CN109858257B - Access control method and device - Google Patents
Access control method and device Download PDFInfo
- Publication number
- CN109858257B CN109858257B CN201811616248.5A CN201811616248A CN109858257B CN 109858257 B CN109858257 B CN 109858257B CN 201811616248 A CN201811616248 A CN 201811616248A CN 109858257 B CN109858257 B CN 109858257B
- Authority
- CN
- China
- Prior art keywords
- service
- file
- target
- interface
- annotation data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses an access control method and device. Wherein, the method comprises the following steps: introducing an object file into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; and controlling different external service interfaces to provide external services according to method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code. The invention solves the technical problem that the interface service can not be uniformly managed in the system for providing the network service externally in the prior art.
Description
Technical Field
The invention relates to the technical field of computers, in particular to an access control method and device.
Background
In a system for providing network services to the outside, services such as access right control, flow control and the like in different levels need to be set according to different interfaces. The above-mentioned service sets up the demand of different degrees according to different interfaces, if rely on the system oneself to realize the service, there are several following disadvantages at least:
(1) the repeated codes are too many to be reused, manpower resources are wasted, the probability of logic errors is increased due to the fact that the codes are written for many times, development and test costs are increased, and interface services cannot be managed uniformly.
(2) The method is not flexible enough, the online service and the offline service cannot be facilitated through a configuration form, and the development and modification of codes are needed when functions are added or deleted every time, so that the modification period is long and the sensitivity is not high enough.
(3) The code logic coupling, the uniform service code of the interface and the business logic code are adhered, and the readability of the code is influenced.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides an access control method and device, which at least solve the technical problem that interface services cannot be uniformly managed in a system for providing network services externally in the prior art.
According to an aspect of an embodiment of the present invention, there is provided an access control method including: introducing an object file into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; and controlling different external service interfaces to provide external services according to method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code.
Further, after the target file is introduced to the project object model-based file by using the target tool, the method further includes: configuring an interceptor in the target file based on a target configuration document, wherein the interceptor is configured to monitor service request data, and the service request data comprises at least one of: request amount, request processing time, request success times and request failure times; configuring target logic parameters in the target file by assigning annotation parameter fields, wherein the target logic parameters comprise at least one of the following parameters: access control logic parameters, parameter check logic parameters, and concurrency control logic parameters.
Further, after the target file is introduced to the project object model-based file by using the target tool, the method further includes: configuring a personalized function interface based on the framework structure provided by the object file, wherein the personalized function interface comprises at least one of the following: the distributed lock comprises a realization interface, a concurrency control interface and an authority control interface of the distributed lock; and configuring a parameter verification file and an interface to be monitored, wherein the returned parameter of the external service interface is verified through the parameter verification file, and the service stability of the external service interface is determined by monitoring the interface to be monitored.
Further, before controlling different external service interfaces to provide external services according to the method annotation data in the target file, the method further includes: acquiring the method annotation data in the target file; and adding the method annotation data into a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
Further, controlling different external service interfaces to provide external services according to the method annotation data in the target file includes: calling the uniform service code in the target file by reading the method annotation data; and controlling different external service interfaces to provide the external service according to the uniform service code.
Further, the target tool at least includes: the software project management and automatic construction tool, the object file at least includes: a software package file; the external service includes at least one of: the system comprises a security access control service, an encryption and decryption control service, an encryption and verification tag service, a multi-dimensional current limiting service, a concurrency control service, a flow control service, a multi-dimensional monitoring service, an access authority control service and a parameter verification service.
According to another aspect of the embodiments of the present invention, there is also provided an access control apparatus, including: the system comprises an introduction module, a storage module and a management module, wherein the introduction module is used for introducing an object file into a project object model-based file by adopting an object tool, the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; and the control module is used for controlling different external service interfaces to provide external services according to the method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code.
Further, the above apparatus further comprises: an obtaining module, configured to obtain the method annotation data in the target file; and the adding module is used for adding the method annotation data into a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
According to another aspect of the embodiments of the present invention, there is also provided a storage medium, where the storage medium includes a stored program, and when the program runs, the apparatus on which the storage medium is located is controlled to execute any one of the above access control methods.
According to another aspect of the embodiments of the present invention, there is also provided a processor, configured to execute a program, where the program executes any one of the above access control methods.
