gateway management micro services be used to store URI and micro services interface type, micro services address, micro services authentication type and authentication credentials parameter mapping table;Gateway receives correspondence micro services interface type, micro services address, micro services authentication type and the authentication credentials parameter sent by gateway management micro services, and corresponding authentication credentials parameter is extracted from authentication request;URI and corresponding authentication credentials parameter are sent to authentication service and authenticated by gateway, and receive corresponding authenticating result.
Description
Technical field
The present invention relates to micro services technical field more particularly to a kind of micro services universal retrieval methods.
Background technique
Mobile internet era, business become increasingly complex.By taking the family of cloud as an example, business can be divided into Instant Messenger by field
News, enterprise organization structure, colleague's circle etc..The data volume of each business module is huge.Using monomer applications be unable to satisfy every
From, it is horizontal expand, flexibly upgrading, the exploitation of more team collaborations etc. require.Therefore the family of cloud uses the micro services skill that industry is approved
Art framework marks off the micro services come much up to a hundred.A micro services up to a hundred, each may support the end PC Web, PC table
The request in multiple sources such as face end, mobile client and open platform.In family's early stage of development of cloud, to seek quickness, by different team
Responsible micro services use different technology stacks, there is a Spring MVC, Play Framework etc. based on http protocol,
There are similar Motan, Bubbo etc. to be based on TCP RPC technology stack.Many micro services all realize the authentication logic of itself.Shi Zhijin
Day, give the expansion of service and maintenance to bring great burden.Therefore there is an urgent need to carry out unified authentication process.
Generally, unified micro services authentication, is the authentication logic for being scattered in micro services by detaching, is put into global net
It closes.Gateway approach on the market includes at present:
(1) Kong, based on Nginx, Lua realize high-performance gateway, provide Http Basic, OAuth2.0, HMAC,
The certifications such as JWT, LDAP are realized.
(2) Spring CloudZuul is had safety certification, filtering, is melted based on the gateway that J2EE and Spring is realized
The functions such as disconnected, routing, load factor.By finding micro services example from service centre, Spring CloudZuul can accomplish
Dynamic load leveling is the excellent selection of micro services gateway.
And gateway on the market realizes, as the gateway of the micro services based on Java technology stack, exist different at present
Defect:
(1) Kong is configured based on configuration file mode, inflexible;Based on C and Lua, Expansion development difficulty is big;
It needs higher exploitation cost that could administer system with existing Java micro services at present to get through;Built-in Http Basic certification
It can not be got through without existing subscriber's system.
(2) Spring Cloud Zuul, itself does not provide any authentication function, needs to carry out with other certified components
Integrated, it is increasing to will lead to project volume, inflexible;Spring CloudZuul only supports the micro services of Http, can not
It is got through with RPC micro services.After Spring Cloud Zuul and OAuth2 integration, business micro services, which still may require that, oneself to be gone to adjust
Access token (accessToken) is identified with authentication service, business micro services are invaded too big.
Summary of the invention
The embodiment of the invention provides a kind of micro services universal retrieval methods, for realizing the micro services of a variety of service types
Authentication, have the characteristics that flexibly configurable, to micro services business module without intrusion, improve micro services authenticate flexibility.
First aspect of the embodiment of the present invention provides a kind of micro services method for authenticating, is that configuration gateway management is micro- on gateway
Service and authentication service, including:
The gateway receives the micro services authentication request sent by client, and extracts URI from the authentication request
Uniform resource identifier;
The URI is sent to the gateway management micro services by the gateway, and the gateway management micro services are for storing
The URI and micro services interface type, micro services address, micro services authentication type and authentication credentials parameter mapping table;
The gateway receive the correspondence micro services interface type sent by the gateway management micro services, micro services address,
Micro services authentication type and authentication credentials parameter, and corresponding authentication credentials parameter is extracted from the authentication request;
The URI and the corresponding authentication credentials parameter are sent to the authentication service and authenticated by the gateway,
And receive corresponding authenticating result.
Preferably, the method also includes:
If the authenticating result is that successfully, the certification that the gateway reception is sent by the authentication service successfully prompts and institute
State the identity information of client;
The gateway constructs the first solicited message using the identity information and the authentication request as parameter, and will be described
First solicited message is sent to business microserver;
The gateway receives the service response sent by the business microserver, and the service response is sent to institute
State client;
If the authenticating result is failure, the gateway is received to be prompted by the authentification failure that the authentication service is sent, and
Authentification failure prompt is sent to the client.
Preferably, micro services client class and service centre are configured on the gateway, the micro services client class is used
In storage micro services domain name, the service centre is used to store the mapping table between micro services domain name and micro services IP address;
If the authenticating result be successfully, the gateway receive the certification sent by the authentication service successfully prompt and
After the identity information of the client, the method also includes:
If business micro services are RPC service type, the gateway sends what needs called to the micro services client class
Micro services domain name so that the micro services client class obtains corresponding micro services IP address from the service centre, and is sent
To the gateway.
Preferably, the correspondence micro services interface type sent by the gateway management micro services, micro- is received in the gateway
After address of service, micro services authentication type and authentication credentials parameter, the method also includes:
The gateway by the corresponding micro services interface type, micro services address, micro services authentication type and authentication with
The caching that parameter carries out term of validity is demonstrate,proved, for accelerating authorizing procedure next time.
Preferably, if after the authenticating result is successfully, the method also includes:
The gateway successfully prompts the certification to carry out the caching of term of validity, for accelerating authentication next time
Process.
Preferably,
If the business micro services are Http service type, the gateway is in first solicited message by the client
In the identity information write-in Http Header at end, it is sent to the business microserver, in order to business microserver reading
The identity information carries out secondary-confirmation out;
If the business micro services are RPC service type, the gateway is in first solicited message with additional ginseng
The identity information of the client is written in number, is sent to the business microserver, in order to business microserver reading
The identity information carries out secondary-confirmation.
Preferably, if the authenticating result be successfully, the gateway receive the certification that is sent by the authentication service at
After the identity information of function prompt and the client, the method also includes:
If the client and the business microserver belong to same local area network, the gateway directly accesses the industry
Business microserver.
Preferably, it is communicated between the gateway and the gateway management micro services using Http agreement, and communicates lattice
Formula is Json format.
Second aspect of the embodiment of the present invention improves a kind of gateway, thereon configured with gateway management micro services and authentication clothes
Business, including:
First receiving unit, for receiving the micro services authentication request sent by client, and from the authentication request
Extract URI uniform resource identifier;
Transmission unit, for the URI to be sent to the gateway management micro services, the gateway management micro services are used for
Store the mapping of the URI Yu micro services interface type, micro services address, micro services authentication type and authentication credentials parameter
Table;
Second receiving unit, for receiving the correspondence micro services interface type, micro- sent by the gateway management micro services
Address of service, micro services authentication type and authentication credentials parameter, and corresponding authentication credentials are extracted from the authentication request
Parameter;
Authenticating unit is carried out for the URI and the corresponding authentication credentials parameter to be sent to the authentication service
Authentication, and receive corresponding authenticating result.
The embodiment of the invention also provides a kind of computer installation, including processor, which is stored in execution
Computer program on reservoir, the micro services universal retrieval method provided for realizing first aspect of the embodiment of the present invention.
The embodiment of the invention also provides a kind of readable storage medium storing program for executing, are stored thereon with computer program, the computer journey
When sequence is executed by processor, for realizing the micro services universal retrieval method of first aspect of embodiment of the present invention offer.
As can be seen from the above technical solutions, the embodiment of the present invention has the following advantages that:
In the embodiment of the present invention, gateway receives the micro services authentication request sent by client, and mentions from authentication request
Take out URI uniform resource identifier;Then the URI is sent to gateway management micro services, which is used for
Store the mapping of the URI Yu micro services interface type, micro services address, micro services authentication type and authentication credentials parameter
Table;Gateway receives the correspondence micro services interface type sent by gateway management micro services, micro services address, micro services authentication type
And authentication credentials parameter, and corresponding authentication credentials parameter is extracted from authentication request;Gateway is by the URI and corresponding mirror
Power Credential parameters are sent to authentication service and are authenticated, and receive corresponding authenticating result.Because will in incognito in the embodiment of the present invention
The authentication logic of business is detached to gateway, and gateway management micro services and authentication service are configured on gateway, so that micro services connect
Independent micro services are respectively adopted in mouth mapping and authentication service, rather than are limited by the limitation of configuration file or agreement, and be configured to
This is lower, so that authentication service is more flexible, and expansibility is stronger.
Detailed description of the invention
Fig. 1 is one embodiment schematic diagram of micro services universal retrieval method in the embodiment of the present invention;
Fig. 2 is the schematic diagram on management of webpage backstage in the embodiment of the present invention;
Fig. 3 is to exchange flow chart between client and gateway in the embodiment of the present invention;
Fig. 4 is another embodiment schematic diagram of micro services universal retrieval method in the embodiment of the present invention;
Fig. 5 is another embodiment schematic diagram of micro services universal retrieval method in the embodiment of the present invention;
Fig. 6 is one embodiment schematic diagram of gateway in the embodiment of the present invention;
Fig. 7 is another embodiment schematic diagram of gateway in the embodiment of the present invention.
