CN109684820A - Service Privileges acquisition methods, device and electronic equipment - Google Patents
Service Privileges acquisition methods, device and electronic equipment Download PDFInfo
- Publication number
- CN109684820A CN109684820A CN201811629666.8A CN201811629666A CN109684820A CN 109684820 A CN109684820 A CN 109684820A CN 201811629666 A CN201811629666 A CN 201811629666A CN 109684820 A CN109684820 A CN 109684820A
- Authority
- CN
- China
- Prior art keywords
- service
- request
- sent
- server
- certificate server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 230000006870 function Effects 0.000 claims description 29
- 238000004519 manufacturing process Methods 0.000 claims description 8
- 238000012795 verification Methods 0.000 claims description 8
- 238000004590 computer program Methods 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 claims description 6
- 238000012790 confirmation Methods 0.000 claims description 6
- 238000005516 engineering process Methods 0.000 abstract description 3
- 238000004891 communication Methods 0.000 description 8
- 238000013475 authorization Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 230000000694 effects Effects 0.000 description 4
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000003032 molecular docking Methods 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000035800 maturation Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention provides a kind of Service Privileges acquisition methods, device and electronic equipments, are related to micro services architecture technology field, comprising: receive the registration request that server-side is sent;Certification request is sent to certificate server according to the registration request;Receive the authentication result that the certificate server is sent according to the certification request;If the authentication result is that certification passes through, confirm that server-side succeeds in registration;It is requested according to the service acquisition that user terminal is sent to the certificate server sending permission acquisition request;Receive the authority information that the certificate server is sent according to the authority acquiring request;It is sent service information according to the authority information to the user terminal, so that the user terminal calls service end interface to the server-side according to the information on services, solves the excessively single technical problem of the function of registrar existing in the prior art.
Description
Technical field
The present invention relates to micro services architecture technology field, more particularly, to a kind of Service Privileges acquisition methods, device and
Electronic equipment.
Background technique
In micro services framework, service register and discovery function is extremely important, it is related to a whole set of cloud pipe platform High Availabitity
Can environment operate normally.Currently, service register and discovery is realized using spring Cloud Eureka.Eureka is
The service discovery framework of Netflix exploitation, is the service based on REST in itself, is mainly used for positioning trip in the domain AWS
Middle layer service, to achieve the purpose that load balancing and middle layer service failover.It is integrated in by Spring Cloud
In its sub-project spring-cloud-netflix, to realize the service discovery function of Spring Cloud.
Eureka includes two components: Eureka Server (registrar) and Eureka Client (client).
Wherein, Eureka Server provides service registration service and can be infused in Eureka Server after each node starting
Copy, the information of all available service nodes will be stored in the web services registry in such Eureka Server, service node
Information can intuitively be seen in interface.
But after micro services module initiates registration request to registrar, registrar is merely able to play response
The function of registration request, therefore, the function of registrar are excessively single, cannot meet customer need.
Summary of the invention
In view of this, the purpose of the present invention is to provide a kind of Service Privileges acquisition methods, device and electronic equipment, with
Solve the excessively single technical problem of the function of registrar existing in the prior art.
In a first aspect, it is applied to registrar the embodiment of the invention provides a kind of Service Privileges acquisition methods, it is described
Method includes:
Receive the registration request that server-side is sent;
Certification request is sent to certificate server according to the registration request;
Receive the authentication result that the certificate server is sent according to the certification request;
If the authentication result is that certification passes through, confirm that server-side succeeds in registration;
The service acquisition request sent according to user terminal, Xiang Suoshu certificate server sending permission acquisition request;
Receive the authority information that the certificate server is sent according to the authority acquiring request;
It is sent service information according to the authority information to the user terminal, so that the user terminal is believed according to the service
It ceases to the server-side and calls service end interface.
With reference to first aspect, the embodiment of the invention provides the first possible embodiments of first aspect, wherein institute
Stating registration request includes: producer services ID and producer services namespace.
With reference to first aspect, the embodiment of the invention provides second of possible embodiments of first aspect, wherein root
Certification request is sent to certificate server according to the registration request, comprising:
Certification request is generated according to call back function interface and the registration request, and the certification request is sent to and is recognized
Demonstrate,prove server.
With reference to first aspect, the embodiment of the invention provides the third possible embodiments of first aspect, wherein institute
Authentication result is stated to include: registration failure or succeed in registration;
The registration failure indicates that the certificate server determines that the certification request does not pass through by verification;
Described succeed in registration indicates that the certificate server determines that the certification request passes through by verification.
With reference to first aspect, the embodiment of the invention provides the 4th kind of possible embodiments of first aspect, wherein root
The service acquisition request sent according to user terminal, Xiang Suoshu certificate server sending permission acquisition request, comprising:
Receive the service acquisition request that user terminal is sent, wherein the service acquisition request includes User ID;
The User ID is sent to the certificate server, so that the certificate server is inquired according to the User ID
Corresponding manufacturing side authority information, and permissions list is generated according to the manufacturing side authority information.
With reference to first aspect, the embodiment of the invention provides the 5th kind of possible embodiments of first aspect, wherein connects
Receive the authority information that the certificate server is sent according to the authority acquiring request, comprising:
Receive the permissions list that the certificate server is sent, wherein the permissions list is the authentication service
The permissions list that device is generated according to the User ID.
With reference to first aspect, the embodiment of the invention provides the 6th kind of possible embodiments of first aspect, wherein root
It sends service information according to the authority information to the user terminal, so that the user terminal is according to the information on services to the clothes
End calling of being engaged in services end interface, comprising:
According to the permissions list query service list, wherein the service list includes: producer services title, life
Production person's service access address and allow quantity using example;
By calling the call back function interface that the service list is sent to the user terminal, so that the user terminal
Service end interface is called to the server-side according to the service list.
Second aspect, the embodiment of the present invention also provide a kind of Service Privileges acquisition device, are applied to registrar, described
Device includes:
First receiving module, for receiving the registration request of server-side transmission;
First sending module, for sending certification request to certificate server according to the registration request;
Second receiving module, the authentication result sent for receiving the certificate server according to the certification request;
Confirmation module confirms that server-side succeeds in registration if being that certification passes through for the authentication result;
Second sending module, the service acquisition request for being sent according to user terminal, Xiang Suoshu certificate server transmission route
Limit acquisition request;
Third receiving module is believed for receiving the certificate server according to the permission that the authority acquiring request is sent
Breath;
Third sending module, for being sent service information according to the authority information to the user terminal, so that the use
Family end service end interface is called to the server-side according to the information on services.
The third aspect, the embodiment of the present invention also provide a kind of electronic equipment, including memory, processor, the memory
In be stored with the computer program that can be run on the processor, the processor is realized when executing the computer program
The step of stating method as described in relation to the first aspect.
Fourth aspect, the embodiment of the present invention also provide a kind of meter of non-volatile program code that can be performed with processor
Calculation machine readable medium, said program code make the method for the processor execution as described in relation to the first aspect.
Technical solution provided in an embodiment of the present invention brings following the utility model has the advantages that service power provided in an embodiment of the present invention
Limit acquisition methods, device and electronic equipment.Firstly, receive server-side send registration request, then, according to registration request to
Certificate server sends certification request, later, receives the authentication result that certificate server is sent according to certification request, if certification knot
Fruit is that certification passes through, then confirms that server-side succeeds in registration, requested later according to the service acquisition that user terminal is sent to authentication service
Then device sending permission acquisition request receives the authority information that certificate server is sent according to authority acquiring request, later basis
Authority information sends service information to user terminal, so that user terminal calls service end interface to server-side according to information on services, because
This, is docked with registrar by registrar, permission system and Accreditation System is connected, i.e. request to note
The request of volume server will be by being sent to user for the corresponding information on services of permission again after the purview certification of certificate server
End, makes registrar while service registration, also by docking the function of having had purview certification with registrar,
To solve the excessively single technical problem of the function of registrar existing in the prior art.
Other features and advantages of the present invention will illustrate in the following description, also, partly become from specification
It obtains it is clear that understand through the implementation of the invention.The objectives and other advantages of the invention are in specification and attached drawing
Specifically noted structure is achieved and obtained.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing, is described in detail below.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor
It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 shows the flow chart of Service Privileges acquisition methods provided by the embodiment of the present invention one;
Fig. 2 shows the flow charts of Service Privileges acquisition methods provided by the embodiment of the present invention two;
Fig. 3 shows another flow chart of Service Privileges acquisition methods provided by the embodiment of the present invention two;
Fig. 4 shows the structural schematic diagram of a kind of electronic equipment provided by the embodiment of the present invention four.
Icon: 4- electronic equipment;41- memory;42- processor;43- bus;44- communication interface.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with attached drawing to the present invention
Technical solution be clearly and completely described, it is clear that described embodiments are some of the embodiments of the present invention, rather than
Whole embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creative work premise
Under every other embodiment obtained, shall fall within the protection scope of the present invention.
Currently, service register and discovery function is extremely important in micro services framework, it is related to that a whole set of cloud pipe platform is high
It can be operated normally with environment, and controlling service register and discovery by permission is very important.The hair of service registration at present
It is now to be realized using spring Cloud Eureka, but it does not have the function with permission system docking, i.e. micro services mould
Block initiates registration request to registration and discovery server, and then the server only can register clothes directly in response to registration request, therefore
The function of business device is excessively single.
Based on this, a kind of Service Privileges acquisition methods, device and electronic equipment provided in an embodiment of the present invention can be solved
The excessively single technical problem of the function of registrar certainly existing in the prior art.
For convenient for understanding the present embodiment, first to a kind of Service Privileges acquisition side disclosed in the embodiment of the present invention
Method, device and electronic equipment describe in detail.
Embodiment one:
A kind of Service Privileges acquisition methods provided in an embodiment of the present invention are applied to registrar (Eureka service
Device), as shown in Figure 1, this method comprises:
S11: the registration request that server-side is sent is received.
It should be noted that Eureka is the service discovery framework of Netflix exploitation, it is the clothes based on REST in itself
Business, is mainly used for middle layer service of the positioning trip in the domain AWS, to reach load balancing and middle layer service failover
Purpose.It is integrated in its sub-project spring-cloud-netflix by Spring Cloud, to realize Spring Cloud
Service discovery function.
S12: certification request is sent to certificate server according to registration request.
As a preferred embodiment, the registration request that registrar is sent according to server-side is recognized to certificate server transmission
Card request.
S13: the authentication result that certificate server is sent according to certification request is received, and judges whether authentication result is certification
Pass through, if so, carrying out step S14.
As the preferred embodiment of the present embodiment, registrar receives the authentication result that certification request is sent, wherein
The authentication result is the authentication result that certificate server is sent according to the certification request in step S12.
S14: confirmation server-side succeeds in registration, and is requested according to the service acquisition that user terminal is sent, is sent to certificate server
Authority acquiring request.
In practical applications, registrar receives the service acquisition request that user terminal is sent, and according to the service acquisition
It requests to certificate server sending permission acquisition request.
S15: the authority information that certificate server is sent according to authority acquiring request is received.
In this step, registrar receives the authority information that certificate server is sent, wherein the authority information is certification
Server is sent according to authority acquiring request.
S16: sending service information according to authority information to user terminal, so that user terminal is according to information on services to server-side tune
With service end interface.
In the present embodiment, by modifying the source code realization of Eureka and docking for permission system (i.e. registrar), lead to
The mode for crossing administrator's examination & approval realizes registration and discovery.Specifically, the request of request to Eureka server will go to recognize every time
Card center (i.e. registrar) could use after getting permission, this purview certification is embodied in service consumer (i.e. user terminal)
With the authority relation between ISP (i.e. server-side).
Embodiment two:
A kind of Service Privileges acquisition methods provided in an embodiment of the present invention are applied to registrar (eureka service
Device), as shown in Fig. 2, this method comprises:
S21: the registration request that server-side is sent is received.
Wherein, registration request includes: producer services ID and producer services namespace.As shown in figure 3, production
Person's server-side (service producer) initiates registration request to registrar (eureka server).Wherein, in producer's code
Need to be arranged whether switch needs to initiate registration request to registrar.When the switch is opened, producer services end is from trend
Registrar initiates registration request, while carrying producer services ID and affiliated NameSpace (namespace) two letters
Breath.The information of two carryings have a following effect: producer ID be used to be producer's example unique identification;Affiliated namespace
Capability identification when the example number and consumer registered in limitation namespace in effect obtain producer's list.
S22: certification request is generated according to call back function interface and registration request, and certification request is sent to certification clothes
Business device.
In this step, service discovery and registrar (i.e. registrar) are to authentication center (authentication authorization and accounting server) Shen
It please register permission.Specifically, after registrar receives the registration request at producer services end, by producer ID and
The information such as namespace are forwarded to authentication center (authentication authorization and accounting server) certification, this verification process is asynchronous process, detailed process
It include: to carry former solicited message and call back function after service discovery receives request with registrar (i.e. registrar)
Interface initiates certification request to authentication center (authentication authorization and accounting server).
S23: the authentication result that certificate server is sent according to certification request is received, and judges whether authentication result is certification
Pass through, if so, carrying out step S24.
Specifically, callback interface is stored in and is cached after authentication center's (authentication authorization and accounting server) receives request, according to
Namespace verification allows at most to allow the quantity for registering example under this namespace: returning to wrong letter if verification does not pass through
Breath, i.e. registration failure;If approval list is added after passing through in verification.As the another embodiment of the present embodiment, administrator is examined
Criticizing opinion is that when agreeing to, callback interface is taken out from caching, initiates readjustment.
Then, authentication center's (authentication authorization and accounting server) returns the result to registration discovery server (i.e. registrar), because
This, the authentication result of return includes registration failure or succeeds in registration: registration failure indicates that certificate server is recognized by verifying determination
Card request does not pass through;Succeeding in registration indicates that certificate server determines that certification request passes through by verifying.
In the case where succeeding in registration, authentication center's (authentication authorization and accounting server) initiates readjustment request, and carrying, which authenticates, successfully to be believed
Breath returns to registration discovery server (i.e. registrar).The content of the information further include: example ID, approval results, registration
As a result etc..
S24: confirmation server-side succeeds in registration, and receives the service acquisition request that user terminal is sent, wherein service acquisition request
Including User ID.
In this step, consumer initiates request clothes to registration discovery server (i.e. registrar) by user terminal
It is engaged in list, while carrying consumer ID and call back function interface the two information, the effect of the two information includes: consumer ID
It is the unique identification for indicating consumer's example, call back function interface is used to receive the service list of return.
S25: being sent to certificate server for User ID, so that certificate server inquires the corresponding manufacturing side according to User ID
Authority information, and permissions list is generated according to manufacturing side authority information.
Preferably, after registration discovery server (i.e. registrar) receives request, consumer ID is forwarded to certification
Center (authentication authorization and accounting server), certificate server receive and inquire corresponding producer's authority information according to consumer ID after request,
Permissions list is formed to prepare to return.
S26: the permissions list that certificate server is sent is received, wherein permissions list is certificate server according to User ID
The permissions list of generation.
As the preferred embodiment of the present embodiment, registration finds server (i.e. registrar) to authentication center (i.e.
Certificate server) obtain the permissions list serviced.
S27: according to permissions list query service list, wherein service list includes: producer services title, the producer
Service access address and allow quantity using example.
In practical applications, registration discovery server (i.e. registrar) is after receiving permissions list, according to wherein
Information inquire producer services title, producer services access address, allow using information such as the quantity of example, thus raw
At service list.
S28: by calling call back function interface that service list is sent to user terminal, so that user terminal is according to service list
Service end interface is called to server-side.
In practical applications, registration discovery server (i.e. registrar) returns to service list, i.e. user to user terminal
End is again by calling call back function interface that this information (service list) is returned to the user terminal of consumer.Consumer passes through user
End obtains service list.
Then, the user terminal of consumer calls the server-side of the producer.Specifically, the user terminal of consumer is according to acquisition
Service list calls some example of the producer, if calling example not within the scope of list, provides example without access authority
Prompt information.
Embodiment three:
A kind of Service Privileges acquisition device provided in an embodiment of the present invention, is applied to registrar, and Service Privileges obtain
Device includes: that the first receiving module, the first sending module, the second receiving module, confirmation module, the second sending module, third connect
Receive module and third sending module.
Wherein, the first receiving module is used to receive the registration request of server-side transmission.First sending module is used for according to note
Volume requests to send certification request to certificate server.Second receiving module is sent for receiving certificate server according to certification request
Authentication result.
If confirming that server-side succeeds in registration further, confirmation module is that certification passes through for the authentication result.
The service acquisition that second sending module is used to be sent according to user terminal is requested, and the acquisition of Xiang Suoshu certificate server sending permission is asked
It asks.Third receiving module is for receiving the authority information that certificate server is sent according to authority acquiring request.Third sending module
For being sent service information according to authority information to user terminal, so that user terminal calls server-side to server-side according to information on services
Interface.
Example IV:
A kind of electronic equipment provided in an embodiment of the present invention, as shown in figure 4, electronic equipment 4 includes memory 41, processor
42, the computer program that can be run on the processor is stored in the memory, the processor executes the calculating
The step of method that above-described embodiment one or embodiment two provide is realized when machine program.
Referring to fig. 4, electronic equipment further include: bus 43 and communication interface 44, processor 42, communication interface 44 and memory
41 are connected by bus 43;Processor 42 is for executing the executable module stored in memory 41, such as computer program.
Wherein, memory 41 may include high-speed random access memory (RAM, Random Access Memory),
It may further include nonvolatile memory (non-volatile memory), for example, at least a magnetic disk storage.By at least
One communication interface 44 (can be wired or wireless) realizes the communication between the system network element and at least one other network element
Connection, can be used internet, wide area network, local network, Metropolitan Area Network (MAN) etc..
Bus 43 can be isa bus, pci bus or eisa bus etc..The bus can be divided into address bus, data
Bus, control bus etc..Only to be indicated with a four-headed arrow convenient for indicating, in Fig. 4, it is not intended that an only bus or
A type of bus.
Wherein, memory 41 is for storing program, and the processor 42 executes the journey after receiving and executing instruction
Sequence, method performed by the device that the stream process that aforementioned any embodiment of the present invention discloses defines can be applied to processor 42
In, or realized by processor 42.
Processor 42 may be a kind of IC chip, the processing capacity with signal.During realization, above-mentioned side
Each step of method can be completed by the integrated logic circuit of the hardware in processor 42 or the instruction of software form.Above-mentioned
Processor 42 can be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network
Processor (Network Processor, abbreviation NP) etc.;It can also be digital signal processor (Digital Signal
Processing, abbreviation DSP), specific integrated circuit (Application Specific Integrated Circuit, referred to as
ASIC), ready-made programmable gate array (Field-Programmable Gate Array, abbreviation FPGA) or other are programmable
Logical device, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute in the embodiment of the present invention
Disclosed each method, step and logic diagram.General processor can be microprocessor or the processor is also possible to appoint
What conventional processor etc..The step of method in conjunction with disclosed in the embodiment of the present invention, can be embodied directly in hardware decoding processing
Device executes completion, or in decoding processor hardware and software module combination execute completion.Software module can be located at
Machine memory, flash memory, read-only memory, programmable read only memory or electrically erasable programmable memory, register etc. are originally
In the storage medium of field maturation.The storage medium is located at memory 41, and processor 42 reads the information in memory 41, in conjunction with
Its hardware completes the step of above method.
Embodiment five:
It is provided in an embodiment of the present invention it is a kind of with processor can be performed non-volatile program code it is computer-readable
Medium, said program code make the method that the processor executes above-described embodiment one or embodiment two provides.
Unless specifically stated otherwise, the opposite step of the component and step that otherwise illustrate in these embodiments, digital table
It is not limit the scope of the invention up to formula and numerical value.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description
It with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.
In all examples being illustrated and described herein, any occurrence should be construed as merely illustratively, without
It is as limitation, therefore, other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi
It is defined in a attached drawing, does not then need that it is further defined and explained in subsequent attached drawing.
The flow chart and block diagram in the drawings show the system of multiple embodiments according to the present invention, method and computer journeys
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, section or code of table, a part of the module, section or code include one or more use
The executable instruction of the logic function as defined in realizing.It should also be noted that in some implementations as replacements, being marked in box
The function of note can also occur in a different order than that indicated in the drawings.For example, two continuous boxes can actually base
Originally it is performed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.It is also noted that
It is the combination of each box in block diagram and or flow chart and the box in block diagram and or flow chart, can uses and execute rule
The dedicated hardware based system of fixed function or movement is realized, or can use the group of specialized hardware and computer instruction
It closes to realize.
The computer-readable medium of the non-volatile program code provided in an embodiment of the present invention that can be performed with processor,
With Service Privileges acquisition methods provided by the above embodiment, device and electronic equipment technical characteristic having the same, so
It can solve identical technical problem, reach identical technical effect.
In addition, term " first ", " second ", " third " are used for description purposes only, it is not understood to indicate or imply phase
To importance.
The computer program product of Service Privileges acquisition methods is carried out provided by the embodiment of the present invention, including stores place
The computer readable storage medium of the executable non-volatile program code of device is managed, the instruction that said program code includes can be used for
Previous methods method as described in the examples is executed, specific implementation can be found in embodiment of the method, and details are not described herein.
In several embodiments provided herein, it should be understood that disclosed systems, devices and methods, it can be with
It realizes by another way.The apparatus embodiments described above are merely exemplary, for example, the division of the unit,
Only a kind of logical function partition, there may be another division manner in actual implementation, in another example, multiple units or components can
To combine or be desirably integrated into another system, or some features can be ignored or not executed.Another point, it is shown or beg for
The mutual coupling, direct-coupling or communication connection of opinion can be through some communication interfaces, device or unit it is indirect
Coupling or communication connection can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product
It is stored in a computer readable storage medium.Based on this understanding, technical solution of the present invention is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a
People's computer, server or network equipment etc.) it performs all or part of the steps of the method described in the various embodiments of the present invention.
And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited
The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.
Finally, it should be noted that embodiment described above, only a specific embodiment of the invention, to illustrate the present invention
Technical solution, rather than its limitations, scope of protection of the present invention is not limited thereto, although with reference to the foregoing embodiments to this hair
It is bright to be described in detail, those skilled in the art should understand that: anyone skilled in the art
In the technical scope disclosed by the present invention, it can still modify to technical solution documented by previous embodiment or can be light
It is readily conceivable that variation or equivalent replacement of some of the technical features;And these modifications, variation or replacement, do not make
The essence of corresponding technical solution is detached from the spirit and scope of technical solution of the embodiment of the present invention, should all cover in protection of the invention
Within the scope of.Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. a kind of Service Privileges acquisition methods, which is characterized in that be applied to registrar, which comprises
Receive the registration request that server-side is sent;
Certification request is sent to certificate server according to the registration request;
Receive the authentication result that the certificate server is sent according to the certification request;
If the authentication result is that certification passes through, confirm that server-side succeeds in registration;
The service acquisition request sent according to user terminal, Xiang Suoshu certificate server sending permission acquisition request;
Receive the authority information that the certificate server is sent according to the authority acquiring request;
Sent service information according to the authority information to the user terminal so that the user terminal according to the information on services to
The server-side calls service end interface.
2. Service Privileges acquisition methods according to claim 1, which is characterized in that the registration request includes: the producer
Service ID and producer services namespace.
3. Service Privileges acquisition methods according to claim 1 or 2, which is characterized in that according to the registration request to recognizing
It demonstrate,proves server and sends certification request, comprising:
Certification request is generated according to call back function interface and the registration request, and the certification request is sent to certification clothes
Business device.
4. Service Privileges acquisition methods according to claim 1, which is characterized in that the authentication result includes: that registration is lost
It loses or succeeds in registration;
The registration failure indicates that the certificate server determines that the certification request does not pass through by verification;
Described succeed in registration indicates that the certificate server determines that the certification request passes through by verification.
5. Service Privileges acquisition methods according to claim 3, which is characterized in that the service acquisition sent according to user terminal
Request, Xiang Suoshu certificate server sending permission acquisition request, comprising:
Receive the service acquisition request that user terminal is sent, wherein the service acquisition request includes User ID;
The User ID is sent to the certificate server, is corresponded to so that the certificate server is inquired according to the User ID
Manufacturing side authority information, and according to the manufacturing side authority information generate permissions list.
6. Service Privileges acquisition methods according to claim 5, which is characterized in that receive the certificate server according to institute
State the authority information of authority acquiring request transmission, comprising:
Receive the permissions list that the certificate server is sent, wherein the permissions list is the certificate server root
The permissions list generated according to the User ID.
7. Service Privileges acquisition methods according to claim 6, which is characterized in that according to the authority information to the use
Family end sends service information, so that the user terminal calls service end interface, packet to the server-side according to the information on services
It includes:
According to the permissions list query service list, wherein the service list includes: producer services title, the producer
Service access address and allow quantity using example;
By calling the call back function interface that the service list is sent to the user terminal so that the user terminal according to
The service list calls service end interface to the server-side.
8. a kind of Service Privileges acquisition device, which is characterized in that be applied to registrar, described device includes:
First receiving module, for receiving the registration request of server-side transmission;
First sending module, for sending certification request to certificate server according to the registration request;
Second receiving module, the authentication result sent for receiving the certificate server according to the certification request;
Confirmation module confirms that server-side succeeds in registration if being that certification passes through for the authentication result;
Second sending module, the service acquisition request for being sent according to user terminal, Xiang Suoshu certificate server sending permission obtain
Take request;
Third receiving module, the authority information sent for receiving the certificate server according to the authority acquiring request;
Third sending module, for being sent service information according to the authority information to the user terminal, so that the user terminal
Service end interface is called to the server-side according to the information on services.
9. a kind of electronic equipment, including memory, processor, be stored in the memory to run on the processor
Computer program, which is characterized in that the processor realizes that the claims 1 to 7 are any when executing the computer program
The step of method described in item.
10. a kind of computer-readable medium for the non-volatile program code that can be performed with processor, which is characterized in that described
Program code makes the processor execute described any the method for claim 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811629666.8A CN109684820A (en) | 2018-12-28 | 2018-12-28 | Service Privileges acquisition methods, device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811629666.8A CN109684820A (en) | 2018-12-28 | 2018-12-28 | Service Privileges acquisition methods, device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109684820A true CN109684820A (en) | 2019-04-26 |
Family
ID=66191014
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811629666.8A Pending CN109684820A (en) | 2018-12-28 | 2018-12-28 | Service Privileges acquisition methods, device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109684820A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111259376A (en) * | 2020-01-17 | 2020-06-09 | 中国平安人寿保险股份有限公司 | Authority configuration method, device, server and storage medium |
| CN111262847A (en) * | 2020-01-13 | 2020-06-09 | 万庆文 | Access client authentication system applied to micro-service architecture |
| CN112287329A (en) * | 2020-10-29 | 2021-01-29 | 平安科技(深圳)有限公司 | Service instance checking method and device, electronic equipment and storage medium |
| CN112910943A (en) * | 2019-12-04 | 2021-06-04 | 华为技术有限公司 | Service providing method, device and system |
| CN113111337A (en) * | 2021-03-29 | 2021-07-13 | 青岛海尔科技有限公司 | Method, device and equipment for sharing access control list |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20030018946A (en) * | 2001-08-31 | 2003-03-06 | 주식회사 아이에이시큐리티 | An authentication and authorization service system |
| CN1937499A (en) * | 2006-10-13 | 2007-03-28 | 清华大学 | Domainname-based unified identification mark and authentication method |
| CN102427451A (en) * | 2011-12-06 | 2012-04-25 | 宁波电业局 | Method and system for acquiring service application |
| CN103984600A (en) * | 2014-05-07 | 2014-08-13 | 丽水桉阳生物科技有限公司 | Financial data processing method based on cloud computing |
| CN105897663A (en) * | 2015-01-26 | 2016-08-24 | 阿里巴巴集团控股有限公司 | Method for determining access authority, device and equipment |
| CN107341925A (en) * | 2017-07-20 | 2017-11-10 | 北京科东电力控制系统有限责任公司 | Electric automobile networked system platform based on micro services and realize charging method |
| CN107911430A (en) * | 2017-11-06 | 2018-04-13 | 上海电机学院 | A kind of micro services infrastructure equipment |
| CN108446111A (en) * | 2018-03-26 | 2018-08-24 | 国家电网公司客户服务中心 | A kind of micro services construction method based on Spring cloud |
| US20180295194A1 (en) * | 2017-04-07 | 2018-10-11 | Microsoft Technology Licensing, Llc | Techniques for supporting remote micro-services as native functions in spreadsheet applications |
| CN108650262A (en) * | 2018-05-09 | 2018-10-12 | 聚龙股份有限公司 | A kind of cloud platform extended method and system based on micro services framework |
| CN108809956A (en) * | 2018-05-23 | 2018-11-13 | 广州虎牙信息科技有限公司 | Method for authenticating, access request retransmission method based on micro services and device, system |
| CN108965442A (en) * | 2018-07-23 | 2018-12-07 | 珠海宏桥高科技有限公司 | A kind of micro services infrastructure services dissemination system and model-based optimization method |
| CN109040122A (en) * | 2018-09-14 | 2018-12-18 | 小雅智能平台(深圳)有限公司 | The method, apparatus and related accessory of a kind of new user's registration and binding service equipment |
-
2018
- 2018-12-28 CN CN201811629666.8A patent/CN109684820A/en active Pending
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20030018946A (en) * | 2001-08-31 | 2003-03-06 | 주식회사 아이에이시큐리티 | An authentication and authorization service system |
| CN1937499A (en) * | 2006-10-13 | 2007-03-28 | 清华大学 | Domainname-based unified identification mark and authentication method |
| CN102427451A (en) * | 2011-12-06 | 2012-04-25 | 宁波电业局 | Method and system for acquiring service application |
| CN103984600A (en) * | 2014-05-07 | 2014-08-13 | 丽水桉阳生物科技有限公司 | Financial data processing method based on cloud computing |
| CN105897663A (en) * | 2015-01-26 | 2016-08-24 | 阿里巴巴集团控股有限公司 | Method for determining access authority, device and equipment |
| US20180295194A1 (en) * | 2017-04-07 | 2018-10-11 | Microsoft Technology Licensing, Llc | Techniques for supporting remote micro-services as native functions in spreadsheet applications |
| CN107341925A (en) * | 2017-07-20 | 2017-11-10 | 北京科东电力控制系统有限责任公司 | Electric automobile networked system platform based on micro services and realize charging method |
| CN107911430A (en) * | 2017-11-06 | 2018-04-13 | 上海电机学院 | A kind of micro services infrastructure equipment |
| CN108446111A (en) * | 2018-03-26 | 2018-08-24 | 国家电网公司客户服务中心 | A kind of micro services construction method based on Spring cloud |
| CN108650262A (en) * | 2018-05-09 | 2018-10-12 | 聚龙股份有限公司 | A kind of cloud platform extended method and system based on micro services framework |
| CN108809956A (en) * | 2018-05-23 | 2018-11-13 | 广州虎牙信息科技有限公司 | Method for authenticating, access request retransmission method based on micro services and device, system |
| CN108965442A (en) * | 2018-07-23 | 2018-12-07 | 珠海宏桥高科技有限公司 | A kind of micro services infrastructure services dissemination system and model-based optimization method |
| CN109040122A (en) * | 2018-09-14 | 2018-12-18 | 小雅智能平台(深圳)有限公司 | The method, apparatus and related accessory of a kind of new user's registration and binding service equipment |
Non-Patent Citations (1)
| Title |
|---|
| 洪华军等: "一种基于微服务架构的业务系统设计与实现", 《计算机与数字工程》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112910943A (en) * | 2019-12-04 | 2021-06-04 | 华为技术有限公司 | Service providing method, device and system |
| CN112910943B (en) * | 2019-12-04 | 2024-03-05 | 华为云计算技术有限公司 | Service providing method, device and system |
| CN111262847A (en) * | 2020-01-13 | 2020-06-09 | 万庆文 | Access client authentication system applied to micro-service architecture |
| CN111259376A (en) * | 2020-01-17 | 2020-06-09 | 中国平安人寿保险股份有限公司 | Authority configuration method, device, server and storage medium |
| CN112287329A (en) * | 2020-10-29 | 2021-01-29 | 平安科技(深圳)有限公司 | Service instance checking method and device, electronic equipment and storage medium |
| CN113111337A (en) * | 2021-03-29 | 2021-07-13 | 青岛海尔科技有限公司 | Method, device and equipment for sharing access control list |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109684820A (en) | Service Privileges acquisition methods, device and electronic equipment | |
| CN108777625B (en) | Signature verification method, device and system, storage medium and electronic device | |
| CN110463164B (en) | System and method for resolving credentials for a device | |
| CN110166409A (en) | Equipment cut-in method, related platform and computer storage medium | |
| CN110365752A (en) | Processing method, device, electronic equipment and the storage medium of business datum | |
| CN106453519A (en) | Interface call method and device | |
| EP2501107B1 (en) | Method and system for providing a session in a heterogeneous environment | |
| US11245577B2 (en) | Template-based onboarding of internet-connectible devices | |
| CN101499995A (en) | Service scheduling method, system and apparatus for service scheduling | |
| US11238448B1 (en) | Efficient network service provisioning | |
| CN108471395A (en) | Realize method, apparatus, cloud computing system and the computer system of certification/mandate | |
| CN109586962A (en) | IPv4 is upgraded to processing unit, method and the electronic equipment of the HTTPS exterior chain problem of IPv6 | |
| CN101548263B (en) | Method and system for modeling options for opaque management data for a user and/or an owner | |
| CN109274705A (en) | Service providing method, apparatus and system based on user identity | |
| CN109104368A (en) | A kind of request connection method, device, server and computer readable storage medium | |
| CN114971827A (en) | Account checking method and device based on block chain, electronic equipment and storage medium | |
| US10205545B2 (en) | Resource creation method and apparatus | |
| CN114221959A (en) | Service sharing method, device and system | |
| CN109213567A (en) | Method and equipment for managing VNF instantiation | |
| US20100222022A1 (en) | Communication method, communication system and access method to service provider base | |
| CN115412294A (en) | Platform service-based access method and device, storage medium and electronic equipment | |
| US11956639B2 (en) | Internet of things device provisioning | |
| CN115422184A (en) | Data acquisition method, device, equipment and storage medium | |
| CN106559454B (en) | Resource access method, device and system | |
| JP5636394B2 (en) | Information processing apparatus, information processing method, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190426 |
|
| RJ01 | Rejection of invention patent application after publication |