In the embodiment of the invention, an object file is introduced into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; according to the method annotation data in the target file, different external service interfaces are controlled to provide external services, wherein the method annotation data is used for annotating the implementation method of the unified service code, so that the purpose of implementing unified management interface services for the system providing the external network services is achieved, the technical effects of improving the reliability, safety and flexibility of the system providing the external network services are achieved, and the technical problem that the interface services cannot be uniformly managed in the system providing the external network services in the prior art is solved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a flow chart of a method of access control according to an embodiment of the present invention;
FIG. 2 is a flow chart of an alternative access control method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an access control device according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the invention described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
First, in order to facilitate understanding of the embodiments of the present invention, some terms or nouns referred to in the present invention will be explained as follows:
application Framework Spring Framework: the framework is an application program framework of an open source Java/Java EE full-function stack (full-stack), provides an easy development mode, and can avoid a large number of attribute files and help classes which can cause the underlying code to become fussy.
Software project management and automatic construction tool Apache Maven: in particular, a Java software project management and automatic construction tool is provided by the Apache software foundation, and the Maven can manage the construction, report, document and the like of a project by utilizing a central information fragment.
Example 1
In accordance with an embodiment of the present invention, there is provided an embodiment of an access control method, it should be noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions, and that while a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than here.
Fig. 1 is a flowchart of an access control method according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
step S102, introducing an object file into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file;
step S104, controlling different external service interfaces to provide external services according to the method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code.
In an alternative embodiment, the target tool at least comprises: the software project management and automatic construction tool, the object file at least includes: a software package file; the external service includes at least one of: the system comprises a security access control service, an encryption and decryption control service, an encryption and verification tag service, a multi-dimensional current limiting service, a concurrency control service, a flow control service, a multi-dimensional monitoring service, an access authority control service and a parameter verification service.
Optionally, in the embodiment of the present application, the external service interface is controlled and logic is performed by implementing a Handler Interceptor Adapter of a processor Interceptor of the application Framework Spring Framework, and the customized security access control, parameter verification, concurrency control, monitoring, traffic restriction and other logic is performed by reading the method annotation data on the control layer program (i.e., the control layer method).
In the embodiment of the application, a system for providing network services to the outside is used as a user of a uniform service code, and before controlling different external service interfaces to provide external services, a target tool is adopted to introduce a target file into a form based on a project object model file, and method annotation data in the target file is added to a control layer program, so that different external service interfaces are controlled to provide external services.
In the embodiment of the invention, an object file is introduced into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; according to the method annotation data in the target file, different external service interfaces are controlled to provide external services, wherein the method annotation data is used for annotating the implementation method of the unified service code, so that the purpose of implementing unified management interface services for the system providing the external network services is achieved, the technical effects of improving the reliability, safety and flexibility of the system providing the external network services are achieved, and the technical problem that the interface services cannot be uniformly managed in the system providing the external network services in the prior art is solved.
In an alternative embodiment, after the target tool is used to import the target file into the project object model-based file, the method further includes:
step S202, configuring an interceptor in the target file based on a target configuration document, wherein the interceptor is configured to monitor service request data, and the service request data includes at least one of the following data: request amount, request processing time, request success times and request failure times;
step S204, configuring the target logic parameter in the target file by assigning an annotation parameter field, wherein the target logic parameter comprises at least one of the following: access control logic parameters, parameter check logic parameters, and concurrency control logic parameters.
Xml, the target profile may be, but is not limited to, a profile of a web service, and the target file may be, but is not limited to, a software package file, for example, a jar package file; specifically, parameters in the interceptor may be configured to implement monitoring of the service request data by the interceptor.
Optionally, method annotation data of the jar packet file may be introduced to a control layer program (that is, a control layer method for providing a service to the outside for a system providing a network service to the outside), and target logic parameters such as access control logic parameters, parameter verification logic parameters, concurrency control logic parameters, and the like may be configured by assigning annotation parameter fields.
In an alternative embodiment, after the target tool is used to import the target file into the project object model-based file, the method further includes:
step S302, configuring a personalized function interface based on the framework structure provided by the target file, wherein the personalized function interface includes at least one of the following: the distributed lock comprises a realization interface, a concurrency control interface and an authority control interface of the distributed lock;
step S304, configuring a parameter verification file and an interface to be monitored, wherein the returned parameter of the external service interface is verified through the parameter verification file, and the service stability of the external service interface is determined by monitoring the interface to be monitored.