Specific embodiment
The embodiment of the invention provides a kind of same method for authenticating of micro services, for realizing the micro services of a variety of service types
Authentication, have the characteristics that flexibly configurable, to micro services business module without intrusion, improve micro services authenticate flexibility.
In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention
Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is only
The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people
The model that the present invention protects all should belong in member's every other embodiment obtained without making creative work
It encloses.
Description and claims of this specification and term " first ", " second ", " third ", " in above-mentioned attached drawing
Four " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that using in this way
Data be interchangeable under appropriate circumstances, so that the embodiments described herein can be in addition to illustrating herein or describing
Sequence other than appearance is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that covering is non-exclusive
Include, for example, the process, method, system, product or equipment for containing a series of steps or units are not necessarily limited to clearly arrange
Those of out step or unit, but may include be not clearly listed or it is solid for these process, methods, product or equipment
The other step or units having.
Nowadays be mobile internet era, by taking the family of cloud as an example, each business module will simultaneously to have the end PC Web,
PC desktop end, mobile client, What is more can also be supplied to ecosphere affiliate by open platform interface mode.For
The inherent technology feature at each end, needs using different authorizations and authentication mode.If the end PCWeb depends on browser, use
Session and Cookie is to select more naturally.Mobile client then uses the general token rate of exchange suitable.Open platform then may be used
In a manner of using OAuth2, access token is issued to the client for closing partner.For similar cloud family's Dropbox file sometimes
Between the downloading scene that limits, then it is proper using JWT.Therefore for complicated business scenario, monotechnics scheme is only used
Be impossible accomplish it is optimal, be necessarily required to according to circumstances, mixing utilize above-mentioned authentication scheme.
Gateway on the market is realized at present, as the gateway of the micro services based on Java technology stack, there is different lack
It falls into:
(1) Kong is configured based on configuration file mode, inflexible;Based on C and Lua, Expansion development difficulty is big;
It needs higher exploitation cost that could administer system with existing Java micro services at present to get through;Built-in Http Basic certification
It can not be got through without existing subscriber's system.
(2) Spring CloudZuul, itself does not provide any authentication function, needs to be collected with other certified components
At it is increasing to will lead to project volume, inflexible;Spring CloudZuul only supports the micro services of Http, Wu Fayu
RPC micro services are got through.After Spring CloudZuul and OAuth2 integration, business micro services still may require that oneself to go to call and reflect
Access token (accessToken) is identified in power service, is invaded business micro services too big.
Based on the limitation that existing gateway authenticates micro services, the present invention provides a kind of micro services universal retrieval sides
Method, have the characteristics that flexibly configurable, to micro services business module without intrusion, improve micro services authentication flexibility.
For convenience of understanding, the micro services universal retrieval method in the present invention is described below, referring to Fig. 1, this hair
One embodiment of micro services universal retrieval method includes in bright embodiment:
Wherein, the present invention is detached logic is authenticated to gateway, and gateway management micro services and authentication are configured on gateway
Service, specific method for authenticating are as described below:
101, gateway receives the micro services authentication request sent by client, and URI unification is extracted from authentication request
Resource identifier;
It nowadays is mobile internet era, by taking the family of cloud as an example, each business module will have the end PC Web, PC simultaneously
Desktop end, mobile client, What is more can also be supplied to ecosphere affiliate by open platform interface mode.For every
The inherent technology feature at a end, needs using different authorizations and authentication mode.If the end PC Web depends on browser, use
Session and Cookie is to select more naturally.Mobile client then uses the general token rate of exchange suitable.Open platform then may be used
In a manner of using OAuth2, access token is issued to the client for closing partner.For similar cloud family's Dropbox file sometimes
Between the downloading scene that limits, then it is proper using JWT.
Specifically, Session and Cookie, is user when accessing the protected page for the first time, due to not having carrying body
Part foundation, server-side require the authority of such as account number cipher to carry out initial authentication, after authenticating successfully, identity information are recorded as
Session, Session are stored in server-side or are directly sent back to client.Being sent to client is by HTTP
The mode of Cookie header fields.Session information can all be passed through Cookie header fields and be sent to client by server-side
End;Session can also be stored in server-side, only be put into the corresponding ID of Session in Cookie field, can effectively send out in this way
Give the content size of client.The characteristic of Cookie can be all carried by means of each request of browser, Front End is not necessarily to
Extra work handles authentication interrelated logic.Therefore Session and Cookie is the preferred authentication mode of Web service.
And for Session and Cookie technology, if Session information is placed directly in Cookie and is sent to client,
Due to requesting will to carry the Cookie of upper secondary response every time, it is larger to will cause network request flow.Meanwhile if in Cookie
Session or SeesionId be not provided with HttpOnly be true, then Session can be put into document pairs by browser
As the external JS script of the webpage can get Session by JS, to steal voucher and pretend to be stolen user, therefore
The authentication scheme of Session and Cookie has XSS security risk.
Specifically, general token, it is server-side after the authentication is passed, a unique token is generated, identity information and token
Associated storage returns to visitor in server-side, and token.When access next time, the token is carried, server-side is enabled using unique
Board inquires session information, checks whether token is effective.If effectively, allowing to continue to access, while body is provided to service logic
Part information.Token similar service end stores Session, while not depending on HTTP Cookie, token validity and association identity letter
The power of interpretation of breath is fully controlled by server-side.
And for general token, if needing additional processing logic using in Web site, make to request all to carry every time
Token.In an ession for telecommunication, server-side needs persistently to extend the validity period of token, and it is prominent in the process not so to appear in continuous access
So authenticate the phenomenon that the failing that just expire.Server-side also needs the storage management of added technique progress token and identity information.
And JWT, JSON Web Token, it is the authentication-tokens based on JSON standard, JWT is made of three segment informations,
This three segment informations text is linked with " " and just constitutes JWT character string together.First part we it is referred to as head, including class
Encryption Algorithm used in type and signature.Second part we be called load, including JWT criteria field and the customized word of user
Section, i.e. identity information, Part III are signatures, and the encrypted head base64 and the encrypted load of base64 use " " even
The character string of composition is connect, salted combination encryption is then carried out by the cipher mode stated in head, as a result just constitutes JWT's
Part III.Since head and load are all JSON formatted datas, JWT has the advantages that across language.Head and payload portion
Divide and contain the metadata such as Encryption Algorithm, out-of-service time, access times and business datum, server-side no longer needs to carry out in authentication
Secondary inquiry obtains identity information, out-of-service time etc., and authentication is more efficient, does not also need additional storage.Tail portion is with encryption
Signature has the characteristic that can not be distorted, i.e., can not modify head and load.JWT is carried out independent of the Cookie field of HTTP
Transmission, the interface suitable for non-HTTP.
For JWT, although base64 essence is not although its head and payload segment carry out " encryption " using base64
It is a kind of Encryption Algorithm, but a kind of encryption algorithm, for general byte data to be switched to ascii string.Decode base64
The cost of field is zero.Entire JWT is the plaintext string that can not be distorted.In " encryption " for not exclusively understanding JWT and
In the case where characteristic of signing, confidential transactions data are probably put into load zones by developer, there is very big security risk.By
It is also placed in load in the control information (access times, effective time) of JWT validity, therefore a JWT is once issued away,
It is impossible to allow it to fail in advance in the failure period, is a kind of in case of emergency uncontrolled technical solution.
And based on terminals different in the prior art be suitable for different optimization authentication modes, and be limited by it is peculiar in incognito
The limitation of service type detaches the authentication logic of various micro services to gateway in the present embodiment, and the gateway is using independent
Micro services configuration, i.e., on gateway be configured with gateway management micro services and authentication service so that the gateway support different type
Micro services authentication improve flexibility and the expansibility of micro services authentication such as HTTP service type and RPC service type.
Specifically, the gateway in the present embodiment receives the authentication request sent by client, wherein the authentication request is used for
The client identity of access micro services is identified, and when the access identity of client is legal, allows to access corresponding micro-
Service, otherwise, then refuses access of the client to micro services.In general, authentication request can be carried as a kind of interactive operation
Authentication credentials parameter, URI uniform resource identifier etc., wherein URI is one for identifying the word of a certain Internet resources title
Symbol string, allows user to interact operation by specific agreement to any resource, i.e. interaction in authentication request is carried in URI
The specific protocol information followed between side.
And gateway extracts specific URI after the authentication request for receiving client transmission from the authentication request, and
Execute step 102.
It is easily understood that the client in the present embodiment can be the end PC Web, PC desktop end, mobile client and open
Any one of platform is sent out, is not particularly limited herein.
102, the URI is sent to gateway management micro services by gateway, gateway management micro services for store URI in incognito
Be engaged in interface type, micro services address, micro services authentication type and authentication credentials parameter mapping table;
After gateway extracts the URI in authentication request, which is sent to gateway management micro services, wherein the gateway pipe
URI and micro services interface type, micro services address, micro services authentication type and authentication credentials parameter are stored in reason micro services
Mapping table so that gateway management micro services after receiving the URI, read its corresponding micro services interface class from mapping table
Type, micro services address, micro services authentication type and authentication credentials parameter, and further by corresponding micro services interface type, micro-
Address of service, micro services authentication type and authentication credentials parameter are sent to gateway.
Further, gateway management micro services can also further provide for net other than providing interface and being inquired for gateway
Page management backstage, mapping configuration and interface authentication for carrying out distinct interface configure, and to give birth to immediately after configuration is complete
Effect, without restarting gateway, to realize the dynamic configuration to business micro services interface authentication mode, improves business micro services
The flexibility of authentication mode.Wherein, Fig. 2 gives the schematic diagram on management of webpage backstage.
103, gateway receives the correspondence micro services interface type sent by gateway management micro services, micro services address, in incognito
Authentication type of being engaged in and authentication credentials parameter, and corresponding authentication credentials parameter is extracted from the authentication request;
Gateway receive micro services interface type corresponding with URI, micro services address, micro services authentication type and authentication with
After demonstrate,proving parameter, authentication credentials parameter corresponding with the URI is extracted from authentication request, for executing step 104.
Specifically, authentication credentials parameter includes session cookie, access Token etc., specific limit is not done herein
System.
Preferably, in order to accelerate the authorizing procedure for client next time, gateway is to receive the URI corresponding in incognito
It is engaged in after interface type, micro services address, micro services authentication type and authentication credentials parameter, above-mentioned each parameter can be carried out effective
The caching in time limit, in order to before the deadline, when to client executing authorizing procedure, it is convenient to omit step 102, to accelerate to reflect
Weigh process.
104, the URI and corresponding authentication credentials parameter are sent to authentication service and authenticated by gateway, and receive correspondence
Authenticating result.
The URI and corresponding authentication credentials parameter are sent to authentication service and authenticated by gateway, and complete in authentication service
After authentication, corresponding authenticating result is received.It is easily understood that be previously stored in authentication service URI and authentication credentials and
Mapping table between client, for identifying after receiving URI and Credential parameters to the identity of the client.
Specifically, authenticating result includes authenticate successfully and failed authentication, for different authenticating results, gateway will execution pair
The operational order answered, to complete the access to micro services, specifically, will in the following embodiments for specific operational order
Detailed description, details are not described herein again.
Further, in order to flexibly increase more authentication services, service centre can be configured on gateway, wherein servicing
Center is used to store the instance address of authentication service, and is communicated between gateway and authentication service using http agreement, and
So that interaction parameter between the two uses JSON format, in this way, when single business micro services need to increase multiple authentication modes
When, it need to only increase a line configuration newly in configuration file, and increase the serviceId of new authentication service newly in configuration, and Chinese letter
Claim, the mapping relations of source credential fields and authentication parameter field, in this way, gateway can be in the mirror for receiving client transmission
When power request, the instance address for inquiring newly-increased authentication service is gone to service centre, and to newly-increased authentication service address to the mirror
Power request is authenticated, to increase flexibility and the expansibility of authentication service configuration.
In the embodiment of the present invention, gateway receives the micro services authentication request sent by client, and mentions from authentication request
Take out URI uniform resource identifier;Then the URI is sent to gateway management micro services, which is used for
Store the mapping of the URI Yu micro services interface type, micro services address, micro services authentication type and authentication credentials parameter
Table;Gateway receives the correspondence micro services interface type sent by gateway management micro services, micro services address, micro services authentication type
And authentication credentials parameter, and corresponding authentication credentials parameter is extracted from authentication request;Gateway is by the URI and corresponding mirror
Power Credential parameters are sent to authentication service and are authenticated, and receive corresponding authenticating result.Because will in incognito in the embodiment of the present invention
The authentication logic of business is detached to gateway, and gateway management micro services and authentication service are configured on gateway, so that micro services connect
Independent micro services are respectively adopted in mouth mapping and authentication service, rather than are limited by the limitation of configuration file or agreement, and be configured to
This is lower, so that authentication service is more flexible, and expansibility is stronger.
Wherein, interaction diagrams of the Fig. 3 between client and gateway and micro services, and it is based on Fig. 1 the embodiment described,
After gateway receives the authenticating result sent by authentication service, operation of the gateway based on different authenticating results is described below in detail
Instruction, referring to Fig. 4, in the embodiment of the present invention micro services universal retrieval method another embodiment, including:
If 401, authenticating result is successfully, gateway, which is received, authenticates successfully prompt and the client by authentication service transmission
The identity information at end;
When authentication request of the authentication service to client authenticates successfully, authentication service sends certification to gateway and successfully mentions
Show, and the identity information of client is sent to gateway, so that gateway continues access business microserver according to the information,
In, which is mainly used for managing various micro services, such as instant messaging, enterprise organization structure and colleague's circle
Deng.
Preferably, upon successful authentication, gateway can also carry out the caching of term of validity to the authenticating result of the client,
So that the gateway is before the deadline, the authorizing procedure to the client is omitted, to accelerate access of the client to microserver
Process.
402, gateway constructs the first solicited message using identity information and authentication request as parameter, and described first is requested
Information is sent to the business microserver;
After gateway obtains the identity information of client, using the authentication request of the identity information and client as parameter, building
First solicited message, and first solicited message is sent to business microserver, wherein the first solicited message is used for business
Microserver accesses request.
It herein, only need to include identity information and the client of client in the first request message for the first request message
The authentication request parameter at end, and with no restrictions to the concrete composition format of first message.
Further, if the service type of business micro services is Http protocol type, gateway can be by the identity of client
Information is written in Http Header in the first solicited message, in order to which microserver can efficiently read client
Identity information, and the identity information of client is matched with client identity information pre-stored in service parameter,
Microserver is completed to the secondary-confirmation of access client identity.
If the service type of business micro services is RPC, gateway (can such as be claimed in Motan in the form of additional parameter
The identity information of client is written in the first solicited message for attachment), in order to which micro services can efficiently be read
The identity information of client, and by client identity information pre-stored in the identity information and service parameter of client into
Row matching, is completed microserver to the secondary-confirmation of access client identity.
It should be noted that if the business microserver that client is accessed with it is in the same local area network, in order to improve
Access speed then can be after authentication service is completed to the identification authentication of client, corresponding business directly accessed by gateway
Microserver, and omit the process of secondary-confirmation.
It is easily understood that by being configured to the gateway in the present embodiment, so that the gateway is supported to different services
The authentication of the micro services of type enhances the flexibility to micro services authentication and the expansibility of micro services authentication.
403, gateway receives the service response sent by business microserver, and the service response is sent to the client
End;
After first request message is sent to microserver by gateway, microserver executes specific service response, and should
Service response is sent to gateway, is sent to corresponding access client by gateway, to execute normal micro services application flow.
If 404, authenticating result is failure, the gateway is received to be prompted by the authentification failure that the authentication server is sent,
And authentification failure prompt is sent to the client.
When authentication request authentification failure of the authentication server device to client, authentication server sends certification to gateway and loses
The prompt lost, and the prompt of the authentification failure is sent to access client by gateway, to refuse the client to micro services
Access.
In the embodiment of the present invention, when the authenticating result of client is successfully, gateway carries out the authenticating result of client
The caching of term of validity, so that omitting gateway within the validity period to the authorizing procedure of client, improving to client
Authority-identifying speed;Secondly, the identity information of client is written in Http Header gateway in the first solicited message, or with
The form (being known as attachment such as in Motan) of additional parameter will be written in the first solicited message, can convenient for micro services
The identity information for efficiently reading client carries out secondary-confirmation, further improves the authority-identifying speed to client.
Based on Fig. 4 the embodiment described, when the service type of micro services is RPC, conventional RPC calling is reference jar
To in called side engineering, and when gateway needs to call many micro services, it is worthless for quoting the mode of many jar packets, and
For this problem, the embodiment of the present invention can be configured on gateway in micro services client class GenericService and service
The heart, wherein micro services client class is used to store the domain name of micro services, and service centre stores micro services domain name and micro services IP
The mapping table of address, in this way when client is when calling micro services, after authentication service successfully authenticates client, specific execution
Following steps, to complete the calling to micro services, referring to Fig. 5, in the embodiment of the present invention micro services universal retrieval method it is another
One embodiment, including:
501, gateway sends the micro services domain name for needing to call to micro services client class, so that the micro services client
Class obtains corresponding micro services IP address from the service centre, and is sent to the gateway.
After authentication service successfully authenticates micro services, gateway sends the micro services for needing to call to micro services client class
Domain name, so that micro services client class GenericService obtains the corresponding IP address of micro services domain name from service centre,
And it is sent to the gateway.
Gateway both can be completed to call the RPC of micro services after obtaining the IP address of micro services according to the IP address,
So as to avoid the mode of reference jar packet, the convenience of RPC micro services calling is improved.
Described above is the micro services universal retrieval methods in the embodiment of the present invention, below to the net in the embodiment of the present invention
Pass is described, and gateway management micro services, authentication service are wherein configured on the gateway, to complete to reflect to the unified of micro services
Power, referring to Fig. 6, in the embodiment of the present invention gateway one embodiment, including:
First receiving unit 601, for receiving the micro services authentication request sent by client, and from the authentication request
In extract URI uniform resource identifier;
Transmission unit 602, for the URI to be sent to the gateway management micro services, the gateway management micro services
For storing reflecting for the URI and micro services interface type, micro services address, micro services authentication type and authentication credentials parameter
Firing table;
Second receiving unit 603, for receive by the gateway management micro services send correspondence micro services interface type,
Micro services address, micro services authentication type and authentication credentials parameter, and extract from the authentication request corresponding authentication with
Demonstrate,prove parameter;
Authenticating unit 604, for by the URI and the corresponding authentication credentials parameter be sent to the authentication service into
Row authentication, and receive corresponding authenticating result.
Preferably, when authenticating result is to authenticate successfully, the gateway further includes:
Third receiving unit 605 successfully prompts and the client for receiving to be sent authenticate by the authentication service
Identity information;
Transmission unit 606 is constructed, for using identity information and authentication request as parameter, constructing the first solicited message, and will
First solicited message is sent to the business microserver;
First receives transmission unit 607, rings for receiving the service response sent by business microserver, and by the business
The client should be sent to;
Preferably, when authenticating result is authentification failure, the gateway further includes:
Second receives transmission unit 608, prompts for receiving the authentification failure sent by the authentication server, and by institute
It states authentification failure prompt and is sent to the client.
It should be noted that the effect of above-mentioned each unit is described in detail in Fig. 1 to Fig. 4 the embodiment described, herein
It repeats no more.
In the embodiment of the present invention, the first receiving unit 601 is used to receive the micro services authentication request sent by client, and
URI uniform resource identifier is extracted from authentication request;Then the URI is sent to by gateway pipe by transmission unit 602
Micro services are managed, which reflects for storing the URI and micro services interface type, micro services address, micro services
Weigh the mapping table of type and authentication credentials parameter;Second receiving unit 603 receives the correspondence sent by gateway management micro services
Micro services interface type, micro services address, micro services authentication type and authentication credentials parameter, and extract from authentication request pair
The authentication credentials parameter answered;The URI and corresponding authentication credentials parameter are sent to authentication service and reflected by authenticating unit 604
Power, and receive corresponding authenticating result.Because the authentication logic of micro services is detached to gateway in the embodiment of the present invention, and in gateway
Upper configuration gateway management micro services and authentication service so that the interface mappings and authentication service of micro services be respectively adopted it is independent micro-
Service, rather than it is limited by the limitation of configuration file or agreement, and deployment cost is lower, so that authentication service is more flexible, and can open up
Malleability is stronger.
Based on Fig. 6 the embodiment described, in order to improve the authority-identifying speed to client, micro services can be received in gateway
It is effective to the caching that each parameter setting is certain after interface type, micro services address, micro services authentication type and authentication credentials parameter
Phase further the authenticating result can also be arranged certain caching validity period, thus having after authenticating successfully to client
Simplify authorizing procedure in the effect phase, referring to Fig. 7, the gateway in the embodiment of the present invention can also include:
First cache unit 701, for authenticating the corresponding micro services interface type, micro services address, micro services
Type and authentication credentials parameter carry out the caching of term of validity, for accelerating authorizing procedure next time.
Second cache unit 702, for successfully prompting the certification caching of progress term of validity, for accelerating
Authorizing procedure next time.
It should be noted that acting in Fig. 1 and Fig. 4 the embodiment described for above-mentioned each unit has been described in, this
Place repeats no more.
In the embodiment of the present invention, gateway receive micro services interface type, micro services address, micro services authentication type and
After authentication credentials parameter, or when the authenticating result of client is successfully, pass through the first cache unit 701 and second on gateway
Cache unit 702 carries out the caching of term of validity to the authenticating result of above-mentioned each parameter and client respectively, so that at this
In validity period, gateway is omitted to the authorizing procedure of client, improves the authority-identifying speed to client.
The gateway in the embodiment of the present invention is described from the angle of modular functionality entity above, below from hardware
The computer installation in the embodiment of the present invention is described in the angle of processing:
Function of the computer installation for realizing gateway, computer installation one embodiment packet in the embodiment of the present invention
It includes:
Processor and memory;
Memory can when processor is used to execute the computer program stored in memory for storing computer program
To realize following steps:
The micro services authentication request sent by client is received, and extracts URI uniform resource identifier from authentication request
Symbol;
URI is sent to gateway management micro services, gateway management micro services for store URI and micro services interface type,
Micro services address, micro services authentication type and authentication credentials parameter mapping table;
Receive the correspondence micro services interface type sent by gateway management micro services, micro services address, micro services authenticate class
Type and authentication credentials parameter, and corresponding authentication credentials parameter is extracted from authentication request;
URI and corresponding authentication credentials parameter are sent to authentication service and authenticated, and receives corresponding authenticating result.
In some embodiments of the invention, processor can be also used for realizing following steps:
If authenticating result is successfully, to receive and authenticate the successfully identity information of prompt and client by what authentication service was sent;
Using identity information and authentication request as parameter, the first solicited message is constructed, and the first solicited message is sent to industry
Business microserver;
The service response sent by business microserver is received, and service response is sent to client;
If authenticating result is failure, receives and prompted by the authentification failure that authentication service is sent, and authentification failure is prompted to send out
It send to client.
Preferably, micro services client class and service centre are configured on gateway, micro services client class is micro- for storing
Domain name is serviced, service centre is used to store the mapping table between micro services domain name and micro services IP address;
In some embodiments of the invention, processor, if being successfully, to receive and sent by authentication service in authenticating result
After authenticating the successfully identity information of prompt and client, it can be also used for realizing following steps:
If business micro services are RPC service type, the micro services domain name for needing to call is sent to micro services client class, is made
It obtains micro services client class and obtains corresponding micro services IP address from service centre, and be sent to gateway.
In some embodiments of the invention, processor can be also used for realizing following steps:
Corresponding micro services interface type, micro services address, micro services authentication type and authentication credentials parameter are had
The caching for imitating the time limit, for accelerating authorizing procedure next time.
In some embodiments of the invention, processor can be also used for realizing following steps:
The caching for successfully prompting certification progress term of validity, for accelerating authorizing procedure next time.
In some embodiments of the invention, processor can be also used for realizing following steps:
If business micro services are Http service type, the identity information of client is written in the first solicited message for gateway
In Http Header, it is sent to business microserver, carries out secondary-confirmation in order to which business microserver reads identity information;
If business micro services are RPC service type, client is written in the first solicited message with additional parameter in gateway
Identity information, be sent to business microserver, in order to business microserver read identity information carry out secondary-confirmation.
In some embodiments of the invention, processor can be also used for realizing following steps:
If client and business microserver belong to same local area network, gateway directly accesses business microserver.
In some embodiments of the invention, processor can be also used for realizing following steps:
It is communicated between gateway and gateway management micro services using Http agreement, and communication format is Json format.
It is understood that when the processor in above explained computer installation executes the computer program, it can also
To realize the function of each unit in above-mentioned corresponding each Installation practice, details are not described herein again.Illustratively, the computer journey
Sequence can be divided into one or more module/units, and one or more of module/units are stored in the memory
In, and executed by the processor, to complete the present invention.One or more of module/units can be can complete it is specific
The series of computation machine program instruction section of function, the instruction segment is for describing the computer program in the execution of the gateway
Journey.For example, the computer program can be divided into each unit in above-mentioned gateway, each unit be may be implemented as above-mentioned corresponding
The concrete function that gateway illustrates.
The computer installation can be the calculating such as desktop PC, notebook, palm PC and cloud server and set
It is standby.The computer installation may include, but are not limited to processor, memory.It will be understood by those skilled in the art that processor,
Memory is only the example of computer installation, does not constitute the restriction to computer installation, may include more or fewer
Component perhaps combines certain components or different components, such as the computer installation can also be set including input and output
Standby, network access equipment, bus etc..
The processor can be central processing unit (Central Processing Unit, CPU), can also be it
His general processor, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit
(Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable GateArray, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components etc..General processor can be microprocessor or the processor is also possible to any conventional processor
Deng the processor is the control centre of the computer installation, utilizes various interfaces and the entire computer installation of connection
Various pieces.
The memory can be used for storing the computer program and/or module, and the processor is by operation or executes
Computer program in the memory and/or module are stored, and calls the data being stored in memory, described in realization
The various functions of computer installation.The memory can mainly include storing program area and storage data area, wherein storage program
It area can application program needed for storage program area, at least one function etc.;Storage data area can store the use according to terminal
The data etc. created.In addition, memory may include high-speed random access memory, it can also include non-volatile memories
Device, such as hard disk, memory, plug-in type hard disk, intelligent memory card (SmartMedia Card, SMC), secure digital (Secure
Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other volatibility are solid
State memory device.
The present invention also provides a kind of computer readable storage mediums, and the computer readable storage medium is for realizing gateway
Function, be stored thereon with computer program, when computer program is executed by processor, processor can be used for executing as follows
Step:
The micro services authentication request sent by client is received, and extracts URI uniform resource identifier from authentication request
Symbol;
URI is sent to gateway management micro services, gateway management micro services for store URI and micro services interface type,
Micro services address, micro services authentication type and authentication credentials parameter mapping table;
Receive the correspondence micro services interface type sent by gateway management micro services, micro services address, micro services authenticate class
Type and authentication credentials parameter, and corresponding authentication credentials parameter is extracted from authentication request;
URI and corresponding authentication credentials parameter are sent to authentication service and authenticated, and receives corresponding authenticating result.
In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor
When, processor can be specifically used for executing following steps:
If authenticating result is successfully, to receive and authenticate the successfully identity information of prompt and client by what authentication service was sent;
Using identity information and authentication request as parameter, the first solicited message is constructed, and the first solicited message is sent to industry
Business microserver;
The service response sent by business microserver is received, and service response is sent to client;
If authenticating result is failure, receives and prompted by the authentification failure that authentication service is sent, and authentification failure is prompted to send out
It send to client.
Preferably, micro services client class and service centre are configured on gateway, micro services client class is micro- for storing
Domain name is serviced, service centre is used to store the mapping table between micro services domain name and micro services IP address;
In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor
When, processor can be specifically used for executing following steps:
If business micro services are RPC service type, the micro services domain name for needing to call is sent to micro services client class, is made
It obtains micro services client class and obtains corresponding micro services IP address from service centre, and be sent to gateway.
In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor
When, processor can be specifically used for executing following steps:
Corresponding micro services interface type, micro services address, micro services authentication type and authentication credentials parameter are had
The caching for imitating the time limit, for accelerating authorizing procedure next time.
In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor
When, processor can be specifically used for executing following steps:
The caching for successfully prompting certification progress term of validity, for accelerating authorizing procedure next time.
In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor
When, processor can be specifically used for executing following steps:
If business micro services are Http service type, the identity information of client is written in the first solicited message for gateway
In Http Header, it is sent to business microserver, carries out secondary-confirmation in order to which business microserver reads identity information;
If business micro services are RPC service type, client is written in the first solicited message with additional parameter in gateway
Identity information, be sent to business microserver, in order to business microserver read identity information carry out secondary-confirmation.
In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor
When, processor can be specifically used for executing following steps:
If client and business microserver belong to same local area network, gateway directly accesses business microserver.
In some embodiments of the invention, the computer program of computer-readable recording medium storage is executed by processor
When, processor can be specifically used for executing following steps:
It is communicated between gateway and gateway management micro services using Http agreement, and communication format is Json format.
It is understood that if the integrated unit is realized in the form of SFU software functional unit and as independent production
Product when selling or using, can store in a corresponding computer-readable storage medium.Based on this understanding, this hair
The bright all or part of the process realized in above-mentioned corresponding embodiment method, can also be instructed relevant by computer program
Hardware is completed, and the computer program can be stored in a computer readable storage medium, which is being located
It manages when device executes, it can be achieved that the step of above-mentioned each embodiment of the method.Wherein, the computer program includes computer program generation
Code, the computer program code can be source code form, object identification code form, executable file or certain intermediate forms
Deng.The computer-readable medium may include:Any entity or device, record of the computer program code can be carried
It is medium, USB flash disk, mobile hard disk, magnetic disk, CD, computer storage, read-only memory (ROM, Read-OnlyMemory), random
Access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It needs
It is noted that the content that the computer-readable medium includes can be according to making laws in jurisdiction and patent practice is wanted
It asks and carries out increase and decrease appropriate, such as in certain jurisdictions, do not include according to legislation and patent practice, computer-readable medium
Electric carrier signal and telecommunication signal.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed system, device and method can be with
It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, for example, the unit
It divides, only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components
It can be combined or can be integrated into another system, or some features can be ignored or not executed.Another point, it is shown or
The mutual coupling, direct-coupling or communication connection discussed can be through some interfaces, the indirect coupling of device or unit
It closes or communicates to connect, can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
The above, the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although referring to before
Stating embodiment, invention is explained in detail, those skilled in the art should understand that:It still can be to preceding
Technical solution documented by each embodiment is stated to modify or equivalent replacement of some of the technical features;And these
It modifies or replaces, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.
Claims (11)
1. a kind of micro services universal retrieval method, which is characterized in that gateway management micro services and authentication service are configured on gateway,
Including:
The gateway receives the micro services authentication request sent by client, and URI unification is extracted from the authentication request
Resource identifier;
The URI is sent to the gateway management micro services by the gateway, and the gateway management micro services are described for storing
URI and micro services interface type, micro services address, micro services authentication type and authentication credentials parameter mapping table;
The gateway receives the correspondence micro services interface type sent by the gateway management micro services, micro services address, in incognito
Authentication type of being engaged in and authentication credentials parameter, and corresponding authentication credentials parameter is extracted from the authentication request;
The URI and the corresponding authentication credentials parameter are sent to the authentication service and authenticated by the gateway, and are connect
Receive corresponding authenticating result.
2. the method according to claim 1, wherein the method also includes:
If the authenticating result is that successfully, the certification that the gateway reception is sent by the authentication service successfully prompts and the visitor
The identity information at family end;
The gateway constructs the first solicited message using the identity information and the authentication request as parameter, and by described first
Solicited message is sent to business microserver;
The gateway receives the service response sent by the business microserver, and the service response is sent to the visitor
Family end;
If the authenticating result is failure, the gateway is received to be prompted by the authentification failure that the authentication service is sent, and by institute
It states authentification failure prompt and is sent to the client.
3. according to the method described in claim 2, it is characterized in that, configuring micro services client class and service on the gateway
Center, the micro services client class for storing micro services domain name, the service centre for store micro services domain name with it is micro-
Mapping table between service IP address;
If being that successfully, the gateway receives the certification sent by the authentication service and successfully prompts and described in the authenticating result
After the identity information of client, the method also includes:
If business micro services are RPC service type, the gateway is sent to the micro services client class to be needed to call in incognito
Business domain name, so that the micro services client class obtains corresponding micro services IP address from the service centre, and is sent to institute
State gateway.
4. being sent out the method according to claim 1, wherein being received in the gateway by the gateway management micro services
After correspondence micro services interface type, micro services address, micro services authentication type and the authentication credentials parameter sent, the method is also
Including:
The gateway joins the corresponding micro services interface type, micro services address, micro services authentication type and authentication credentials
Number carries out the caching of term of validity, for accelerating authorizing procedure next time.
5. if described according to the method described in claim 2, it is characterized in that, after the authenticating result is successfully
Method further includes:
The gateway successfully prompts the certification to carry out the caching of term of validity, for accelerating authentication stream next time
Journey.
6. according to the method described in claim 2, it is characterized in that,
If the business micro services are Http service type, the gateway is in first solicited message by the client
Identity information is written in Http Header, is sent to the business microserver, in order to which the business microserver reads institute
It states identity information and carries out secondary-confirmation;
If the business micro services are RPC service type, the gateway is write in first solicited message with additional parameter
The identity information for entering the client is sent to the business microserver, in order to described in business microserver reading
Identity information carries out secondary-confirmation.
7. if according to the method described in claim 2, it is characterized in that, be that successfully, the gateway receives in the authenticating result
By the authentication service send authenticate successfully prompt and the client identity information after, the method also includes:
If the client and the business microserver belong to same local area network, it is micro- that the gateway directly accesses the business
Server.
8. the method according to claim 1, wherein being used between the gateway and the gateway management micro services
Http agreement is communicated, and communication format is Json format.
9. a kind of gateway is configured with gateway management micro services and authentication service thereon, which is characterized in that including:
First receiving unit for receiving the micro services authentication request sent by client, and is extracted from the authentication request
URI uniform resource identifier out;
Transmission unit, for the URI to be sent to the gateway management micro services, the gateway management micro services are for storing
The URI and micro services interface type, micro services address, micro services authentication type and authentication credentials parameter mapping table;
Second receiving unit, for receive by the gateway management micro services send correspondence micro services interface type, micro services
Address, micro services authentication type and authentication credentials parameter, and corresponding authentication credentials parameter is extracted from the authentication request;
Authenticating unit, for the URI and the corresponding authentication credentials parameter to be sent to the authentication service and authenticate,
And receive corresponding authenticating result.
10. a kind of computer installation, including processor, which is characterized in that the processor is stored on memory in execution
When computer program, for realizing micro services universal retrieval method such as described in any item of the claim 1 to 8.
11. a kind of readable storage medium storing program for executing, is stored thereon with computer program, which is characterized in that the computer program is processed
When device executes, for realizing micro services universal retrieval method such as described in any item of the claim 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810689051.8A CN108901022B (en) | 2018-06-28 | 2018-06-28 | Micro-service unified authentication method and gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810689051.8A CN108901022B (en) | 2018-06-28 | 2018-06-28 | Micro-service unified authentication method and gateway |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108901022A true CN108901022A (en) | 2018-11-27 |
| CN108901022B CN108901022B (en) | 2021-08-20 |
Family
ID=64346964
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810689051.8A Active CN108901022B (en) | 2018-06-28 | 2018-06-28 | Micro-service unified authentication method and gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108901022B (en) |
Cited By (60)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109274699A (en) * | 2018-11-28 | 2019-01-25 | 北京锐安科技有限公司 | Method for authenticating, device, server and storage medium |
| CN109327477A (en) * | 2018-12-06 | 2019-02-12 | 泰康保险集团股份有限公司 | Authentication method, device and storage medium |
| CN109347888A (en) * | 2018-12-21 | 2019-02-15 | 北京博明信德科技有限公司 | Method for authenticating, gateway and authentication device based on RESTful |
| CN109525613A (en) * | 2019-01-16 | 2019-03-26 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of demand processing system and method |
| CN109635550A (en) * | 2018-12-12 | 2019-04-16 | 苏州思必驰信息科技有限公司 | Authorization check method, gateway and the system of company-data |
| CN109670300A (en) * | 2018-12-25 | 2019-04-23 | 钛马信息网络技术有限公司 | Micro services cloud platform interface manages system and method |
| CN109672612A (en) * | 2018-12-13 | 2019-04-23 | 中国电子科技集团公司电子科学研究院 | API gateway system |
| CN109784709A (en) * | 2019-01-07 | 2019-05-21 | 中车青岛四方机车车辆股份有限公司 | IT application in enterprises collaboration applications method and system |
| CN109815683A (en) * | 2018-12-29 | 2019-05-28 | 深圳云天励飞技术有限公司 | Method for verifying authority and relevant apparatus |
| CN109922158A (en) * | 2019-03-22 | 2019-06-21 | 泰康保险集团股份有限公司 | Data processing method, device, medium and electronic equipment based on micro services |
| CN110049048A (en) * | 2019-04-22 | 2019-07-23 | 易联众民生(厦门)科技有限公司 | A kind of data access method, equipment and the readable medium of government affairs public service |
| CN110120946A (en) * | 2019-04-29 | 2019-08-13 | 武汉理工大学 | A kind of Centralized Authentication System and method of Web and micro services |
| CN110149211A (en) * | 2019-05-15 | 2019-08-20 | 杭州朗和科技有限公司 | Entitlement method, entitlement device, medium and electronic equipment |
| CN110233886A (en) * | 2019-05-30 | 2019-09-13 | 华南理工大学 | A kind of High Availabitity service governing system and implementation method towards magnanimity micro services |
| CN110333957A (en) * | 2019-05-30 | 2019-10-15 | 重庆金融资产交易所有限责任公司 | Remote procedure call service calling method, device and computer equipment |
| CN110493239A (en) * | 2019-08-26 | 2019-11-22 | 京东数字科技控股有限公司 | The method and apparatus of authentication |
| CN110493186A (en) * | 2019-07-10 | 2019-11-22 | 五八有限公司 | A kind of method of adjustment and device of functional status |
| CN110958237A (en) * | 2019-11-26 | 2020-04-03 | 苏州思必驰信息科技有限公司 | Authority verification method and device |
| CN111010385A (en) * | 2019-12-09 | 2020-04-14 | 山东浪潮商用系统有限公司 | RESTful-based secure interaction method |
| CN111031008A (en) * | 2019-11-25 | 2020-04-17 | 集奥聚合(北京)人工智能科技有限公司 | Method for gateway to uniformly intercept user request and judge whether to release |
| CN111049854A (en) * | 2019-12-25 | 2020-04-21 | 微民保险代理有限公司 | Service request transmission method and device |
| CN111125655A (en) * | 2019-12-20 | 2020-05-08 | 紫光云(南京)数字技术有限公司 | Method for secure communication of OSS-API interface |
| CN111131397A (en) * | 2019-12-02 | 2020-05-08 | 北京海益同展信息科技有限公司 | Application management method and system, gateway platform, server and storage medium |
| CN111147525A (en) * | 2020-02-27 | 2020-05-12 | 深圳市伊欧乐科技有限公司 | Authentication method, system, server and storage medium based on API gateway |
| CN111182537A (en) * | 2019-12-31 | 2020-05-19 | 北京指掌易科技有限公司 | Network access method, device and system for mobile application |
| CN111181991A (en) * | 2020-01-03 | 2020-05-19 | 苏州融卡智能科技有限公司 | Method and device for constructing terminal access platform of Internet of things |
| CN111262836A (en) * | 2020-01-09 | 2020-06-09 | 腾讯科技(深圳)有限公司 | Micro-service authorization method, device and storage medium |
| CN111262821A (en) * | 2018-12-01 | 2020-06-09 | 星际空间(天津)科技发展有限公司 | Authentication method based on micro-service |
| CN111290865A (en) * | 2020-02-10 | 2020-06-16 | 腾讯科技(深圳)有限公司 | Service calling method and device, electronic equipment and storage medium |
| CN111585973A (en) * | 2020-04-16 | 2020-08-25 | 北京明略软件系统有限公司 | Method and device for managing access |
| CN111786998A (en) * | 2020-06-30 | 2020-10-16 | 成都新潮传媒集团有限公司 | Authority management method and device based on micro-service calling and storage medium |
| CN111865984A (en) * | 2020-07-21 | 2020-10-30 | 浪潮云信息技术股份公司 | Stateless authentication method for micro-service system |
| CN111884917A (en) * | 2020-07-28 | 2020-11-03 | 浪潮云信息技术股份公司 | Gateway system based on micro service and gateway dynamic routing method |
| CN111917837A (en) * | 2020-07-13 | 2020-11-10 | 西安即刻易用网络科技有限公司 | Web micro application program publishing system and implementation method thereof |
| WO2020233361A1 (en) * | 2019-05-21 | 2020-11-26 | 深圳壹账通智能科技有限公司 | Internal service invoking method and apparatus based on gateway, and terminal device |
| CN112003911A (en) * | 2020-08-11 | 2020-11-27 | 上海博泰悦臻电子设备制造有限公司 | Communication connection method for cloud platform and cloud platform |
| CN112153012A (en) * | 2020-09-01 | 2020-12-29 | 珠海市卓轩科技有限公司 | Multi-terminal contact access method, device and storage medium |
| CN112261047A (en) * | 2020-10-22 | 2021-01-22 | 上海擎感智能科技有限公司 | Gateway access method, mobile terminal and computer storage medium |
| CN112351015A (en) * | 2020-10-28 | 2021-02-09 | 广州助蜂网络科技有限公司 | Gateway control method based on API |
| CN112350978A (en) * | 2019-08-08 | 2021-02-09 | 中移(苏州)软件技术有限公司 | Service processing method, system, device and storage medium |
| CN112367383A (en) * | 2020-10-30 | 2021-02-12 | 深圳云之家网络有限公司 | Service calling method and related equipment |
| CN112506679A (en) * | 2020-12-17 | 2021-03-16 | 中国联合网络通信集团有限公司 | RPC service calling method and equipment |
| CN112559994A (en) * | 2020-12-25 | 2021-03-26 | 北京百度网讯科技有限公司 | Access control method, device, equipment and storage medium |
| CN112671751A (en) * | 2020-12-18 | 2021-04-16 | 福建新大陆软件工程有限公司 | Authentication method, device, equipment and medium based on micro-service architecture |
| CN112738069A (en) * | 2020-12-25 | 2021-04-30 | 神思旭辉医疗信息技术有限责任公司 | Fusion method, system and server based on stateful authentication mechanism and stateless authentication mechanism |
| CN112804224A (en) * | 2021-01-07 | 2021-05-14 | 沈阳麟龙科技股份有限公司 | Authentication method, device, medium and electronic equipment based on micro service |
| CN112818325A (en) * | 2021-01-30 | 2021-05-18 | 浪潮云信息技术股份公司 | Method for realizing API gateway independent authentication based on application |
| CN113014565A (en) * | 2021-02-19 | 2021-06-22 | 北京天维信通科技有限公司 | Zero trust architecture for realizing port scanning prevention and service port access method and equipment |
| CN113422686A (en) * | 2021-06-24 | 2021-09-21 | 平安国际智慧城市科技股份有限公司 | Gateway layer authentication method, system, electronic device and storage medium |
| CN113572779A (en) * | 2021-07-28 | 2021-10-29 | 重庆允成互联网科技有限公司 | Gateway authentication system, method, computer equipment and storage medium |
| CN113595978A (en) * | 2021-06-23 | 2021-11-02 | 北京国电通网络技术有限公司 | Data communication method based on micro-service architecture and related equipment |
| CN113806104A (en) * | 2021-08-02 | 2021-12-17 | 北京房江湖科技有限公司 | Interface access request processing method, API gateway, server and system |
| CN114189358A (en) * | 2021-11-16 | 2022-03-15 | 深圳航天智慧城市系统技术研究院有限公司 | Service security policy management method based on private cloud |
| CN114401098A (en) * | 2021-12-28 | 2022-04-26 | 智昌科技集团股份有限公司 | Application system and method for quickly constructing microservice |
| CN114449513A (en) * | 2020-10-16 | 2022-05-06 | 中移(上海)信息通信科技有限公司 | Authentication method, device and equipment of road side equipment and computer storage medium |
| CN114465895A (en) * | 2022-03-03 | 2022-05-10 | 上海微盟企业发展有限公司 | Request distribution method, device, equipment and storage medium based on micro service |
| CN114500107A (en) * | 2022-04-02 | 2022-05-13 | 公安部信息通信中心 | Cross-platform service cooperation and authentication system |
| CN114553967A (en) * | 2022-01-14 | 2022-05-27 | 青岛海尔科技有限公司 | Calling method and related device between micro services |
| CN114978999A (en) * | 2022-03-31 | 2022-08-30 | 华润网络(深圳)有限公司 | Method and device for multi-dimensional scheduling of traffic, computer equipment and storage medium |
| CN116743833A (en) * | 2023-08-16 | 2023-09-12 | 雄安国创中心科技有限公司 | Method and device for enhancing communication capability and network control capability of terminal and service |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101170733A (en) * | 2007-11-22 | 2008-04-30 | 中兴通讯股份有限公司 | An authentication and charging control method, device and system for WAP service |
| CN101741817A (en) * | 2008-11-21 | 2010-06-16 | 中国移动通信集团安徽有限公司 | System, device and method for multi-network integration |
| CN106998551A (en) * | 2016-01-25 | 2017-08-01 | 中兴通讯股份有限公司 | A kind of method, system, device and the terminal of application access authentication |
| CN107181675A (en) * | 2017-06-20 | 2017-09-19 | 北京奇艺世纪科技有限公司 | Service calling method and device |
| CN107295077A (en) * | 2017-06-16 | 2017-10-24 | 深圳易嘉恩科技有限公司 | Distributed cloud platform system based on micro services framework |
| US20170331791A1 (en) * | 2016-05-11 | 2017-11-16 | Oracle International Corporation | Policy enforcement point for a multi-tenant identity and data security management cloud service |
| CN107948284A (en) * | 2017-11-24 | 2018-04-20 | 泰康保险集团股份有限公司 | A kind of service inserting method, equipment and system based on micro services framework |
| CN108200146A (en) * | 2017-12-29 | 2018-06-22 | 华南理工大学 | A kind of micro services framework implementation method of lightweight |
-
2018
- 2018-06-28 CN CN201810689051.8A patent/CN108901022B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101170733A (en) * | 2007-11-22 | 2008-04-30 | 中兴通讯股份有限公司 | An authentication and charging control method, device and system for WAP service |
| CN101741817A (en) * | 2008-11-21 | 2010-06-16 | 中国移动通信集团安徽有限公司 | System, device and method for multi-network integration |
| CN106998551A (en) * | 2016-01-25 | 2017-08-01 | 中兴通讯股份有限公司 | A kind of method, system, device and the terminal of application access authentication |
| US20170331791A1 (en) * | 2016-05-11 | 2017-11-16 | Oracle International Corporation | Policy enforcement point for a multi-tenant identity and data security management cloud service |
| US10425386B2 (en) * | 2016-05-11 | 2019-09-24 | Oracle International Corporation | Policy enforcement point for a multi-tenant identity and data security management cloud service |
| CN107295077A (en) * | 2017-06-16 | 2017-10-24 | 深圳易嘉恩科技有限公司 | Distributed cloud platform system based on micro services framework |
| CN107181675A (en) * | 2017-06-20 | 2017-09-19 | 北京奇艺世纪科技有限公司 | Service calling method and device |
| CN107948284A (en) * | 2017-11-24 | 2018-04-20 | 泰康保险集团股份有限公司 | A kind of service inserting method, equipment and system based on micro services framework |
| CN108200146A (en) * | 2017-12-29 | 2018-06-22 | 华南理工大学 | A kind of micro services framework implementation method of lightweight |
Cited By (71)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109274699A (en) * | 2018-11-28 | 2019-01-25 | 北京锐安科技有限公司 | Method for authenticating, device, server and storage medium |
| CN111262821A (en) * | 2018-12-01 | 2020-06-09 | 星际空间(天津)科技发展有限公司 | Authentication method based on micro-service |
| CN109327477A (en) * | 2018-12-06 | 2019-02-12 | 泰康保险集团股份有限公司 | Authentication method, device and storage medium |
| CN109635550A (en) * | 2018-12-12 | 2019-04-16 | 苏州思必驰信息科技有限公司 | Authorization check method, gateway and the system of company-data |
| CN109672612A (en) * | 2018-12-13 | 2019-04-23 | 中国电子科技集团公司电子科学研究院 | API gateway system |
| CN109347888A (en) * | 2018-12-21 | 2019-02-15 | 北京博明信德科技有限公司 | Method for authenticating, gateway and authentication device based on RESTful |
| CN109670300A (en) * | 2018-12-25 | 2019-04-23 | 钛马信息网络技术有限公司 | Micro services cloud platform interface manages system and method |
| CN109815683A (en) * | 2018-12-29 | 2019-05-28 | 深圳云天励飞技术有限公司 | Method for verifying authority and relevant apparatus |
| CN109784709A (en) * | 2019-01-07 | 2019-05-21 | 中车青岛四方机车车辆股份有限公司 | IT application in enterprises collaboration applications method and system |
| CN109525613A (en) * | 2019-01-16 | 2019-03-26 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of demand processing system and method |
| CN109922158A (en) * | 2019-03-22 | 2019-06-21 | 泰康保险集团股份有限公司 | Data processing method, device, medium and electronic equipment based on micro services |
| CN110049048A (en) * | 2019-04-22 | 2019-07-23 | 易联众民生(厦门)科技有限公司 | A kind of data access method, equipment and the readable medium of government affairs public service |
| CN110120946A (en) * | 2019-04-29 | 2019-08-13 | 武汉理工大学 | A kind of Centralized Authentication System and method of Web and micro services |
| CN110149211A (en) * | 2019-05-15 | 2019-08-20 | 杭州朗和科技有限公司 | Entitlement method, entitlement device, medium and electronic equipment |
| WO2020233361A1 (en) * | 2019-05-21 | 2020-11-26 | 深圳壹账通智能科技有限公司 | Internal service invoking method and apparatus based on gateway, and terminal device |
| CN110233886A (en) * | 2019-05-30 | 2019-09-13 | 华南理工大学 | A kind of High Availabitity service governing system and implementation method towards magnanimity micro services |
| CN110333957A (en) * | 2019-05-30 | 2019-10-15 | 重庆金融资产交易所有限责任公司 | Remote procedure call service calling method, device and computer equipment |
| CN110333957B (en) * | 2019-05-30 | 2024-02-02 | 深圳创芯在线科技有限公司 | Remote Procedure Call (RPC) service calling method, device and computer equipment |
| CN110493186A (en) * | 2019-07-10 | 2019-11-22 | 五八有限公司 | A kind of method of adjustment and device of functional status |
| CN112350978A (en) * | 2019-08-08 | 2021-02-09 | 中移(苏州)软件技术有限公司 | Service processing method, system, device and storage medium |
| CN110493239A (en) * | 2019-08-26 | 2019-11-22 | 京东数字科技控股有限公司 | The method and apparatus of authentication |
| CN111031008A (en) * | 2019-11-25 | 2020-04-17 | 集奥聚合(北京)人工智能科技有限公司 | Method for gateway to uniformly intercept user request and judge whether to release |
| CN111031008B (en) * | 2019-11-25 | 2022-05-24 | 北京小向创新人工智能科技有限公司 | Method for gateway to uniformly intercept and judge whether user request is released |
| CN110958237A (en) * | 2019-11-26 | 2020-04-03 | 苏州思必驰信息科技有限公司 | Authority verification method and device |
| CN111131397A (en) * | 2019-12-02 | 2020-05-08 | 北京海益同展信息科技有限公司 | Application management method and system, gateway platform, server and storage medium |
| CN111131397B (en) * | 2019-12-02 | 2022-09-30 | 京东科技信息技术有限公司 | Application management method and system, gateway platform, server and storage medium |
| CN111010385A (en) * | 2019-12-09 | 2020-04-14 | 山东浪潮商用系统有限公司 | RESTful-based secure interaction method |
| CN111125655A (en) * | 2019-12-20 | 2020-05-08 | 紫光云(南京)数字技术有限公司 | Method for secure communication of OSS-API interface |
| CN111049854B (en) * | 2019-12-25 | 2021-12-14 | 微民保险代理有限公司 | Service request transmission method and device |
| CN111049854A (en) * | 2019-12-25 | 2020-04-21 | 微民保险代理有限公司 | Service request transmission method and device |
| CN111182537A (en) * | 2019-12-31 | 2020-05-19 | 北京指掌易科技有限公司 | Network access method, device and system for mobile application |
| CN111181991A (en) * | 2020-01-03 | 2020-05-19 | 苏州融卡智能科技有限公司 | Method and device for constructing terminal access platform of Internet of things |
| CN111181991B (en) * | 2020-01-03 | 2022-06-17 | 深圳融卡科技有限公司 | Method and device for constructing terminal access platform of Internet of things |
| CN111262836A (en) * | 2020-01-09 | 2020-06-09 | 腾讯科技(深圳)有限公司 | Micro-service authorization method, device and storage medium |
| CN111290865A (en) * | 2020-02-10 | 2020-06-16 | 腾讯科技(深圳)有限公司 | Service calling method and device, electronic equipment and storage medium |
| CN111147525A (en) * | 2020-02-27 | 2020-05-12 | 深圳市伊欧乐科技有限公司 | Authentication method, system, server and storage medium based on API gateway |
| CN111585973A (en) * | 2020-04-16 | 2020-08-25 | 北京明略软件系统有限公司 | Method and device for managing access |
| CN111786998A (en) * | 2020-06-30 | 2020-10-16 | 成都新潮传媒集团有限公司 | Authority management method and device based on micro-service calling and storage medium |
| CN111917837A (en) * | 2020-07-13 | 2020-11-10 | 西安即刻易用网络科技有限公司 | Web micro application program publishing system and implementation method thereof |
| CN111865984A (en) * | 2020-07-21 | 2020-10-30 | 浪潮云信息技术股份公司 | Stateless authentication method for micro-service system |
| CN111884917A (en) * | 2020-07-28 | 2020-11-03 | 浪潮云信息技术股份公司 | Gateway system based on micro service and gateway dynamic routing method |
| CN112003911A (en) * | 2020-08-11 | 2020-11-27 | 上海博泰悦臻电子设备制造有限公司 | Communication connection method for cloud platform and cloud platform |
| CN112153012A (en) * | 2020-09-01 | 2020-12-29 | 珠海市卓轩科技有限公司 | Multi-terminal contact access method, device and storage medium |
| CN114449513A (en) * | 2020-10-16 | 2022-05-06 | 中移(上海)信息通信科技有限公司 | Authentication method, device and equipment of road side equipment and computer storage medium |
| CN112261047A (en) * | 2020-10-22 | 2021-01-22 | 上海擎感智能科技有限公司 | Gateway access method, mobile terminal and computer storage medium |
| CN112261047B (en) * | 2020-10-22 | 2023-11-03 | 上海擎感智能科技有限公司 | Gateway access method, mobile terminal and computer storage medium |
| CN112351015A (en) * | 2020-10-28 | 2021-02-09 | 广州助蜂网络科技有限公司 | Gateway control method based on API |
| CN112351015B (en) * | 2020-10-28 | 2023-03-14 | 广州助蜂网络科技有限公司 | Gateway control method based on API |
| CN112367383A (en) * | 2020-10-30 | 2021-02-12 | 深圳云之家网络有限公司 | Service calling method and related equipment |
| CN112506679A (en) * | 2020-12-17 | 2021-03-16 | 中国联合网络通信集团有限公司 | RPC service calling method and equipment |
| CN112671751A (en) * | 2020-12-18 | 2021-04-16 | 福建新大陆软件工程有限公司 | Authentication method, device, equipment and medium based on micro-service architecture |
| CN112671751B (en) * | 2020-12-18 | 2023-05-02 | 福建新大陆软件工程有限公司 | Authentication method, system, equipment and medium based on micro-service architecture |
| CN112559994A (en) * | 2020-12-25 | 2021-03-26 | 北京百度网讯科技有限公司 | Access control method, device, equipment and storage medium |
| CN112559994B (en) * | 2020-12-25 | 2023-12-01 | 北京百度网讯科技有限公司 | Access control method, device, equipment and storage medium |
| CN112738069A (en) * | 2020-12-25 | 2021-04-30 | 神思旭辉医疗信息技术有限责任公司 | Fusion method, system and server based on stateful authentication mechanism and stateless authentication mechanism |
| CN112804224A (en) * | 2021-01-07 | 2021-05-14 | 沈阳麟龙科技股份有限公司 | Authentication method, device, medium and electronic equipment based on micro service |
| CN112818325A (en) * | 2021-01-30 | 2021-05-18 | 浪潮云信息技术股份公司 | Method for realizing API gateway independent authentication based on application |
| CN113014565A (en) * | 2021-02-19 | 2021-06-22 | 北京天维信通科技有限公司 | Zero trust architecture for realizing port scanning prevention and service port access method and equipment |
| CN113595978A (en) * | 2021-06-23 | 2021-11-02 | 北京国电通网络技术有限公司 | Data communication method based on micro-service architecture and related equipment |
| CN113422686A (en) * | 2021-06-24 | 2021-09-21 | 平安国际智慧城市科技股份有限公司 | Gateway layer authentication method, system, electronic device and storage medium |
| CN113572779A (en) * | 2021-07-28 | 2021-10-29 | 重庆允成互联网科技有限公司 | Gateway authentication system, method, computer equipment and storage medium |
| CN113806104A (en) * | 2021-08-02 | 2021-12-17 | 北京房江湖科技有限公司 | Interface access request processing method, API gateway, server and system |
| CN114189358A (en) * | 2021-11-16 | 2022-03-15 | 深圳航天智慧城市系统技术研究院有限公司 | Service security policy management method based on private cloud |
| CN114401098A (en) * | 2021-12-28 | 2022-04-26 | 智昌科技集团股份有限公司 | Application system and method for quickly constructing microservice |
| CN114553967A (en) * | 2022-01-14 | 2022-05-27 | 青岛海尔科技有限公司 | Calling method and related device between micro services |
| CN114465895A (en) * | 2022-03-03 | 2022-05-10 | 上海微盟企业发展有限公司 | Request distribution method, device, equipment and storage medium based on micro service |
| CN114978999A (en) * | 2022-03-31 | 2022-08-30 | 华润网络(深圳)有限公司 | Method and device for multi-dimensional scheduling of traffic, computer equipment and storage medium |
| CN114500107B (en) * | 2022-04-02 | 2022-06-17 | 公安部信息通信中心 | Cross-platform service cooperation and authentication system |
| CN114500107A (en) * | 2022-04-02 | 2022-05-13 | 公安部信息通信中心 | Cross-platform service cooperation and authentication system |
| CN116743833A (en) * | 2023-08-16 | 2023-09-12 | 雄安国创中心科技有限公司 | Method and device for enhancing communication capability and network control capability of terminal and service |
| CN116743833B (en) * | 2023-08-16 | 2023-11-03 | 雄安国创中心科技有限公司 | Method and device for enhancing communication capability and network control capability of terminal and service |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108901022B (en) | 2021-08-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108901022A (en) | A kind of micro services universal retrieval method and gateway | |
| US9787664B1 (en) | Methods systems and articles of manufacture for implementing user access to remote resources | |
| CN101616136B (en) | Method for supplying internet service and service integrated platform system | |
| CN101331731B (en) | Method, apparatus and program products for custom authentication of a principal in a federation by an identity provider | |
| CN102143134B (en) | Method, device and system for distributed identity authentication | |
| US8578465B2 (en) | Token-based control of permitted sub-sessions for online collaborative computing sessions | |
| CN105357242B (en) | Access the method and system of WLAN, short message pushes platform, gate system | |
| CN110177124B (en) | Identity authentication method based on block chain and related equipment | |
| CN105144111A (en) | Relay service for different WEB service architectures | |
| US11658963B2 (en) | Cooperative communication validation | |
| Leitold et al. | STORK: architecture, implementation and pilots | |
| US9432437B1 (en) | Dynamic telemetry client message routing | |
| Ferry et al. | Security evaluation of the OAuth 2.0 framework | |
| US20120278854A1 (en) | System and method for device addressing | |
| CN112468481A (en) | Single-page and multi-page web application identity integrated authentication method based on CAS | |
| JP4897503B2 (en) | Account linking system, account linking method, linkage server device | |
| CN110661798A (en) | Authentication method based on authentication platform | |
| CN111147572A (en) | Cloud customer service platform management system and method | |
| CN102217280A (en) | Method, system, and server for user service authentication | |
| CN110278179A (en) | Single-point logging method, device and system and electronic equipment | |
| CN109726545A (en) | A kind of information display method, equipment, computer readable storage medium and device | |
| CN103428161A (en) | Phone authentication service system | |
| CN101969426B (en) | Distributed user authentication system and method | |
| CN103179108A (en) | Integrating server applications with multiple authentication providers | |
| Reimair et al. | WebCrySIL-web cryptographic service interoperability layer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |