CN112333201A - Upper-layer application requests micro-service authentication optimization system through gateway - Google Patents
Upper-layer application requests micro-service authentication optimization system through gateway Download PDFInfo
- Publication number
- CN112333201A CN112333201A CN202011307379.2A CN202011307379A CN112333201A CN 112333201 A CN112333201 A CN 112333201A CN 202011307379 A CN202011307379 A CN 202011307379A CN 112333201 A CN112333201 A CN 112333201A
- Authority
- CN
- China
- Prior art keywords
- gateway
- service
- data
- api
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000005457 optimization Methods 0.000 title claims abstract description 12
- 238000000034 method Methods 0.000 claims abstract description 20
- 238000011217 control strategy Methods 0.000 claims description 11
- 238000004140 cleaning Methods 0.000 claims description 3
- 238000010276 construction Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 5
- 238000003860 storage Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 101001072091 Homo sapiens ProSAAS Proteins 0.000 description 1
- 102100036366 ProSAAS Human genes 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a micro-service authentication optimization system requested by upper-layer application through a gateway, which comprises a client, the gateway and a micro-service; the gateway comprises a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service; the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows: the method comprises the steps that a client requests a gateway authentication service through a Nginx reverse proxy server, an API gateway authentication service authenticates a request source, routing data and gateway DB data are inquired and fed back to the gateway authentication service in gateway management after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data; the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics. The invention supports simple, rapid and safe completion of API construction, management and release, opens the service capability of the application with high efficiency, reduces the calling cost and makes the authentication mode more convenient.
Description
Technical Field
The invention belongs to the technical field of gateways, and particularly relates to a micro-service authentication optimization system requested by an upper layer application through a gateway.
Background
At present, when an upper application (APP, SAAS system or WEB product) requests a bottom layer service, forwarding is usually performed through a gateway (micro services will be registered on the gateway and forwarded by an operator through the gateway), and the gateway will perform traffic, authentication and safety check to protect the bottom layer micro services.
In the related art, the mainstream technical implementation method mainly adopts TOKEN authentication and APP authentication, but the above methods have the following problems:
1) the internal use of the company or the cooperation company requests through the gateway, and when the authentication mode is adopted, the calling cost is higher;
2) the upper layer application is required to support two authentication modes, which is inconvenient.
Disclosure of Invention
In view of this, the present invention provides a system for optimizing authentication of micro-services requested by an upper layer application through a gateway, so as to solve the problems of high cost and inconvenience in invoking a gateway request authentication method in the prior art.
In order to achieve the purpose, the invention adopts the following technical scheme: an upper layer application requests a micro-service authentication optimization system through a gateway, comprising: client, gateway and microservice; the client side carries out a micro-service request through the gateway;
the gateway includes: a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service;
the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows:
the client requests a gateway authentication service through a Nginx reverse proxy server, the API gateway authentication service authenticates the request source, inquires routing data and gateway DB data in gateway management and feeds back the routing data and the gateway DB data to the gateway authentication service after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data;
the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics.
Further, the gateway management includes: API gateway management system, Redis and mongoDB;
the API gateway management system is used for authenticating the request source and sending the authenticated data to Redis and mongoDB;
the mongoDB is used for storing routing data and gateway DB data and synchronizing cache data in the Redis at regular time;
the Redis is used for caching the routing data and the gateway DB data and sending the routing data and the gateway DB data to the API gateway authentication service.
Further, the gateway authentication service authenticates the request source, including:
the API gateway authentication service performs IP access control, flow control strategy and signature key on a request source.
Further, the IP access control is set in the API gateway management system
White list management, which is used for setting a white list, wherein the white list is used for setting IP to allow a gateway request;
and the blacklist management is used for setting a blacklist, and the blacklist is used for rejecting the gateway request.
Further, the white list setting process includes:
adding a white list name;
a white list IP is set.
Further, the white list IP is:
domain name + path + english id.
Further, the log collection service includes:
the Logstash is used for collecting original data;
and the Elasticissearch is used for cleaning the original data and storing the cleaned data.
Further, the raw data includes:
the operation log data is used for carrying out positioning tracking query on the use condition of the user;
and calling log data for use in an API calling process of the system API gateway authentication service, which has problems and tracking management of any API calling process.
Further, the gateway further includes:
the login module is used for registering a user with personal identity information and logging in the gateway;
the personal identity information comprises an identity card number, a mobile phone number and a name.
Further, the gateway further includes:
and the alarm module is used for alarming when the gateway flow fails.
By adopting the technical scheme, the invention can achieve the following beneficial effects:
the invention provides a micro-service authentication optimization system requested by upper-layer application through a gateway, which supports simple, rapid and safe completion of API construction, management and release, efficiently opens the service capability of application, reduces the calling cost and is more convenient for an authentication mode. In addition, the method and the device can perform more accurate API management and control, namely, an IP white list/black list is set to allow/reject the API request of a certain source. And the access frequency of the flow control API, the request frequency of the APP and the request frequency of the user can be set.
The invention can support the application requesting encryption and authorization to access the corresponding API, and the single application limits the API access, IP white list and black list access control strategy mechanism, flow control, accurate control of access API flow and prevention of malicious attack.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a system for requesting microservice authentication optimization by an upper layer application through a gateway according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without any inventive step, are within the scope of the present invention.
A specific upper-layer application request microservice authentication optimization system provided in the embodiment of the present application through a gateway is described below with reference to the accompanying drawings.
As shown in fig. 1, the upper layer application provided in this embodiment requests a micro-service authentication optimization system through a gateway, including: client, gateway and microservice; the client side carries out a micro-service request through the gateway;
the gateway includes: a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service;
the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows:
the client requests a gateway authentication service through a Nginx reverse proxy server, the API gateway authentication service authenticates the request source, inquires routing data and gateway DB data in gateway management and feeds back the routing data and the gateway DB data to the gateway authentication service after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data;
the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics.
The working principle of the upper layer application requesting the micro-service authentication optimization system through the gateway is as follows: the client requests the microservice through the gateway. The client requests gateway authentication service through the Nginx reverse proxy server, the API gateway authentication service authenticates the source of the request, after the authentication is passed, routing data and gateway DB data are inquired in gateway management and fed back to the gateway authentication service, and after the API gateway authentication service receives the data, micro service is requested through the Nginx reverse proxy server.
The method and the device can help collaborators to quickly build a product framework, and maximize the utilization rate of the capacity. The ONAIR API GateWay will provide full lifecycle management including creation, maintenance, release, offline, etc. The API Gateway can be used for packaging self service, and safely and reliably opening data, service logic or functions so as to realize self system integration and service connection with a partner.
In some embodiments, the gateway management comprises: API gateway management system, Redis and mongoDB;
the API gateway management system is used for authenticating the request source and sending the authenticated data to Redis and mongoDB;
the mongoDB is used for storing routing data and gateway DB data and synchronizing cache data in the Redis at regular time;
the Redis is used for caching the routing data and the gateway DB data and sending the routing data and the gateway DB data to the API gateway authentication service.
It can be understood that the direct request of the mongoDB database can bring pressure to the database, data can exist in a redis (cache), and the mongoDB database regularly synchronizes the data to the redis, so that when data transmission is carried out, the data is only taken from the redis cache and fed back to the API gateway authentication service, the data acquisition efficiency is high, and the request is fast.
Preferably, the authenticating the request source by the gateway authentication service includes:
the API gateway authentication service performs IP access control, flow control strategy and signature key on a request source.
Preferably, the IP access control is set in the API gateway management system
White list management, which is used for setting a white list, wherein the white list is used for setting IP to allow a gateway request;
and the blacklist management is used for setting a blacklist, and the blacklist is used for rejecting the gateway request.
Wherein the IP access control is used for configuring an IP white list/black list of the API to allow/reject an API request of a certain source; the flow control strategy is used for configuring flow control values of an API and an application object, the unit can be minutes, hours and days, the limitation can be carried out on the times of requests according to the day, the hour and the minute, when the flow exceeds a threshold value, a new request can be intercepted by a gateway, and the normal operation of a back-end service is ensured; the signature secret key is used for verifying the identity of the API gateway by the back-end service, and the safety of the back-end service is guaranteed when the API gateway requests the back-end service.
Specifically, the IP access control and the API are independently managed (plug-in), the IP access control is one of API safety protection components provided by the API gateway, and after the IP access control and the API are bound, an IP access control strategy can act on the bound API to provide functions of IP access control list management, access control creation, editing, deletion, strategy item addition and the like; the supported IP white list allows the API request of a certain source, and the supported IP black list rejects the API request of a certain source. The method supports direct setting of IP addition strategy items, supports regular expression addition strategy items, and supports one-to-many binding of a white list/a black list and an API.
The flow control strategy and the API are independently managed (are pluged), after the flow control strategy and the API are bound, the flow control strategy can only act on the bound API to provide functions of flow strategy list management, strategy creation, editing, deleting and the like, the called times of the API supporting the setting and binding in unit time cannot exceed a set value, and the called times of any API supporting the setting and binding in unit time cannot exceed the set value. And a special APP is added under the support of the flow control strategy, and one-to-many binding of the flow control strategy and the API is supported. The flow control policy may be used to regulate the frequency of access of the API, the frequency of requests of the APP, and the frequency of requests of the user
The safety key and the API are independently managed (plug-in), the signature key is used for verifying the identity of the API gateway by the back-end service, and when the API gateway requests the back-end service, the safety of the back-end service is guaranteed. After the operation and the binding, the security key can act on the bound API, the functions of security list management, policy creation, editing, deletion and the like are supported, the verification of gateway signature verification by a back end is supported, and the encryption storage of the key is supported to ensure the security of the key.
Preferably, the white list setting process includes:
adding a white list name;
a white list IP is set.
The white list IP is: domain name + path + english id.
Specifically, a white list policy is added in white list management on a gateway, policy rules are set, and setting of an application white list is supported, namely, other contents do not need to be checked in current application access, and only a domain name + a path + an English identification need to be checked; an IP white list may also be set, that is, other content is not required to be checked for current IP access, and only the domain name + path + english id is required to be checked. In the prior art, time stamps, random numbers and the like need to be checked, which is troublesome.
By setting a white list, the application adds a non-authentication mode, so that the invention supports 3 authentication and authorization: APP authentication, TOKEN authentication, no authentication (pass).
In some embodiments, the log collection service comprises:
the Logstash is used for collecting original data;
and the Elasticissearch is used for cleaning the original data and storing the cleaned data.
The Elasticissearch cleans the original data in the Logstash, and removes redundant data and unclear data in the original data.
Wherein the raw data comprises:
the operation log data is used for carrying out positioning tracking query on the use condition of the user;
and calling log data for use in an API calling process of the system API gateway authentication service, which has problems and tracking management of any API calling process.
Preferably, the gateway further comprises:
the login module is used for registering a user with personal identity information and logging in the gateway;
the personal identity information comprises an identity card number, a mobile phone number and a name.
And the browser inputs a gateway URL address, displays a system login page, and displays different menu operation authorities after different user roles log in. After logging in, the system needs to obtain the information of the user name, the role, the tenant and the authority (user control system function menu) of the logged-in user information. When logging in, the background database checks whether the 'user name/password' is correct (user name/password is correct), if so, the following processing is continued, and if not, the operation is terminated by returning a prompt message 'user name or password is wrong'. After logging in, the user acquires the following information: role, tenant, authority information; and then enters the system.
Preferably, the gateway further comprises:
and the alarm module is used for alarming when the gateway flow fails.
The application sets an alarm rule and an alarm prompt, so that the user can manage the API conveniently.
In summary, the present invention provides a micro-service authentication optimization system requested by an upper layer application through a gateway, and the present invention encapsulates the self-service capability into an API, and opens the capability, service, and data in the form of API to a user for calling through the API gateway. The gateway only performs routing and authentication, IP, flow and other control, the front-end Path and API parameters are self-defined by an API provider, and an API caller checks and calls the uploaded document according to the API provider when calling. All requests of the client pass through the API gateway firstly, then the requests are routed to proper micro-services by the API gateway, the API is simply, quickly and safely constructed, managed and issued, the service capability of the application is efficiently opened, the calling cost is reduced, and the authentication mode is more convenient.
It is to be understood that the system embodiments provided above correspond to the apparatus embodiments described above, and the corresponding specific contents may be referred to each other, which is not described herein again.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of systems, devices (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including an instruction system which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. An upper layer application requests a micro-service authentication optimization system through a gateway, comprising: client, gateway and microservice; the client side carries out a micro-service request through the gateway;
the gateway includes: a Nginx reverse proxy server, gateway management, API gateway authentication service and log collection service;
the specific process of the client side for carrying out the bottom layer service request through the gateway is as follows:
the client requests a gateway authentication service through a Nginx reverse proxy server, the API gateway authentication service authenticates the request source, inquires routing data and gateway DB data in gateway management and feeds back the routing data and the gateway DB data to the gateway authentication service after the authentication is passed, and the API gateway authentication service requests a micro service through the Nginx reverse proxy server after receiving the data;
the log collection service is used for collecting logs after authentication, storing the log collection and carrying out data statistics.
2. The system of claim 1, wherein the gateway management comprises: API gateway management system, Redis and mongoDB;
the API gateway management system is used for authenticating the request source and sending the authenticated data to Redis and mongoDB;
the mongoDB is used for storing routing data and gateway DB data and synchronizing cache data in the Redis at regular time;
the Redis is used for caching the routing data and the gateway DB data and sending the routing data and the gateway DB data to the API gateway authentication service.
3. The system of claim 1, wherein the gateway authentication service authenticates the source of the request, comprising:
the API gateway authentication service performs IP access control, flow control strategy and signature key on a request source.
4. The system of claim 3, wherein the IP access control is set in the API gateway management system
White list management, which is used for setting a white list, wherein the white list is used for setting IP to allow a gateway request;
and the blacklist management is used for setting a blacklist, and the blacklist is used for rejecting the gateway request.
5. The system of claim 4, wherein the white list is set by:
adding a white list name;
a white list IP is set.
6. The system of claim 5, wherein the white list IP is:
domain name + path + english id.
7. The system of claim 1, wherein the log collection service comprises:
the Logstash is used for collecting original data;
and the Elasticissearch is used for cleaning the original data and storing the cleaned data.
8. The system of claim 7, wherein the raw data comprises:
the operation log data is used for carrying out positioning tracking query on the use condition of the user;
and calling log data for use in an API calling process of the system API gateway authentication service, which has problems and tracking management of any API calling process.
9. The system of claim 1, wherein the gateway further comprises:
the login module is used for registering a user with personal identity information and logging in the gateway;
the personal identity information comprises an identity card number, a mobile phone number and a name.
10. The system of any one of claims 1 to 9, wherein the gateway further comprises:
and the alarm module is used for alarming when the gateway flow fails.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011307379.2A CN112333201A (en) | 2020-11-20 | 2020-11-20 | Upper-layer application requests micro-service authentication optimization system through gateway |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011307379.2A CN112333201A (en) | 2020-11-20 | 2020-11-20 | Upper-layer application requests micro-service authentication optimization system through gateway |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112333201A true CN112333201A (en) | 2021-02-05 |
Family
ID=74321373
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011307379.2A Pending CN112333201A (en) | 2020-11-20 | 2020-11-20 | Upper-layer application requests micro-service authentication optimization system through gateway |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112333201A (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113572779A (en) * | 2021-07-28 | 2021-10-29 | 重庆允成互联网科技有限公司 | Gateway authentication system, method, computer equipment and storage medium |
CN113595788A (en) * | 2021-07-28 | 2021-11-02 | 上海华兴数字科技有限公司 | API gateway management method and device based on plug-in |
CN114124408A (en) * | 2021-11-26 | 2022-03-01 | 浪潮云信息技术股份公司 | Method and system for realizing back-end signature of API gateway |
CN114117401A (en) * | 2022-01-22 | 2022-03-01 | 深圳竹云科技股份有限公司 | API (application program interface) secure calling method, device, equipment and computer storage medium |
CN114338762A (en) * | 2021-12-15 | 2022-04-12 | 江苏银承网络科技股份有限公司 | Same city data open system, method, electronic equipment and storage medium |
CN114466076A (en) * | 2022-01-18 | 2022-05-10 | 上海数据交易中心有限公司 | API gateway architecture applied in general financial business scene and use method |
CN114827246A (en) * | 2022-03-18 | 2022-07-29 | 中国人寿保险股份有限公司 | Gateway flow control method and device, electronic equipment and storage medium |
CN114826725A (en) * | 2022-04-20 | 2022-07-29 | 微位(深圳)网络科技有限公司 | Data interaction method, device, equipment and storage medium |
CN114915435A (en) * | 2021-02-09 | 2022-08-16 | 网联清算有限公司 | Service data access method and system |
CN115118705A (en) * | 2022-06-28 | 2022-09-27 | 重庆大学 | Industrial edge management and control platform based on micro-service |
CN115134134A (en) * | 2022-06-23 | 2022-09-30 | 中国民航信息网络股份有限公司 | Information processing method, device and equipment |
CN115250195A (en) * | 2022-03-14 | 2022-10-28 | 上海广升信息技术股份有限公司 | Agent layer-based MQ connection expansion method and application thereof |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109327477A (en) * | 2018-12-06 | 2019-02-12 | 泰康保险集团股份有限公司 | Authentication method, device and storage medium |
CN109672612A (en) * | 2018-12-13 | 2019-04-23 | 中国电子科技集团公司电子科学研究院 | API gateway system |
-
2020
- 2020-11-20 CN CN202011307379.2A patent/CN112333201A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109327477A (en) * | 2018-12-06 | 2019-02-12 | 泰康保险集团股份有限公司 | Authentication method, device and storage medium |
CN109672612A (en) * | 2018-12-13 | 2019-04-23 | 中国电子科技集团公司电子科学研究院 | API gateway system |
Non-Patent Citations (1)
Title |
---|
温馨等: "基于OpenResty平台的API网关系统的设计与实现", 《信息化研究》 * |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114915435A (en) * | 2021-02-09 | 2022-08-16 | 网联清算有限公司 | Service data access method and system |
CN114915435B (en) * | 2021-02-09 | 2024-03-19 | 网联清算有限公司 | Service data access method and system |
CN113595788A (en) * | 2021-07-28 | 2021-11-02 | 上海华兴数字科技有限公司 | API gateway management method and device based on plug-in |
CN113595788B (en) * | 2021-07-28 | 2024-05-28 | 上海华兴数字科技有限公司 | API gateway management method and device based on plug-in |
CN113572779A (en) * | 2021-07-28 | 2021-10-29 | 重庆允成互联网科技有限公司 | Gateway authentication system, method, computer equipment and storage medium |
CN114124408A (en) * | 2021-11-26 | 2022-03-01 | 浪潮云信息技术股份公司 | Method and system for realizing back-end signature of API gateway |
CN114338762A (en) * | 2021-12-15 | 2022-04-12 | 江苏银承网络科技股份有限公司 | Same city data open system, method, electronic equipment and storage medium |
CN114466076A (en) * | 2022-01-18 | 2022-05-10 | 上海数据交易中心有限公司 | API gateway architecture applied in general financial business scene and use method |
CN114117401A (en) * | 2022-01-22 | 2022-03-01 | 深圳竹云科技股份有限公司 | API (application program interface) secure calling method, device, equipment and computer storage medium |
CN115250195A (en) * | 2022-03-14 | 2022-10-28 | 上海广升信息技术股份有限公司 | Agent layer-based MQ connection expansion method and application thereof |
CN114827246A (en) * | 2022-03-18 | 2022-07-29 | 中国人寿保险股份有限公司 | Gateway flow control method and device, electronic equipment and storage medium |
CN114827246B (en) * | 2022-03-18 | 2024-08-06 | 中国人寿保险股份有限公司 | Gateway flow control method and device, electronic equipment and storage medium |
CN114826725A (en) * | 2022-04-20 | 2022-07-29 | 微位(深圳)网络科技有限公司 | Data interaction method, device, equipment and storage medium |
CN114826725B (en) * | 2022-04-20 | 2024-04-16 | 微位(深圳)网络科技有限公司 | Data interaction method, device, equipment and storage medium |
CN115134134A (en) * | 2022-06-23 | 2022-09-30 | 中国民航信息网络股份有限公司 | Information processing method, device and equipment |
CN115118705A (en) * | 2022-06-28 | 2022-09-27 | 重庆大学 | Industrial edge management and control platform based on micro-service |
CN115118705B (en) * | 2022-06-28 | 2024-03-15 | 重庆大学 | Industrial edge management and control platform based on micro-service |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112333201A (en) | Upper-layer application requests micro-service authentication optimization system through gateway | |
US11818274B1 (en) | Systems and methods for trusted path secure communication | |
CN108989346B (en) | Third-party valid identity escrow agile authentication access method based on account hiding | |
JP6514218B2 (en) | Client authentication using social data | |
US20190140844A1 (en) | Identity-linked authentication through a user certificate system | |
CA2744971C (en) | Secure transaction authentication | |
CN101873331B (en) | Safety authentication method and system | |
KR102119449B1 (en) | Aggregation open api platform system, method for prividing financial services using the same and computer program for the same | |
WO2019109097A1 (en) | Identity verification document request handling utilizing a user certificate system and user identity document repository | |
EP3375135A1 (en) | Methods and systems for pki-based authentication | |
CN110572395B (en) | Identity verification method and system | |
CN111131301A (en) | Unified authentication and authorization scheme | |
CN112149105A (en) | Data processing system, method, related device and storage medium | |
CN102546664A (en) | User and authority management method and system for distributed file system | |
CN103297437A (en) | Safety server access method for mobile intelligent terminal | |
CN100514333C (en) | Data base safety access method and system | |
CN108632241B (en) | Unified login method and device for multiple application systems | |
CN107426223B (en) | Cloud document encryption and decryption method, cloud document encryption and decryption device and cloud document processing system | |
JP2017152880A (en) | Authentication system, key processing coordination method, and key processing coordination program | |
US20190288833A1 (en) | System and Method for Securing Private Keys Behind a Biometric Authentication Gateway | |
CN114462059A (en) | Table field level encryption and security access control method and system | |
CN113225351A (en) | Request processing method and device, storage medium and electronic equipment | |
US20140250499A1 (en) | Password based security method, systems and devices | |
CN111814186B (en) | Menu authority access control method of intelligent equipment operation platform | |
CN116756776A (en) | Access control method and device, desktop operating system login platform and processor |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210205 |
|
RJ01 | Rejection of invention patent application after publication |