Optionally, after introducing the target file to the project object model-based file by using the target tool, the system for providing the external network service may further rewrite a specific interface to provide services such as access permission, that is, configure a personalized function interface based on a framework structure provided by the target file, where the personalized function interface includes at least one of: the distributed lock comprises a realization interface, a concurrency control interface and a permission control interface.
Optionally, after the target tool is used to introduce the target file into the project object model-based file, the system for providing the network service to the outside may further configure a parameter verification file and an interface to be monitored, verify a return parameter of the external service interface through the parameter verification file, and determine the service stability of the external service interface by monitoring the interface to be monitored, so as to improve reliability, security, and flexibility of the system.
Optionally, the file format of the parameter verification file may be, but is not limited to, json format and xml format.
In an alternative embodiment, fig. 2 is a flowchart of an alternative access control method according to an embodiment of the present invention, and as shown in fig. 2, before controlling different external service interfaces to provide external services according to method annotation data in the target file, the method further includes:
step S402, obtaining the method annotation data in the target file;
step S404, adding the method annotation data to a local control layer program, where the control layer program is configured to control different external service interfaces to provide the external service according to the method annotation data.
Optionally, the control layer program is a control layer method for providing a service to the outside by a system providing a network service to the outside, and annotates data by obtaining the method in the target file; and adding the method annotation data into a local control layer program, and then the control layer program can control different external service interfaces to provide the external service according to the method annotation data.
In an optional embodiment, controlling different external service interfaces to provide external services according to the method annotation data in the target file includes:
step S502, calling the uniform service code in the target file by reading the method annotation data;
step S504, controlling different external service interfaces to provide the external service according to the unified service code.
In this embodiment, the system for providing external network services adds the method annotation data to a local control layer program, and further, the system for providing external network services may call the unified service code in the target file by reading the method annotation data in the control layer program, and control different external service interfaces to provide the external services according to the unified service code.
In addition, in the embodiment of the present application, monitoring data for monitoring the external service interface may also be displayed, so as to determine the stability of the external service provided by the system for providing the external network service.
Through the embodiment of the application, the control logic of the external service interface can be independent, and the external service interfaces of a plurality of systems providing network services to the outside can be uniformly controlled; through multi-dimensional real-time monitoring, the operation and maintenance efficiency of the system is improved, and the problem can be quickly and accurately positioned; moreover, code reusability can be realized, the use is convenient, annotation configuration and configuration files are supported to be realized, and the modification is convenient and flexible; the system for providing the network service to the outside can realize the services of distributed locking, monitoring and collection and the like by itself in the form of the personalized interface, and the system for providing the network service to the outside can conveniently customize the personalized service.
Example 2
According to an embodiment of the present invention, there is further provided an apparatus embodiment for implementing the access control method, and fig. 3 is a schematic structural diagram of an access control apparatus according to an embodiment of the present invention, as shown in fig. 3, the access control apparatus includes: an introduction module 30 and a control module 32, wherein:
an importing module 30, configured to import an object file into a project object model-based file by using an object tool, where the object file is pre-configured with a unified service code for controlling an external service interface, and the project object model-based file is used to manage the object file; and a control module 32, configured to control different external service interfaces to provide external services according to method annotation data in the target file, where the method annotation data is used to annotate an implementation method of the uniform service code.
In an optional embodiment, the apparatus further comprises: an obtaining module, configured to obtain the method annotation data in the target file; and the adding module is used for adding the method annotation data into a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
It should be noted that the above modules may be implemented by software or hardware, for example, for the latter, the following may be implemented: the modules can be located in the same processor; alternatively, the modules may be located in different processors in any combination.
It should be noted here that the above-mentioned introduction module 30 and the control module 32 correspond to steps S102 to S104 in embodiment 1, and the above-mentioned modules are the same as the examples and application scenarios realized by the corresponding steps, but are not limited to the disclosure of embodiment 1. It should be noted that the modules described above may be implemented in a computer terminal as part of an apparatus.
It should be noted that, reference may be made to the relevant description in embodiment 1 for alternative or preferred embodiments of this embodiment, and details are not described here again.
The access control device may further include a processor and a memory, the introduction module 30, the control module 32, and the like are stored in the memory as program units, and the processor executes the program units stored in the memory to implement corresponding functions.
The processor comprises a kernel, and the kernel calls a corresponding program unit from the memory, wherein one or more than one kernel can be arranged. The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
According to the embodiment of the application, the embodiment of the storage medium is also provided. Optionally, in this embodiment, the storage medium includes a stored program, and the device on which the storage medium is located is controlled to execute any one of the access control methods when the program runs.
Optionally, in this embodiment, the storage medium may be located in any one of a group of computer terminals in a computer network, or in any one of a group of mobile terminals, and the storage medium includes a stored program.
Optionally, the program controls the device on which the storage medium is located to perform the following functions when running: introducing an object file into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; and controlling different external service interfaces to provide external services according to method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code.
Optionally, the program controls the device on which the storage medium is located to perform the following functions when running: configuring an interceptor in the target file based on a target configuration document, wherein the interceptor is configured to monitor service request data, and the service request data comprises at least one of: request amount, request processing time, request success times and request failure times; configuring target logic parameters in the target file by assigning annotation parameter fields, wherein the target logic parameters comprise at least one of the following parameters: access control logic parameters, parameter check logic parameters, and concurrency control logic parameters.
Optionally, the program controls the device on which the storage medium is located to perform the following functions when running: configuring a personalized function interface based on the framework structure provided by the object file, wherein the personalized function interface comprises at least one of the following: the distributed lock comprises a realization interface, a concurrency control interface and an authority control interface of the distributed lock; and configuring a parameter verification file and an interface to be monitored, wherein the returned parameter of the external service interface is verified through the parameter verification file, and the service stability of the external service interface is determined by monitoring the interface to be monitored.
Optionally, the program controls the device on which the storage medium is located to perform the following functions when running: acquiring the method annotation data in the target file; and adding the method annotation data into a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
Optionally, the program controls the device on which the storage medium is located to perform the following functions when running: calling the uniform service code in the target file by reading the method annotation data; and controlling different external service interfaces to provide the external service according to the uniform service code.
According to the embodiment of the application, the embodiment of the processor is also provided. Optionally, in this embodiment, the processor is configured to execute a program, where the program executes any one of the access control methods.
The embodiment of the application provides equipment, the equipment comprises a processor, a memory and a program which is stored on the memory and can run on the processor, and the following steps are realized when the processor executes the program: introducing an object file into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; and controlling different external service interfaces to provide external services according to method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code.
Optionally, when the processor executes a program, an interceptor in the target file may be configured based on a target configuration document, where the interceptor is configured to monitor service request data, and the service request data includes at least one of: request amount, request processing time, request success times and request failure times; configuring target logic parameters in the target file by assigning annotation parameter fields, wherein the target logic parameters comprise at least one of the following parameters: access control logic parameters, parameter check logic parameters, and concurrency control logic parameters.
Optionally, when the processor executes a program, a personalized function interface may be configured based on a framework structure provided by the object file, where the personalized function interface includes at least one of: the distributed lock comprises a realization interface, a concurrency control interface and an authority control interface of the distributed lock; and configuring a parameter verification file and an interface to be monitored, wherein the returned parameter of the external service interface is verified through the parameter verification file, and the service stability of the external service interface is determined by monitoring the interface to be monitored.
Optionally, when the processor executes a program, the method annotation data in the target file may also be obtained; and adding the method annotation data into a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
Optionally, when the processor executes a program, the processor may call the uniform service code in the target file by reading the method annotation data; and controlling different external service interfaces to provide the external service according to the uniform service code.
The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device: introducing an object file into a project object model-based file by adopting an object tool, wherein the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file; and controlling different external service interfaces to provide external services according to method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code.
Optionally, when the computer program product executes a program, an interceptor in the target file may be configured based on a target configuration document, where the interceptor is configured to monitor service request data, and the service request data includes at least one of: request amount, request processing time, request success times and request failure times; configuring target logic parameters in the target file by assigning annotation parameter fields, wherein the target logic parameters comprise at least one of the following parameters: access control logic parameters, parameter check logic parameters, and concurrency control logic parameters.
Optionally, when the computer program product executes a program, a personalized function interface may be configured based on a framework structure provided by the object file, where the personalized function interface includes at least one of: the distributed lock comprises a realization interface, a concurrency control interface and an authority control interface of the distributed lock; and configuring a parameter verification file and an interface to be monitored, wherein the returned parameter of the external service interface is verified through the parameter verification file, and the service stability of the external service interface is determined by monitoring the interface to be monitored.
Optionally, when the computer program product executes a program, the method annotation data in the target file may also be acquired; and adding the method annotation data into a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
Optionally, when the computer program product executes a program, the unified service code in the target file may be called by reading the method annotation data; and controlling different external service interfaces to provide the external service according to the uniform service code.
The above-mentioned serial numbers of the embodiments of the present invention are merely for description and do not represent the merits of the embodiments.
In the above embodiments of the present invention, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
In the embodiments provided in the present application, it should be understood that the disclosed technology can be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units may be a logical division, and in actual implementation, there may be another division, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, units or modules, and may be in an electrical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a removable hard disk, a magnetic or optical disk, and other various media capable of storing program codes.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (9)
1. An access control method, comprising:
introducing a target file into a project object model-based file by adopting a target tool, wherein the target file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the target file;
controlling different external service interfaces to provide external services according to method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code;
wherein after introducing the object file to the project object based model file using the object tool, the method further comprises:
configuring an interceptor in the target file based on a target profile, wherein the interceptor is configured to monitor service request data, the service request data including at least one of: request amount, request processing time, request success times and request failure times;
configuring target logic parameters in the target file by assigning annotation parameter fields, wherein the target logic parameters comprise at least one of the following: access control logic parameters, parameter check logic parameters, and concurrency control logic parameters.
2. The method of claim 1, wherein after introducing the object file to the project object model based file using the object tool, the method further comprises:
configuring a personalized function interface based on the framework structure provided by the object file, wherein the personalized function interface comprises at least one of the following: the distributed lock comprises a realization interface, a concurrency control interface and an authority control interface of the distributed lock;
and configuring a parameter verification file and an interface to be monitored, wherein the returned parameter of the external service interface is verified through the parameter verification file, and the service stability of the external service interface is determined by monitoring the interface to be monitored.
3. The method of claim 1, wherein before controlling different external service interfaces to provide external services according to method annotation data in the target file, the method further comprises:
acquiring the method annotation data in the target file;
and adding the method annotation data to a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
4. The method of claim 1, wherein controlling different external service interfaces to provide external services according to the method annotation data in the target file comprises:
calling the uniform service code in the target file by reading the method annotation data;
and controlling different external service interfaces to provide the external service according to the uniform service code.
5. The method according to any one of claims 1 to 4, wherein the target tool comprises at least: the software project management and automatic construction tool comprises at least: a software package file; the foreign service includes at least one of: the system comprises a security access control service, an encryption and decryption control service, an encryption and verification tag service, a multi-dimensional current limiting service, a concurrency control service, a flow control service, a multi-dimensional monitoring service, an access authority control service and a parameter verification service.
6. An access control apparatus, comprising:
the system comprises an introduction module, a storage module and a management module, wherein the introduction module is used for introducing an object file into a project object model-based file by adopting an object tool, the object file is pre-configured with a uniform service code for controlling an external service interface, and the project object model-based file is used for managing the object file;
the control module is used for controlling different external service interfaces to provide external services according to method annotation data in the target file, wherein the method annotation data is used for annotating the implementation method of the uniform service code;
wherein the apparatus is further configured to configure an interceptor in the target file based on a target profile, wherein the interceptor is configured to monitor service request data, the service request data including at least one of: request amount, request processing time, request success times and request failure times; configuring target logic parameters in the target file by assigning annotation parameter fields, wherein the target logic parameters comprise at least one of the following: access control logic parameters, parameter check logic parameters, and concurrency control logic parameters.
7. The apparatus of claim 6, further comprising:
the acquisition module is used for acquiring the method annotation data in the target file;
and the adding module is used for adding the method annotation data into a local control layer program, wherein the control layer program is used for controlling different external service interfaces to provide the external service according to the method annotation data.
8. A storage medium comprising a stored program, wherein the apparatus on which the storage medium is located is controlled to perform the access control method according to any one of claims 1 to 5 when the program is executed.
9. A processor configured to execute a program, wherein the program executes to perform the access control method of any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811616248.5A CN109858257B (en) | 2018-12-27 | 2018-12-27 | Access control method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811616248.5A CN109858257B (en) | 2018-12-27 | 2018-12-27 | Access control method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109858257A CN109858257A (en) | 2019-06-07 |
| CN109858257B true CN109858257B (en) | 2021-06-18 |
Family
ID=66892903
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811616248.5A Active CN109858257B (en) | 2018-12-27 | 2018-12-27 | Access control method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109858257B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110443013A (en) * | 2019-07-08 | 2019-11-12 | 苏州浪潮智能科技有限公司 | A kind of server outband management method, equipment and the medium of permission control |
| CN111314306A (en) * | 2020-01-17 | 2020-06-19 | 网易(杭州)网络有限公司 | Interface access method and device, electronic equipment and storage medium |
| CN111949911A (en) * | 2020-07-31 | 2020-11-17 | 银盛支付服务股份有限公司 | Background concurrency control method based on Redis counter |
| CN112367304B (en) * | 2020-10-22 | 2022-08-16 | 杭州大搜车汽车服务有限公司 | Request limiting method and device, computer equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104360937A (en) * | 2014-10-21 | 2015-02-18 | 福建富士通信息软件有限公司 | Intelligent parameter checking device |
| CN107066291A (en) * | 2017-02-09 | 2017-08-18 | 阿里巴巴集团控股有限公司 | Packaging method, device and the equipment of SDK, computer-readable recording medium |
| CN107704245A (en) * | 2017-09-21 | 2018-02-16 | 深圳市麦斯杰网络有限公司 | Protocol accessing method, device and computer-readable recording medium |
| CN107977208A (en) * | 2017-12-19 | 2018-05-01 | 国云科技股份有限公司 | A kind of Safety actuality configuration authority method based on maven |
| CN108874464A (en) * | 2018-05-31 | 2018-11-23 | 康键信息技术(深圳)有限公司 | Middleware automatically scanning assembly method, device and storage medium |
-
2018
- 2018-12-27 CN CN201811616248.5A patent/CN109858257B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104360937A (en) * | 2014-10-21 | 2015-02-18 | 福建富士通信息软件有限公司 | Intelligent parameter checking device |
| CN107066291A (en) * | 2017-02-09 | 2017-08-18 | 阿里巴巴集团控股有限公司 | Packaging method, device and the equipment of SDK, computer-readable recording medium |
| CN107704245A (en) * | 2017-09-21 | 2018-02-16 | 深圳市麦斯杰网络有限公司 | Protocol accessing method, device and computer-readable recording medium |
| CN107977208A (en) * | 2017-12-19 | 2018-05-01 | 国云科技股份有限公司 | A kind of Safety actuality configuration authority method based on maven |
| CN108874464A (en) * | 2018-05-31 | 2018-11-23 | 康键信息技术(深圳)有限公司 | Middleware automatically scanning assembly method, device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109858257A (en) | 2019-06-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109858257B (en) | Access control method and device | |
| US20170244626A1 (en) | Device and settings management platform | |
| CN103827878B (en) | Automate Password Management | |
| CN106649164B (en) | Hardware interface management method | |
| WO2019051948A1 (en) | Method, apparatus, server, and storage medium for processing monitoring data | |
| WO2021164462A1 (en) | Data encryption method, data decryption method, computer device, and medium | |
| CN108804399B (en) | Form verification method and device | |
| CN110222535B (en) | Processing device, method and storage medium for block chain configuration file | |
| US11630660B2 (en) | Firmware management | |
| CN110677453A (en) | ZooKeeper-based distributed lock service implementation method, device, equipment and storage medium | |
| CN110673993B (en) | Fault injection method, platform and system | |
| CN107147711A (en) | Application service update method and device | |
| CN105975272A (en) | Method and system for generating unique device number of device | |
| CN110162344A (en) | A kind of method, apparatus, computer equipment and readable storage medium storing program for executing that current limliting is isolated | |
| CN111813418A (en) | Distributed link tracking method, device, computer equipment and storage medium | |
| JP2020024758A (en) | Maintenance element capable of being restored to factory state | |
| CN109032685A (en) | A kind of method and terminal accelerating Android system starting | |
| CN106936660B (en) | Data acquisition method and device | |
| CN107995033B (en) | ONU configuration file upgrading method and device | |
| CN116599881A (en) | Cloud platform tenant modeling test method, device, equipment and storage medium | |
| CN108595924B (en) | Business authority management method and device, computer equipment and storage medium | |
| CN113360172B (en) | Application deployment method, device, computer equipment and storage medium | |
| CN113301557B (en) | eSIM card state management method, device, equipment and storage medium | |
| CN113221151A (en) | Data processing method and device based on block chain and storage medium | |
| CN113467723A (en) | Data storage method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |