CN109815683A - Method for verifying authority and relevant apparatus - Google Patents
Method for verifying authority and relevant apparatus Download PDFInfo
- Publication number
- CN109815683A CN109815683A CN201811640222.4A CN201811640222A CN109815683A CN 109815683 A CN109815683 A CN 109815683A CN 201811640222 A CN201811640222 A CN 201811640222A CN 109815683 A CN109815683 A CN 109815683A
- Authority
- CN
- China
- Prior art keywords
- micro services
- subfunction
- module
- capability identification
- services example
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Facsimiles In General (AREA)
Abstract
The embodiment of the present application discloses a kind of method for verifying authority and relevant apparatus, method includes: to call the first subfunction module in the corresponding multiple subfunction modules of the first micro services example to obtain capability identification by the principal function module when detecting the starting request for the first micro services example;The corresponding second subfunction module of Authority Verification function is called by the first subfunction module, and whether the capability identification according to the second subfunction module verification is effective;When detecting that the capability identification is effective, the first micro services example is executed by the first subfunction module.The embodiment of the present application is conducive to be promoted the convenience of Authority Verification under micro services mode, reduces the lengthy and jumbled degree of Authority Verification code.
Description
Technical field
This application involves electronic technology fields, and in particular to a kind of method for verifying authority and relevant apparatus.
Background technique
With the rise of micro services framework, authentication and authentication facing challenges under traditional monomer applications scene are got over
Come bigger.Under monomer applications system, using being an entirety, authorization check can be all carried out generally directed to all requests.
And under micro services framework, an application can be split into several micro- applications, and each micro- application is required to access
It is authenticated, each micro- application requires clear current accessed user and its permission, needs to be implanted into generation in each micro services
Code goes to obtain authority information, leads to code redundancy, and invades business big, it is seen then that the authentication mode under monomer applications framework is just
It is not especially suitable.
Summary of the invention
The embodiment of the present application provides a kind of method for verifying authority and relevant apparatus, to promote permission under micro services mode
The convenience of verifying reduces the lengthy and jumbled degree of Authority Verification code.
In a first aspect, the embodiment of the present application provides a kind of method for verifying authority, it is applied to electronic equipment, the electronic equipment
On destination application is installed, the destination application includes principal function module and multiple subfunction modules, the method
Include:
When detecting the starting request for the first micro services example, described first is called by the principal function module
The first subfunction module in the corresponding multiple subfunction modules of micro services example obtains capability identification;
The corresponding second subfunction module of Authority Verification function is called by the first subfunction module, and according to described
Whether capability identification described in the second subfunction module verification is effective;
When detecting that the capability identification is effective, it is pragmatic in incognito that described first is executed by the first subfunction module
Example.
Second aspect, the embodiment of the present application provide a kind of Authority Verification device, are applied to electronic equipment, the electronic equipment
On destination application is installed, the destination application includes principal function module and multiple subfunction modules, the permission
Verifying device includes acquiring unit, authentication unit and execution unit, wherein
The acquiring unit, for passing through the main letter when detecting the starting request for the first micro services example
Digital-to-analogue block calls the first subfunction module in the corresponding multiple subfunction modules of the first micro services example to obtain power
Limit mark;
The authentication unit, for calling the corresponding second sub- letter of Authority Verification function by the first subfunction module
Digital-to-analogue block, and whether the capability identification according to the second subfunction module verification is effective;
The execution unit, for being held by the first subfunction module when detecting that the capability identification is effective
Row the first micro services example.
The third aspect, the embodiment of the present application provide a kind of electronic equipment, including processor, memory, communication interface and
One or more programs, wherein said one or multiple programs are stored in above-mentioned memory, and are configured by above-mentioned
It manages device to execute, above procedure is included the steps that for executing the instruction in the embodiment of the present application first aspect either method.
Fourth aspect, the embodiment of the present application provide a kind of computer readable storage medium, wherein above-mentioned computer-readable
Storage medium storage is used for the computer program of electronic data interchange, wherein above-mentioned computer program executes computer such as
Step some or all of described in the embodiment of the present application first aspect either method.
5th aspect, the embodiment of the present application provide a kind of computer program product, wherein above-mentioned computer program product
Non-transient computer readable storage medium including storing computer program, above-mentioned computer program are operable to make to calculate
Machine executes the step some or all of as described in the embodiment of the present application first aspect either method.The computer program product
It can be a software installation packet.
As can be seen that in the embodiment of the present application, electronic equipment is first when detecting the starting for the first micro services example
When request, in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
One subfunction module obtains capability identification, then, calls Authority Verification function corresponding the by the first subfunction module
Two subfunction modules, and whether the capability identification according to the second subfunction module verification is effective, finally, when detecting institute
State capability identification it is effective when, pass through the first subfunction module and execute the first micro services example.As it can be seen that electronic equipment exists
Under micro services framework, the code that Authority Verification is added in the subfunction module of each micro services is not needed, only is needing to verify
When interception capability identification call the submodule of Authority Verification function to be verified, the verifying of each micro services application permission can be exempted
Code, advantageously reduce the lengthy and jumbled degree of each micro services application code, promote the convenience of Authority Verification under micro services mode.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of application for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is a kind of configuration diagram of micro services framework provided by the embodiments of the present application;
Fig. 2 is a kind of flow diagram of method for verifying authority provided by the embodiments of the present application;
Fig. 3 is the flow diagram of another method for verifying authority provided by the embodiments of the present application;
Fig. 4 is the flow diagram of another method for verifying authority provided by the embodiments of the present application;
Fig. 5 is the structural schematic diagram of a kind of electronic equipment provided by the embodiments of the present application;
Fig. 6 is a kind of functional unit composition block diagram of Authority Verification device provided by the embodiments of the present application.
Specific embodiment
In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present application
Attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only
Some embodiments of the present application, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art
Every other embodiment obtained without creative efforts, shall fall in the protection scope of this application.
The description and claims of this application and term " first " in above-mentioned attached drawing, " second " etc. are for distinguishing
Different objects, are not use to describe a particular order.In addition, term " includes " and " having " and their any deformations, it is intended that
It is to cover and non-exclusive includes.Such as the process, method, system, product or equipment for containing a series of steps or units do not have
It is defined in listed step or unit, but optionally further comprising the step of not listing or unit, or optionally also wrap
Include other step or units intrinsic for these process, methods, product or equipment.
Referenced herein " embodiment " is it is meant that a particular feature, structure, or characteristic described can wrap in conjunction with the embodiments
It is contained at least one embodiment of the application.Each position in the description occur the phrase might not each mean it is identical
Embodiment, nor the independent or alternative embodiment with other embodiments mutual exclusion.Those skilled in the art explicitly and
Implicitly understand, embodiment described herein can be combined with other embodiments.
Electronic equipment involved by the embodiment of the present application may include various handheld devices, mobile unit, wearable set
It is standby, calculate equipment or be connected to radio modem other processing equipments and various forms of user equipment (User
Equipment, UE), mobile station (Mobile Station, MS), electronic equipment (terminal device) etc..
It describes in detail with reference to the accompanying drawing to the embodiment of the present application.
The purpose of micro services architecture mode (Microservices Architecture Pattern) is will be large-scale, multiple
Miscellaneous, long-term running application builds are one group of mutually matched service, and each service can be readily available part
Improvement.
In brief, micro services framework is a kind of method for developing single utility program as a set of small service, every kind
Application program is all run in the process of their own, and (the application program editor of usually http resource connects with lightweight mechanism
Mouth (Application Programming Interface, API)) it is communicated.These services are constructed around business function
, independent deployment can be carried out by full-automatic deployment mechanisms.These service centralized managements be it is least, they can
To be write with different programming languages, and use different data storage technologies.
Framework based on micro services can have 5 to 100 or more services.It can be outside in API gateway use
Consumer provides unified entrance, and unrelated with the quantity of internal micro services and composition, for example, as shown in Figure 1, being based on
Micro services framework applies A, this is made of using A multiple micro services applications, and each micro services correspond to this using function different in A
Can, it specifically can be the corresponding function of 1 corresponding function 1 of micro services, 2 corresponding function 2 of micro services, 3 corresponding function 3 of micro services, micro services 4
Energy 4,5 corresponding function 5 of micro services etc., each micro services can be designed by different design teams and be completed, that is to say, that Mei Gewei
It is independent between service, and each micro services can be used different programming languages and write.
It describes in detail below to the embodiment of the present invention.
Referring to Fig. 2, Fig. 2 is that the embodiment of the present application provides a kind of flow diagram of method for verifying authority, it is applied to
Electronic equipment, is equipped with destination application on the electronic equipment, and the destination application includes principal function module and more
A sub- function module, as shown, this method for verifying authority includes:
S201, electronic equipment pass through the principal function mould when detecting the starting request for the first micro services example
Block calls the first subfunction module in the corresponding multiple subfunction modules of the first micro services example to obtain permission mark
Know.
Wherein, the first micro services example is that the corresponding object of any function, the electronics are set in destination application
The standby specific implementation requested when the starting detected for the first micro services example can be electronic equipment and detect use
Family is directed to the selection operation of the first micro services example, which can be touch control operation, voice operating etc., do not limit herein
It is fixed.
Wherein, capability identification Token, principal function module and multiple subfunction modules, which belong to, to be called and called pass
System.
S202, the electronic equipment call the corresponding second sub- letter of Authority Verification function by the first subfunction module
Digital-to-analogue block, and whether the capability identification according to the second subfunction module verification is effective.
Wherein, under micro services framework, the corresponding individual micro services application of Authority Verification program, without every
Identical Authority Verification program is added in a others micro services application, micro services application corresponds to the second subfunction module,
The Authority Verification function of the second subfunction module can verify the validity of any Token.
S203, the electronic equipment are held when detecting that the capability identification is effective by the first subfunction module
Row the first micro services example.
Wherein, the capability identification verifies starting request for the first subfunction module, that is, works as verifying
When success, it was demonstrated that destination application has the permission for calling and accessing the first micro services Instance Interface, then jumps entrance
The corresponding function pages of first micro services example do not execute this and jump response, corresponding first subfunction if authentication failed
Module can with feedback validation failure news to principal function module when, principal function module can the page before jumping show and jump
Turn the information such as unsuccessfully.
As can be seen that in the embodiment of the present application, electronic equipment is first when detecting the starting for the first micro services example
When request, in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
One subfunction module obtains capability identification, then, calls Authority Verification function corresponding the by the first subfunction module
Two subfunction modules, and whether the capability identification according to the second subfunction module verification is effective, finally, when detecting institute
State capability identification it is effective when, pass through the first subfunction module and execute the first micro services example.As it can be seen that electronic equipment exists
Under micro services framework, the code that Authority Verification is added in the subfunction module of each micro services is not needed, only is needing to verify
When interception capability identification call the submodule of Authority Verification function to be verified, the verifying of each micro services application permission can be exempted
Code, advantageously reduce the lengthy and jumbled degree of each micro services application code, promote the convenience of Authority Verification under micro services mode.
In a possible example, it is described detect for the first micro services example starting request before, the side
Method further include:
When detecting the logging request for destination application, the login is obtained by the principal function module and is asked
Login banner in asking;
When receiving the message that server is proved to be successful the login banner, the destination application is logged in;
The capability identification from the server is received by the principal function module, the capability identification is described
The capability identification that server is pre-configured according to the login banner.
Wherein, different destination applications corresponds to different servers, and the capability identification is server distribution, i.e.,
Server goes to obtain capability identification, the i.e. corresponding power of an account according to user name when login user name and password
Limit ident value.
Wherein, the principal function module stores the capability identification when receiving the capability identification.
As it can be seen that electronic equipment can be obtained for login mark when logging in destination application from server in this example
Know exclusive capability identification, and store the capability identification, when being conducive to promote other micro services access rights mark, obtains permission
The convenience of mark.
In a possible example, it is described detect for the first micro services example starting request after, the side
Method further include:
The corresponding first subfunction module of the first micro services example is called by the principal function module;
Blocker and fuse are preloaded by the first subfunction module, the blocker is used for the described first sub- letter
Digital-to-analogue block obtains the capability identification, and the fuse is for making third subfunction module obtain the capability identification, and described the
The corresponding second micro services example of three subfunction modules is independently of the first micro services example.
Wherein, blocker is used for before some method or field are accessed, intercept and then is added before or after it
Enter certain operations, herein, the first subfunction module preloads blocker, and blocker is made to execute corresponding the in the first subfunction
Capability identification is obtained before one micro services example.
Wherein, fuse is rewriteable fuse, realizes that interface rewrites its method by configuring a processing class, to third
Function passes capability identification.
Wherein, the corresponding second micro services example of the third subfunction module is independently of the first micro services example,
That is the second micro services example and the first micro services example are two incoherent micro services of independence, it can be understood as it is micro- to execute second
The thread of Service Instance and the thread for executing the first micro services example are non-same thread.
As it can be seen that electronic equipment is after calling the first subfunction module by principal function, the first subfunction mould in this example
Block can pre-loaded blocker and fuse, rather than loaded after blocker and fuse, had again needing to use
Conducive to the timeliness for promoting Authority Verification.
In a possible example, it is described by the first subfunction module execute the first micro services example it
Afterwards, the method also includes:
When detecting the starting request for third micro services example, the third micro services example and described the are determined
First relationship of one micro services example;
The first subfunction module is called according to first relationship capability identification to be sent to the third micro-
The corresponding 4th subfunction module of Service Instance;
The capability identification is obtained by the 4th subfunction module, and by calling the second subfunction module to test
Whether effective demonstrate,prove the capability identification;
When detecting that the capability identification is effective, it is pragmatic in incognito that the third is executed by the 4th subfunction module
Example.
Wherein, first relationship includes mutually independent relationship and subordinate relation, and the subordinate relation, i.e., two in incognito
Pragmatic example belongs to the micro services example of same thread progress.
Wherein, the first subfunction module can be according to the first different relationships, by different methods to the 4th subfunction mould
Block sends the capability identification, and the method is preset in the first subfunction module.
As it can be seen that electronic equipment detects that other are pragmatic in incognito in the case where executing the first micro services example in this example
When the starting request of example, is identified, be conducive to according to the corresponding relationship sending permission of the micro services example and the first micro services example
It ensures the available capability identification of any micro services example, improves the protection of Authority Verification.
In this possible example, first relationship is that the third micro services example is subordinated to described first in incognito
Pragmatic example, it is described to call the first subfunction module that the capability identification is sent to the third according to first relationship
The corresponding 4th subfunction module of micro services example, comprising:
When first relationship is subordinate relation, call the first subfunction module into the principal function module
F client injects the capability identification;
The power is sent to the corresponding 4th subfunction module of the third micro services example by the F client
Limit mark.
Wherein, F client, i.e. Feign are a statement web services clients, this is than writing web services client more
It is convenient, an interface is created using Feign, and only need to be defined with the method for annotation to configure, can be completed to clothes
The interface binding of business provider, simplifies the exploitation amount that client is called in voluntarily packing service.
Wherein, the first subfunction module can be by interface that F client creates to the 4th subfunction module sending permission
Mark.
Wherein, it is sent by the F client to the corresponding 4th subfunction module of the third micro services example
The capability identification can be and capability identification is arranged to the head of http request, provides permission school for the 4th subfunction module
The foundation tested.
As it can be seen that in this example, electronic equipment, can be directly by F client to the when the first relationship is subordinate relation
Four subfunction module sending permissions mark, and F client is the mode of annotation, and it is superfluous to advantageously reduce third micro services example code
Miscellaneous degree avoids the code intrusion to third micro services example.
In a possible example, first relationship be the third micro services example independently of described first in incognito
Pragmatic example, it is described to call the first subfunction module that the capability identification is sent to the third according to first relationship
The corresponding 4th subfunction module of micro services example, comprising:
When first relationship is independence, the preset strategy of calling the first subfunction module to pass through fuse
The capability identification is transmitted to the corresponding 4th subfunction module of the third micro services example, makes the 4th subfunction module
To realize that be subordinated to the third by the F client terminal start-up micro- by way of injecting the capability identification to F client
Multiple micro services examples of Service Instance.
Wherein, the first subfunction module is by the preset strategy of fuse to the third micro services example the corresponding 4th
The specific implementation that subfunction module transmits the capability identification, which can be, creates an interface by rewriteable fuse, passes through
The interface transmits capability identification to the 4th subfunction module, wherein preset strategy can be the isolation strategy of rewriteable fuse.
It wherein, can when needing while starting is in the first micro services example and third micro services example of independence
The capability identification transmitting between non-two micro services examples of same thread is realized with the isolation strategy by rewriteable fuse.
As it can be seen that electronic equipment needs to start with first in incognito during the first micro services example executes in this example
When pragmatic example is not belonging to the third micro services example of same thread, the 4th subfunction is realized by the isolation strategy of rewriteable fuse
Module obtains capability identification, is conducive to promote each micro services example Authority Verification and starting reliability.
It is described to call the first micro services example corresponding by the principal function module in a possible example
The first subfunction module in multiple subfunction modules obtains capability identification, comprising:
It is called in the corresponding multiple subfunction modules of the first micro services example by the principal function module
First subfunction module obtains the request header of the starting request for the first micro services example;
Determine the capability identification in the request header.
Wherein, the request header is http request head.
As it can be seen that in this example, when electronic equipment needs to start the first micro services example, by the first subfunction it is only necessary to
The request header for obtaining starting request can both obtain the capability identification, be conducive to be promoted under micro services framework, each micro services power
Limit the realizability and convenience of verifying.
For above-mentioned embodiment shown in Fig. 2, a kind of specific embodiment of illustrating is illustrated, wherein target application journey
Sequence is application program A, and application program A includes micro services example 1, micro services example 2, Authority Verification micro services, micro services example 1
Including sub-instance 3, micro services example 2 includes sub-instance 4, when user's login application program A inputs account and password, server
During determining whether successful log by account and password while assigning the account corresponding capability identification, when detecting
For micro services example 1 starting request when, corresponding first subfunction of micro services example 1 by request header acquisition permission mark
When knowing, while preloading blocker and fuse, and identifying effective by calling Authority Verification micro services verifying authorization, execute micro-
Service Instance 1, and it is divided into two kinds of situations when executing micro services example 1, situation one: when detecting the starting request of sub-instance 3,
By calling F client of the first subfunction module into the principal function module to inject the capability identification, and pass through F
Client sends the capability identification to the corresponding subfunction module of sub-instance 3, makes the corresponding subfunction module of sub-instance 3 can be with
It calls Authority Verification micro services verify to capability identification and then executes sub-instance 3;Situation two: micro services example 2 is detected
Starting request when, pass through F client of the isolation strategy into the corresponding subfunction module of micro services example 2 of rewriteable fuse
The capability identification is injected, and the capability identification is sent to the corresponding subfunction module of sub-instance 3 by F client, is made micro-
The corresponding subfunction module of Service Instance 2 can call Authority Verification micro services verify to capability identification and then execute in incognito
Pragmatic example 2, and during executing micro services example 2, it can equally be divided into above-mentioned two situations, this will not be repeated here.
It is consistent with above-mentioned embodiment shown in Fig. 2, referring to Fig. 3, Fig. 3 is a kind of permission provided by the embodiments of the present application
The flow diagram of verification method is applied to electronic equipment, is equipped with destination application, the target on the electronic equipment
Application program includes principal function module and multiple subfunction modules, as shown, this method for verifying authority includes:
S301, electronic equipment pass through the principal function module when detecting the logging request for destination application
Obtain the login banner in the logging request.
S302, the electronic equipment log in institute when receiving the message that server is proved to be successful the login banner
State destination application.
S303, the electronic equipment receives the capability identification from the server by the principal function module, described
Capability identification is the capability identification that the server is pre-configured according to the login banner.
S304, the electronic equipment pass through the main letter when detecting the starting request for the first micro services example
Digital-to-analogue block calls the first subfunction module in the corresponding multiple subfunction modules of the first micro services example to obtain institute
State capability identification.
S305, the electronic equipment call the corresponding second sub- letter of Authority Verification function by the first subfunction module
Digital-to-analogue block, and whether the capability identification according to the second subfunction module verification is effective.
S306, the electronic equipment are held when detecting that the capability identification is effective by the first subfunction module
Row the first micro services example.
S307, the electronic equipment determine the third when detecting the starting request for third micro services example
First relationship of micro services example and the first micro services example.
S308, the electronic equipment when first relationship is subordinate relation, call the first subfunction module to
F client in the principal function module injects the capability identification.
S309, the electronic equipment is by the F client to corresponding 4th subfunction of the third micro services example
Module sends the capability identification.
S310, the electronic equipment obtain the capability identification by the 4th subfunction module, and by calling institute
Whether effective state capability identification described in the second subfunction module verification.
S311, the electronic equipment are held when detecting that the capability identification is effective by the 4th subfunction module
The row third micro services example.
As can be seen that in the embodiment of the present application, electronic equipment is first when detecting the starting for the first micro services example
When request, in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
One subfunction module obtains capability identification, then, calls Authority Verification function corresponding the by the first subfunction module
Two subfunction modules, and whether the capability identification according to the second subfunction module verification is effective, finally, when detecting institute
State capability identification it is effective when, pass through the first subfunction module and execute the first micro services example.As it can be seen that electronic equipment exists
Under micro services framework, the code that Authority Verification is added in the subfunction module of each micro services is not needed, only is needing to verify
When interception capability identification call the submodule of Authority Verification function to be verified, the verifying of each micro services application permission can be exempted
Code, advantageously reduce the lengthy and jumbled degree of each micro services application code, promote the convenience of Authority Verification under micro services mode.
In addition, electronic equipment when logging in destination application, can obtain exclusive for login banner from server
Capability identification, and the capability identification is stored, when being conducive to promote other micro services access rights mark, obtain capability identification just
Victory.
In addition, electronic equipment detects the starting of other micro services examples in the case where executing the first micro services example
It when request, is identified according to the corresponding relationship sending permission of the micro services example and the first micro services example, is conducive to ensure any
The available capability identification of micro services example, improves the protection of Authority Verification, and electronic equipment the first relationship be from
When category relationship, can directly it be identified by F client to the 4th subfunction module sending permission, and F client is the side of annotation
Formula advantageously reduces the lengthy and jumbled degree of third micro services example code, avoids the code intrusion to third micro services example.
It is consistent with above-mentioned embodiment shown in Fig. 2, referring to Fig. 4, Fig. 4 is a kind of permission provided by the embodiments of the present application
The flow diagram of verification method is applied to electronic equipment, is equipped with destination application, the target on the electronic equipment
Application program includes principal function module and multiple subfunction modules, as shown, this method for verifying authority includes:
S401, electronic equipment pass through the principal function mould when detecting the starting request for the first micro services example
Block calls the first subfunction module in the corresponding multiple subfunction modules of the first micro services example.
S402, the electronic equipment preload blocker and fuse, the interception by the first subfunction module
Device obtains capability identification for the first subfunction module, and the fuse is for making third subfunction module obtain the power
Limit mark, the corresponding second micro services example of the third subfunction module is independently of the first micro services example.
S403, the electronic equipment call the first subfunction module to obtain by the blocker and are directed to described first
The request header of the starting request of micro services example.
S404, the electronic equipment determine the capability identification in the request header.
S405, the electronic equipment call the corresponding second sub- letter of Authority Verification function by the first subfunction module
Digital-to-analogue block, and whether the capability identification according to the second subfunction module verification is effective.
S406, the electronic equipment are held when detecting that the capability identification is effective by the first subfunction module
Row the first micro services example.
As can be seen that in the embodiment of the present application, electronic equipment is first when detecting the starting for the first micro services example
When request, in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
One subfunction module obtains capability identification, then, calls Authority Verification function corresponding the by the first subfunction module
Two subfunction modules, and whether the capability identification according to the second subfunction module verification is effective, finally, when detecting institute
State capability identification it is effective when, pass through the first subfunction module and execute the first micro services example.As it can be seen that electronic equipment exists
Under micro services framework, the code that Authority Verification is added in the subfunction module of each micro services is not needed, only is needing to verify
When interception capability identification call the submodule of Authority Verification function to be verified, the verifying of each micro services application permission can be exempted
Code, advantageously reduce the lengthy and jumbled degree of each micro services application code, promote the convenience of Authority Verification under micro services mode.
In addition, electronic equipment, after calling the first subfunction module by principal function, the first subfunction module can be preparatory
Blocker and fuse are loaded, rather than is needing to be loaded again after using blocker and fuse, is conducive to be promoted
The timeliness of Authority Verification.
In addition, by the first subfunction, it is only necessary to obtain starting when electronic equipment needs to start the first micro services example
The request header of request can both obtain the capability identification, be conducive to be promoted under micro services framework, each micro services Authority Verification
Realizability and convenience.
It is consistent with above-mentioned Fig. 2, Fig. 3, embodiment shown in Fig. 4, referring to Fig. 5, Fig. 5 is provided by the embodiments of the present application
The structural schematic diagram of a kind of electronic equipment 500 is equipped with destination application, the target application on the electronic equipment 500
Program includes principal function module and multiple subfunction modules, as shown in figure 5, the electronic equipment 500 includes application processor
510, memory 520, communication interface 530 and one or more programs 521, wherein one or more of programs 521 are deposited
Storage is configured to be executed by above-mentioned application processor 510 in above-mentioned memory 520, and one or more of programs 521 are wrapped
Include the instruction for executing following steps:
When detecting the starting request for the first micro services example, described first is called by the principal function module
The first subfunction module in the corresponding multiple subfunction modules of micro services example obtains capability identification;
The corresponding second subfunction module of Authority Verification function is called by the first subfunction module, and according to described
Whether capability identification described in the second subfunction module verification is effective;
When detecting that the capability identification is effective, it is pragmatic in incognito that described first is executed by the first subfunction module
Example.
As can be seen that in the embodiment of the present application, electronic equipment is first when detecting the starting for the first micro services example
When request, in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
One subfunction module obtains capability identification, then, calls Authority Verification function corresponding the by the first subfunction module
Two subfunction modules, and whether the capability identification according to the second subfunction module verification is effective, finally, when detecting institute
State capability identification it is effective when, pass through the first subfunction module and execute the first micro services example.As it can be seen that electronic equipment exists
Under micro services framework, the code that Authority Verification is added in the subfunction module of each micro services is not needed, only is needing to verify
When interception capability identification call the submodule of Authority Verification function to be verified, the verifying of each micro services application permission can be exempted
Code, advantageously reduce the lengthy and jumbled degree of each micro services application code, promote the convenience of Authority Verification under micro services mode.
In a possible example, one or more of programs 521 further include the instruction for executing following steps:
It is described detect the starting request for the first micro services example before, when detecting the logging request for destination application
When, the login banner in the logging request is obtained by the principal function module;And it is stepped on when receiving server to described
When recording the successful message of identity verification, the destination application is logged in;And it is received by the principal function module and comes from institute
The capability identification of server is stated, the capability identification is the permission mark that the server is pre-configured according to the login banner
Know.
In a possible example, one or more of programs 521 further include the instruction for executing following steps:
It is described detect the starting request for the first micro services example after, called described first in incognito by the principal function module
The corresponding first subfunction module of pragmatic example;And blocker and fuse, institute are preloaded by the first subfunction module
It states blocker and obtains the capability identification for the first subfunction module, the fuse is for making third subfunction module
Obtain the capability identification, the corresponding second micro services example of the third subfunction module is pragmatic in incognito independently of described first
Example.
In a possible example, one or more of programs 521 further include the instruction for executing following steps:
It is pragmatic in incognito for third when detecting after the first micro services example by the first subfunction module execution
When the starting request of example, the first relationship of the third micro services example Yu the first micro services example is determined;And it calls
The capability identification is sent to the third micro services example according to first relationship and corresponded to by the first subfunction module
The 4th subfunction module;And the capability identification is obtained by the 4th subfunction module, and by calling described the
Whether capability identification described in two subfunction module verifications is effective;And when detecting that the capability identification is effective, by described
4th subfunction module executes the third micro services example.
In this possible example, first relationship is that the third micro services example is subordinated to described first in incognito
Pragmatic example calls the first subfunction module that the capability identification is sent to described the according to first relationship described
In terms of the corresponding 4th subfunction module of three micro services examples, the instruction in one or more of programs 521 is specifically used for holding
The following operation of row: when first relationship is subordinate relation, call the first subfunction module to the principal function module
In F client inject the capability identification;And for corresponding to the third micro services example by the F client
The 4th subfunction module sends the capability identification.
In a possible example, first relationship be the third micro services example independently of described first in incognito
Pragmatic example calls the first subfunction module that the capability identification is sent to described the according to first relationship described
In terms of the corresponding 4th subfunction module of three micro services examples, the instruction in one or more of programs 521 is specifically used for holding
The following operation of row: when first relationship is independence, the first subfunction module is called to pass through the default of fuse
Strategy sends the capability identification to the corresponding 4th subfunction module of the third micro services example, makes the 4th subfunction
Module is realized by way of injecting the capability identification to F client is subordinated to described by the F client terminal start-up
Multiple micro services examples of three micro services examples.
In a possible example, call the first micro services example corresponding by the principal function module described
Multiple subfunction modules in the first subfunction module obtain capability identification in terms of, one or more of programs 521
In instruction be specifically used for executing following operation: call the first micro services example corresponding more by the principal function module
The first subfunction module in a subfunction module obtains the request of the starting request for the first micro services example
Head;And for determining the capability identification in the request header.
It is above-mentioned that mainly the scheme of the embodiment of the present application is described from the angle of method side implementation procedure.It is understood that
, in order to realize the above functions, it comprises execute the corresponding hardware configuration of each function and/or software mould for electronic equipment
Block.Those skilled in the art should be readily appreciated that, in conjunction with each exemplary unit of embodiment description presented herein
And algorithm steps, the application can be realized with the combining form of hardware or hardware and computer software.Some function actually with
Hardware or computer software drive the mode of hardware to execute, the specific application and design constraint item depending on technical solution
Part.Professional technician can specifically realize described function to each using distinct methods, but this reality
Now it is not considered that exceeding scope of the present application.
The embodiment of the present application can carry out the division of functional unit according to above method example to electronic equipment, for example, can
With each functional unit of each function division of correspondence, two or more functions can also be integrated in a processing unit
In.Above-mentioned integrated unit both can take the form of hardware realization, can also realize in the form of software functional units.It needs
It is noted that be schematical, only a kind of logical function partition to the division of unit in the embodiment of the present application, it is practical real
It is current that there may be another division manner.
Fig. 6 is the functional unit composition block diagram of Authority Verification device 600 involved in the embodiment of the present application.The permission is tested
Card device 600 is applied to electronic equipment, is equipped with destination application on the electronic equipment, the destination application includes
Principal function module and multiple subfunction modules, the Authority Verification device 600 include acquiring unit 601, authentication unit 602 and execute
Unit 603, in which:
The acquiring unit 601, for passing through the master when detecting the starting request for the first micro services example
Function module calls the first subfunction module in the corresponding multiple subfunction modules of the first micro services example to obtain
Capability identification;
The authentication unit 602, for calling Authority Verification function corresponding second by the first subfunction module
Subfunction module, and whether the capability identification according to the second subfunction module verification is effective;
The execution unit 603, for passing through the first subfunction module when detecting that the capability identification is effective
Execute the first micro services example.
As can be seen that in the embodiment of the present application, electronic equipment is first when detecting the starting for the first micro services example
When request, in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
One subfunction module obtains capability identification, then, calls Authority Verification function corresponding the by the first subfunction module
Two subfunction modules, and whether the capability identification according to the second subfunction module verification is effective, finally, when detecting institute
State capability identification it is effective when, pass through the first subfunction module and execute the first micro services example.As it can be seen that electronic equipment exists
Under micro services framework, the code that Authority Verification is added in the subfunction module of each micro services is not needed, only is needing to verify
When interception capability identification call the submodule of Authority Verification function to be verified, the verifying of each micro services application permission can be exempted
Code, advantageously reduce the lengthy and jumbled degree of each micro services application code, promote the convenience of Authority Verification under micro services mode.
In a possible example, the acquiring unit 601 detects opening for the first micro services example described
It before dynamic request, is also used to: when detecting the logging request for destination application, being obtained by the principal function module
Login banner in the logging request;
The execution unit 603 is also used to: when receiving the message that server is proved to be successful the login banner, being stepped on
Record the destination application;And the capability identification from the server, institute are received by the principal function module
Stating capability identification is the capability identification that the server is pre-configured according to the login banner.
In a possible example, the execution unit 603 detects opening for the first micro services example described
It after dynamic request, is also used to: the corresponding first subfunction mould of the first micro services example is called by the principal function module
Block;And blocker and fuse are preloaded by the first subfunction module, the blocker is used for the described first sub- letter
Digital-to-analogue block obtains the capability identification, and the fuse is for making third subfunction module obtain the capability identification, and described the
The corresponding second micro services example of three subfunction modules is independently of the first micro services example.
In a possible example, the execution unit 603 executes institute by the first subfunction module described
It after stating the first micro services example, is also used to: when detecting the starting request for third micro services example, determining described the
First relationship of three micro services examples and the first micro services example;And call the first subfunction module according to
The capability identification is sent to the corresponding 4th subfunction module of the third micro services example by the first relationship;
The acquiring unit 601 is also used to: obtaining the capability identification by the 4th subfunction module;
The authentication unit 602 is also used to: by whether calling capability identification described in the second subfunction module verification
Effectively;
The execution unit 603 is also used to: when detecting that the capability identification is effective, passing through the 4th subfunction mould
Block executes the third micro services example.
In this possible example, first relationship is that the third micro services example is subordinated to described first in incognito
Pragmatic example calls the first subfunction module that the capability identification is sent to described the according to first relationship described
In terms of the corresponding 4th subfunction module of three micro services examples, the execution unit 603 is specifically used for: when first relationship is
When subordinate relation, F client of the first subfunction module into the principal function module is called to inject the capability identification;
And for sending the power to the corresponding 4th subfunction module of the third micro services example by the F client
Limit mark.
In a possible example, first relationship be the third micro services example independently of described first in incognito
Pragmatic example calls the first subfunction module that the capability identification is sent to described the according to first relationship described
In terms of the corresponding 4th subfunction module of three micro services examples, the execution unit 603 is specifically used for: when first relationship is
When independence, call the first subfunction module corresponding to the third micro services example by the preset strategy of fuse
The 4th subfunction module send the capability identification, make the 4th subfunction module by injecting the power to F client
The mode of limit mark is subordinated to the multiple pragmatic in incognito of the third micro services example by the F client terminal start-up to realize
Example.
In a possible example, call the first micro services example corresponding by the principal function module described
Multiple subfunction modules in the first subfunction module obtain capability identification in terms of, the acquiring unit 601 is specifically used
In: the first son in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
Function module obtains the request header of the starting request for the first micro services example;And for determining in the request header
The capability identification.
Wherein, acquiring unit 601 and execution unit 603 can be processor, communication interface or transceiver, authentication unit
602 can be processor.
The embodiment of the present application also provides a kind of computer storage medium, wherein computer storage medium storage is for electricity
The computer program of subdata exchange, the computer program make computer execute any as recorded in above method embodiment
Some or all of method step, above-mentioned computer include electronic equipment.
The embodiment of the present application also provides a kind of computer program product, and above-mentioned computer program product includes storing calculating
The non-transient computer readable storage medium of machine program, above-mentioned computer program are operable to that computer is made to execute such as above-mentioned side
Some or all of either record method step in method embodiment.The computer program product can be a software installation
Packet, above-mentioned computer includes electronic equipment.
It should be noted that for the various method embodiments described above, for simple description, therefore, it is stated as a series of
Combination of actions, but those skilled in the art should understand that, the application is not limited by the described action sequence because
According to the application, some steps may be performed in other sequences or simultaneously.Secondly, those skilled in the art should also know
It knows, the embodiments described in the specification are all preferred embodiments, related actions and modules not necessarily the application
It is necessary.
In the above-described embodiments, it all emphasizes particularly on different fields to the description of each embodiment, there is no the portion being described in detail in some embodiment
Point, reference can be made to the related descriptions of other embodiments.
In several embodiments provided herein, it should be understood that disclosed device, it can be by another way
It realizes.For example, the apparatus embodiments described above are merely exemplary, such as the division of said units, it is only a kind of
Logical function partition, there may be another division manner in actual implementation, such as multiple units or components can combine or can
To be integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual
Coupling, direct-coupling or communication connection can be through some interfaces, the indirect coupling or communication connection of device or unit,
It can be electrical or other forms.
Above-mentioned unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of software functional units.
If above-mentioned integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can store in a computer-readable access to memory.Based on this understanding, the technical solution of the application substantially or
Person says that all or part of the part that contributes to existing technology or the technical solution can body in the form of software products
Reveal and, which is stored in a memory, including some instructions are used so that a computer equipment
(can be personal computer, server or network equipment etc.) executes all or part of each embodiment above method of the application
Step.And memory above-mentioned includes: USB flash disk, read-only memory (ROM, Read-Only Memory), random access memory
The various media that can store program code such as (RAM, Random Access Memory), mobile hard disk, magnetic or disk.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of above-described embodiment is can
It is completed with instructing relevant hardware by program, which can store in a computer-readable memory, memory
May include: flash disk, read-only memory (English: Read-Only Memory, referred to as: ROM), random access device (English:
Random Access Memory, referred to as: RAM), disk or CD etc..
The embodiment of the present application is described in detail above, specific case used herein to the principle of the application and
Embodiment is expounded, the description of the example is only used to help understand the method for the present application and its core ideas;
At the same time, for those skilled in the art can in specific embodiments and applications according to the thought of the application
There is change place, in conclusion the contents of this specification should not be construed as limiting the present application.
Claims (10)
1. a kind of method for verifying authority, which is characterized in that be applied to electronic equipment, be equipped with target application on the electronic equipment
Program, the destination application include principal function module and multiple subfunction modules, which comprises
When detecting the starting request for the first micro services example, in incognito by principal function module calling described first
The first subfunction module in the corresponding multiple subfunction modules of pragmatic example obtains capability identification;
The corresponding second subfunction module of Authority Verification function is called by the first subfunction module, and according to described second
Whether capability identification described in subfunction module verification is effective;
When detecting that the capability identification is effective, the first micro services example is executed by the first subfunction module.
2. the method according to claim 1, wherein described detect that the starting for the first micro services example is asked
Before asking, the method also includes:
When detecting the logging request for destination application, obtained in the logging request by the principal function module
Login banner;
When receiving the message that server is proved to be successful the login banner, the destination application is logged in;
The capability identification from the server is received by the principal function module, the capability identification is the service
The capability identification that device is pre-configured according to the login banner.
3. method according to claim 1 or 2, which is characterized in that described to detect opening for the first micro services example
After dynamic request, the method also includes:
The corresponding first subfunction module of the first micro services example is called by the principal function module;
Blocker and fuse are preloaded by the first subfunction module, the blocker is used for the first subfunction mould
Block obtains the capability identification, and the fuse is for making third subfunction module obtain the capability identification, third
The corresponding second micro services example of function module is independently of the first micro services example.
4. the method according to claim 1, wherein described execute described the by the first subfunction module
After one micro services example, the method also includes:
When detecting the starting request for third micro services example, the third micro services example and described first micro- is determined
First relationship of Service Instance;
Call the first subfunction module that the capability identification is sent to the third micro services according to first relationship
The corresponding 4th subfunction module of example;
The capability identification is obtained by the 4th subfunction module, and by calling the second subfunction module verification institute
Whether effective state capability identification;
When detecting that the capability identification is effective, the third micro services example is executed by the 4th subfunction module.
5. according to the method described in claim 4, it is characterized in that, first relationship is the third micro services example subordinate
It is described to call the first subfunction module according to first relationship by the capability identification in the first micro services example
It is sent to the corresponding 4th subfunction module of the third micro services example, comprising:
When first relationship is subordinate relation, F visitor of the first subfunction module into the principal function module is called
The capability identification is injected at family end;
The permission mark is sent to the corresponding 4th subfunction module of the third micro services example by the F client
Know.
6. according to the method described in claim 4, it is characterized in that, first relationship is that the third micro services example is independent
It is described to call the first subfunction module according to first relationship by the capability identification in the first micro services example
It is sent to the corresponding 4th subfunction module of the third micro services example, comprising:
When first relationship is independence, call the first subfunction module by the preset strategy of fuse to institute
It states the corresponding 4th subfunction module of third micro services example and sends the capability identification, pass through the 4th subfunction module
The mode of the capability identification is injected to F client to realize and be subordinated to the third micro services by the F client terminal start-up
Multiple micro services examples of example.
7. the method according to claim 1, wherein described micro- by principal function module calling described first
The first subfunction module in the corresponding multiple subfunction modules of Service Instance obtains capability identification, comprising:
First in the corresponding multiple subfunction modules of the first micro services example is called by the principal function module
Subfunction module obtains the request header of the starting request for the first micro services example;
Determine the capability identification in the request header.
8. a kind of Authority Verification device, which is characterized in that be applied to electronic equipment, be equipped with target application on the electronic equipment
Program, the destination application include principal function module and multiple subfunction modules, and the Authority Verification device includes obtaining
Unit, authentication unit and execution unit, wherein
The acquiring unit, for passing through the principal function mould when detecting the starting request for the first micro services example
Block calls the first subfunction module in the corresponding multiple subfunction modules of the first micro services example to obtain permission mark
Know;
The authentication unit, for calling the corresponding second subfunction mould of Authority Verification function by the first subfunction module
Block, and whether the capability identification according to the second subfunction module verification is effective;
The execution unit, for executing institute by the first subfunction module when detecting that the capability identification is effective
State the first micro services example.
9. a kind of electronic equipment, which is characterized in that including processor, memory, communication interface, and one or more programs,
One or more of programs are stored in the memory, and are configured to be executed by the processor, described program packet
Include the instruction for executing the step in the method according to claim 1 to 7.
10. a kind of computer readable storage medium, which is characterized in that storage is used for the computer program of electronic data interchange,
In, the computer program makes computer execute the method according to claim 1 to 7.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811640222.4A CN109815683B (en) | 2018-12-29 | 2018-12-29 | Authority verification method and related device |
| PCT/CN2019/121604 WO2020134838A1 (en) | 2018-12-29 | 2019-11-28 | Authority verification method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811640222.4A CN109815683B (en) | 2018-12-29 | 2018-12-29 | Authority verification method and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109815683A true CN109815683A (en) | 2019-05-28 |
| CN109815683B CN109815683B (en) | 2021-09-14 |
Family
ID=66603052
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811640222.4A Active CN109815683B (en) | 2018-12-29 | 2018-12-29 | Authority verification method and related device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN109815683B (en) |
| WO (1) | WO2020134838A1 (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110381285A (en) * | 2019-07-19 | 2019-10-25 | 视联动力信息技术股份有限公司 | A kind of meeting initiating method and device |
| CN110708298A (en) * | 2019-09-23 | 2020-01-17 | 广州海颐信息安全技术有限公司 | Method and device for centralized management of dynamic instance identity and access |
| CN110912901A (en) * | 2019-11-27 | 2020-03-24 | 中国银行股份有限公司 | Application login verification method, device and system |
| WO2020134838A1 (en) * | 2018-12-29 | 2020-07-02 | 深圳云天励飞技术有限公司 | Authority verification method and related device |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112333272B (en) * | 2020-11-06 | 2023-05-26 | 杭州安恒信息技术股份有限公司 | Micro-service data access method, device, equipment and readable storage medium |
| CN112364338B (en) * | 2020-11-30 | 2024-04-09 | 杭州安恒信息技术股份有限公司 | Management method and device of micro-service framework, electronic device and storage medium |
| CN112487405B (en) * | 2020-12-18 | 2023-07-28 | 中国农业银行股份有限公司 | Authority information processing method and device |
| CN113472794B (en) * | 2021-07-05 | 2023-08-15 | 福州数据技术研究院有限公司 | Multi-application system authority unified management method based on micro-service and storage medium |
| CN113688343B (en) * | 2021-07-23 | 2023-11-03 | 济南浪潮数据技术有限公司 | Page authority control method, device, equipment and readable storage medium |
| CN113556357A (en) * | 2021-07-30 | 2021-10-26 | 平安普惠企业管理有限公司 | Authentication method, device, equipment and storage medium based on registration center |
| CN116980182B (en) * | 2023-06-21 | 2024-02-27 | 杭州明实科技有限公司 | Abnormal request detection method and device and electronic equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107528853A (en) * | 2017-09-12 | 2017-12-29 | 上海艾融软件股份有限公司 | The implementation method of micro services control of authority |
| CN108901022A (en) * | 2018-06-28 | 2018-11-27 | 深圳云之家网络有限公司 | A kind of micro services universal retrieval method and gateway |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106470184B (en) * | 2015-08-14 | 2020-06-26 | 阿里巴巴集团控股有限公司 | Security authentication method, device and system |
| CN108306877B (en) * | 2018-01-30 | 2020-11-10 | 泰康保险集团股份有限公司 | NODE JS-based user identity information verification method and device and storage medium |
| CN108810029B (en) * | 2018-07-23 | 2021-08-31 | 宏桥高科技集团有限公司 | Authentication system and optimization method between micro-service architecture services |
| CN109815683B (en) * | 2018-12-29 | 2021-09-14 | 深圳云天励飞技术有限公司 | Authority verification method and related device |
-
2018
- 2018-12-29 CN CN201811640222.4A patent/CN109815683B/en active Active
-
2019
- 2019-11-28 WO PCT/CN2019/121604 patent/WO2020134838A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107528853A (en) * | 2017-09-12 | 2017-12-29 | 上海艾融软件股份有限公司 | The implementation method of micro services control of authority |
| CN108901022A (en) * | 2018-06-28 | 2018-11-27 | 深圳云之家网络有限公司 | A kind of micro services universal retrieval method and gateway |
Non-Patent Citations (4)
| Title |
|---|
| AOHO: "认证鉴权与API权限控制在微服务架构中的设计与实现(三)", 《简书》 * |
| MARTIN6699: "微服务-Feign客户端服务之间传递token", 《简书》 * |
| 王方旭: "基于Spring_Cloud和Docker的微服务架构设计", 《中国信息化》 * |
| 金一科: "微服务架构的数据传输和鉴权安全研究", 《万方数据 杭州电子科技大学 2018(学位年度)硕士论文》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020134838A1 (en) * | 2018-12-29 | 2020-07-02 | 深圳云天励飞技术有限公司 | Authority verification method and related device |
| CN110381285A (en) * | 2019-07-19 | 2019-10-25 | 视联动力信息技术股份有限公司 | A kind of meeting initiating method and device |
| CN110381285B (en) * | 2019-07-19 | 2021-05-28 | 视联动力信息技术股份有限公司 | Conference initiating method and device |
| CN110708298A (en) * | 2019-09-23 | 2020-01-17 | 广州海颐信息安全技术有限公司 | Method and device for centralized management of dynamic instance identity and access |
| CN110912901A (en) * | 2019-11-27 | 2020-03-24 | 中国银行股份有限公司 | Application login verification method, device and system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020134838A1 (en) | 2020-07-02 |
| CN109815683B (en) | 2021-09-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109815683A (en) | Method for verifying authority and relevant apparatus | |
| CN104735066B (en) | A kind of single-point logging method of object web page application, device and system | |
| CN104348777B (en) | The access control method and system of a kind of mobile terminal to third-party server | |
| CN103152402A (en) | Method and system for logging in through mobile terminal and cloud server | |
| CN104717648B (en) | A kind of uniform authentication method and equipment based on SIM card | |
| CN109309666A (en) | Interface security control method and terminal device in a kind of network security | |
| CN103139181B (en) | A kind of authorization method of open authentication, device and system | |
| CN105491008A (en) | Public account two-dimension code generation method and device and public account following method and device | |
| CN106487774A (en) | A kind of cloud host services authority control method, device and system | |
| CN107484152B (en) | Management method and device for terminal application | |
| CN103248525A (en) | Method and device of configuring network resources | |
| CN101426009A (en) | Identity management platform, service server, uniform login system and method | |
| CN104158802A (en) | Platform authorization method, platform service side, application client side and system | |
| CN104113551A (en) | Platform authorization method, platform server side, application client side and system | |
| CN108319827B (en) | API (application program interface) authority management system and method based on OSGI (open service gateway initiative) framework | |
| CN102739678B (en) | Single-sign-on treatment system and single-sign-on processing method | |
| CN101420416A (en) | Identity management platform, service server, login system and federation method | |
| CN109962892A (en) | A kind of authentication method and client, server logging in application | |
| CN114745431B (en) | Non-invasive authority authentication method, system, medium and equipment based on side car technology | |
| CN106897629A (en) | The control method and terminal of terminal applies | |
| CN109783357A (en) | The method and device of test application program, computer equipment, storage medium | |
| CN115175170B (en) | USIM data autonomous uplink implementation method, terminal, USIM and system | |
| CN104796408A (en) | Single-point live login method and device | |
| CN109428893A (en) | A kind of identity identifying method, apparatus and system | |
| CN113221093A (en) | Single sign-on system, method, equipment and product based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |