CN112511399B - User quantity control method, device, equipment and computer readable storage medium - Google Patents

User quantity control method, device, equipment and computer readable storage medium Download PDF

Info

Publication number
CN112511399B
CN112511399B CN202011212071.XA CN202011212071A CN112511399B CN 112511399 B CN112511399 B CN 112511399B CN 202011212071 A CN202011212071 A CN 202011212071A CN 112511399 B CN112511399 B CN 112511399B
Authority
CN
China
Prior art keywords
user
virtual system
online
target
sslvpn
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011212071.XA
Other languages
Chinese (zh)
Other versions
CN112511399A (en
Inventor
陆永贵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN202011212071.XA priority Critical patent/CN112511399B/en
Publication of CN112511399A publication Critical patent/CN112511399A/en
Application granted granted Critical
Publication of CN112511399B publication Critical patent/CN112511399B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The application provides a user quantity control method, wherein when an import request triggered by an equipment administrator is detected, a License file requested to be imported is imported into a target server; the target server is configured with at least two virtual systems, and the configuration content in the License file of the target server comprises the maximum number of online users allowed by SSLVPN under each virtual system on the target server. Therefore, although one server device is configured with a plurality of virtual systems, only one License file needs to be imported for the server device, the method is flexible and convenient, the workload of the device administrator can be effectively reduced, and unified management is easy.

Description

User quantity control method, device, equipment and computer readable storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for controlling a number of users.
Background
With the development of science and technology, the performance of a Central Processing Unit (CPU) is continuously improved, and due to the improvement of the performance of the CPU, one SSLVPN server can be configured with a large number of virtual systems. The SSLVPN is a Virtual Private Network (VPN) technology for establishing a remote secure access channel based on a secure Socket Layer-SSL.
The License file is a file for authorizing the SSLVPN server of the maximum number of users that can be online at the same time. In the traditional SSLVPN allowed online user quantity control technology, a license file is imported into a virtual system of an SSLVPN server, and the number of online users allowed by the SSLVPN of the virtual system is controlled by authorization of the license file. However, when a large number of virtual systems are configured in one SSLVPN server, if the prior art scheme is used to control the maximum number of online users allowed by the SSLVPN in the virtual system, an equipment administrator needs to apply and import a large number of license files, which is heavy in workload and not easy to manage in a unified manner.
Disclosure of Invention
In view of this, the present application provides a user quantity control method, device and computer readable storage medium, which can reduce the workload of a device administrator and facilitate unified management.
Specifically, the method is realized through the following technical scheme:
a user quantity control method is applied to a target server, and the target server is provided with at least two virtual systems, and the method comprises the following steps:
when an import request triggered by a device administrator is detected, importing a License file requested to be imported into the target server;
the configuration content in the License file includes the maximum number of online users allowed for the SSLVPN under each virtual system on the target server, where the SSLVPN is a virtual private network technology that establishes a remote secure access channel based on a secure socket layer protocol.
A user amount control apparatus applied to a target server configuring at least two virtual systems, comprising:
the file importing unit is used for importing the License file requested to be imported into the target server after an importing request triggered by a device administrator is detected;
the configuration content in the License file includes the maximum number of online users allowed for the SSLVPN under each virtual system on the target server, where the SSLVPN is a virtual private network technology that establishes a remote secure access channel based on a secure socket layer protocol.
An electronic device, comprising: a processor, a memory;
the memory for storing a computer program;
the processor is used for executing the user quantity control method by calling the computer program.
A computer-readable storage medium, on which a computer program is stored, which program, when executed by a processor, implements the above-mentioned user quantity control method.
According to the technical scheme provided by the application, after an import request triggered by an equipment administrator is detected, the License file requested to be imported is imported into the target server; the target server is configured with at least two virtual systems, and the configuration content in the License file of the target server comprises the maximum number of online users allowed by SSLVPN under each virtual system on the target server. Therefore, although one server device is configured with a plurality of virtual systems, only one License file needs to be imported for the server device, the method is flexible and convenient, the workload of the device administrator can be effectively reduced, and unified management is easy.
Drawings
Fig. 1 is a schematic flow chart of a user quantity control method according to the present application;
FIG. 2 is a schematic diagram illustrating a user login process according to the present application;
fig. 3 is a schematic diagram illustrating the components of a user quantity control apparatus according to the present application;
fig. 4 is a schematic structural diagram of an electronic device shown in the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if," as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination," depending on the context.
Prior to describing the embodiments of the present application, technical terms related to the embodiments of the present application will be described first.
SSLVPN: VPN technology for establishing remote secure access channel based on secure Socket Layer-SSL (secure Socket Layer-SSL).
License file: a file for authorizing a SSLVPN server for a maximum number of users that can be online at the same time.
User login name: the number of users authorized by the License file and capable of logging in the SSLVPN server, for example, the number of online users authorized by one License file is 100, the login name of the user of the device is 100, and each user occupies one login name after logging in successfully.
Online user number pool: the system is used for storing the user login quota available for the current server equipment, and each logged-in SSLVPN user needs to apply for a successful user login quota from the online user number pool to allow the server equipment to be logged in.
Public system: when the server device starts the virtual system function, the public system is also used as a virtual system.
Virtual system: one and the same environment can be virtualized on an existing operating system and the application can be run in the virtual environment.
Two control techniques for the number of online users allowed by the virtual system based SSLVPN are described below:
in the first technical solution, a license file needs to be separately imported to the virtual system to control the number of allowed online users of the SSLVPN. Specifically, in this scheme, a License file is respectively imported to each virtual system, and the number of online users allowed by the SSLVPN of the corresponding virtual system is controlled by the number of online users authorized in the License file.
In the second technical solution, the number of online users allowed by the virtual system needs to be set to a fixed value in the code, so as to fix the number of online users allowed by the SSLVPN of each virtual system. According to the scheme, manual configuration by a device administrator is not needed, namely, the device administrator does not need to apply for License files and import License files, but the device administrator also loses the control authority on the maximum online user number allowed by the SSLVPN in the virtual system.
It can be seen that, on the premise of ensuring the specific control authority of the device administrator for the maximum number of online users allowed by the SSLVPN in the virtual system, the above-mentioned control scheme for the number of SSLVPN online users in the virtual system is not flexible (i.e. the above-mentioned first technical scheme), because when the server device starts a large number of virtual systems and needs to use the SSLVPN service in the virtual system, it needs to apply for and import a License file to each virtual system in order to control the number of online users in the virtual system, and the device administrator needs a large amount of configuration work.
Based on the above, if the License file is imported to each virtual system to control the maximum number of online users allowed by the SSLVPN, the workload of the device administrator is greatly increased, and uniform management is not easy to perform; in addition, the above technical solution cannot dynamically control the total number of online users of all virtual systems of one server device. Therefore, in order to simplify the configuration process of the device administrator and uniformly manage the maximum number of online users allowed by the SSLVPN under these virtual systems, a new technology for controlling the maximum number of online users allowed by the SSLVPN based on the virtual systems is required.
In order to solve the above technical problem, an embodiment of the present application provides a user quantity control method, with which the maximum number of online users allowed by the SSLVPN in each virtual system on the server device can be controlled, and compared with the above two technical solutions, the method can more flexibly and dynamically control the number of online users of the SSLVPN in all virtual systems of one server device, simplify the work of a device administrator, and further improve the utilization rate of the number of online users authorized by the License file.
Referring to fig. 1, a flow diagram of a user quantity control method provided in this embodiment of the present application is shown, where the method is applied to a target server (a server device that implements user quantity control by using the method is defined as a target server), and the target server is configured with at least two virtual systems. The method may comprise the steps of:
s101: and when an import request triggered by a device administrator is detected, importing the License file requested to be imported into the target server.
The configuration content in the License file includes the maximum number of online users allowed for the SSLVPN in each virtual system on the target server, and the SSLVPN is a VPN technology for establishing a remote secure access channel based on a secure socket layer protocol.
The device administrator in S101 is a device administrator of the target server, and the device administrator may request to log in the target server, and after successfully logging in the target server, import the License file into the target server. The method is characterized in that two or more than two virtual systems are configured on one server device (namely a target server), a device administrator only needs to import one License file into the target server, in the License file, the device administrator configures the maximum number of allowed online users for each virtual system to control the number of the allowed online users of each virtual system, and the method is flexible and convenient, can reduce the workload of the device administrator and is easy to uniformly manage.
In the embodiment of the present application, the configuration content in the License file may be configured by the device administrator under the public system of the target server. Specifically, the device administrator may configure the maximum number of online users allowed by the SSLVPN in each virtual system of the target server in the public system, but the actual maximum number of online users in each virtual system may not necessarily reach the value configured by the device administrator, and the actual number of online users in each virtual system may be affected by the number of online users in other virtual systems of the target server.
For each virtual system of the target server, in order to control the maximum number of online users allowed by the SSLVPN under the virtual system, the device administrator can only configure the maximum number of online users allowed by the SSLVPN under the virtual system under the public system, however, in the virtual system, the device administrator can only read the maximum number of online users allowed by the SSLVPN assigned under the virtual system.
In the embodiment of the present application, the maximum number of online users allowed by the SSLVPN in each virtual system on the target server is configured based on the historical usage of the SSLVPN in each virtual system. Specifically, the device administrator can configure the maximum number of online users allowed by the SSLVPN in each virtual system according to the historical usage of the SSLVPN in different virtual systems.
Further, the embodiment of the application can also dynamically control the number of online SSLVPN users of the target server, that is, a device administrator imports a License file into the target server under a public system, and can control the number of user login names in the online user number pool of the target server through License file authorization.
Specifically, referring to the schematic diagram of the user login process shown in fig. 2, the method may include the following steps:
s201: when a first user requests to log in a target virtual system, the number of online users of the target virtual system and the number of occupied user login denominations in an online user number pool of a target server are determined.
S202: and judging whether the first user is allowed to log in the target virtual system or not according to the number of the online users of the target virtual system and the number of the occupied user login names in the online user number pool.
In the embodiment of the present application, each SSLVPN user regarding the target server is defined herein as a first user; when the first user requests to log in, the first user requests to log in a virtual system in the target server, where the virtual system requested to log in by the first user is defined as the target virtual system, that is, the target virtual system is one of at least two virtual systems configured by the target server.
With respect to each virtual system configured by the target server, although the device administrator configures the maximum number of online users allowed by the SSLVPN for the virtual system through the License file, the actual number of online users may be limited by some constraints. Specifically, when a first user logs in the target virtual system, not only the number of online users of the target virtual system but also the number of occupied user login names in the online user number pool of the target server need to be obtained to determine whether available user login names exist, if yes, the first user will log in successfully, and if not, the first user will fail to log in.
In this embodiment, after the step S202 "determines whether to allow the first user to log in the target virtual system", if the first user is allowed to log in the target virtual system, a user login quota is allocated to the first user from the online user number pool.
It should be noted that, whether the user under each virtual system is allowed to log in or not may be determined according to the first-come-first-serve principle, that is, the user requesting to log in first applies for a user login denomination from the online user number pool of the target server, and only the user successfully applying for the user login denomination can log in. When the user login quota in the online user number pool is used up, the user under any subsequent virtual system is not allowed to login. In addition, for each user who is already online, if the online user is offline, a user login name is released, and at the moment, a user login name is added to the online user number pool.
In S201, when the first user requests to log in the target virtual system, login authentication may be performed, and after the login authentication is successful, the number of online users of the target virtual system and the number of occupied user login denominations in the online user number pool of the target server are determined through S201, and then S202 is performed.
In an implementation manner of the embodiment of the present application, the determining, in the step S202, whether to allow the first user to log in the target virtual system according to the number of online users of the target virtual system and the number of occupied user login names in the online user number pool may specifically include:
step a 1: comparing the number of online users of the target virtual system with the maximum number of online users allowed by the SSLVPN under the target virtual system;
step a 2: comparing the occupied user login name amount in the online user number pool with the total user login name amount in the online user number pool;
step a 3: and judging whether the first user is allowed to log in the target virtual system or not according to the comparison result.
In the implementation mode, the target server records the total number of occupied user login names of all the virtual systems; moreover, the SSLVPN service under each virtual system records the total number of user login denominations in the online user number pool of the destination server, and records the maximum online user number allowed by the SSLVPN under the current virtual system and the online SSLVPN user number of the current virtual system, so for the target virtual system, the SSLVPN service under the target virtual system records the total number of user login denominations in the online user number pool, the maximum online user number allowed by the SSLVPN under the target virtual system, and the online user number of the target virtual system.
Based on these recorded contents, a comparison may be made through steps A1-A2, and based on the comparison result, a determination may be made as to whether the first user is permitted to log into the target virtual system. It should be noted that the execution order of step a1 and step a2 is not limited in the embodiments of the present application.
In an implementation manner of this embodiment, the "determining whether to allow the first user to log in the target virtual system according to the comparison result" in the step a3 may specifically include:
and if the number of the online users of the target virtual system is equal to the maximum number of the online users allowed by the SSLVPN under the target virtual system, or the number of the occupied user login names in the online user number pool is equal to the total number of the user login names in the online user number pool, not allowing the first user to login the target virtual system.
In the implementation manner, after the first user successfully logs in and authenticates, whether the first user is allowed to log in is judged, and two judgment conditions are provided, wherein the two judgment conditions are that the number of the SSLVPN users of the target virtual system which are online is compared with the maximum number of the online users allowed by the target virtual system, whether the two judgment conditions are equal, and the second judgment condition is that the number of the user login names which are occupied in the online user number pool of the target server is compared with the total number of the user login names in the online user number pool, whether the two judgment conditions are equal, and when the judgment result of any one of the two conditions is equal, the first user is not allowed to log in. And if the first user is allowed to log in, adding one to the number of the online users of the target virtual system, and adding one to the number of the login names of the occupied users in the online user number pool.
In the user quantity control method provided in the embodiment of the present application, after an import request triggered by an equipment administrator is detected, a License file requested to be imported is imported to a target server; the target server is configured with at least two virtual systems, and the configuration content in the License file of the target server comprises the maximum number of online users allowed by SSLVPN under each virtual system on the target server. Therefore, in the embodiment of the present application, an equipment administrator may configure, in one License file, the number of online users allowed by the SSLVPN for each virtual system of the target server to control the number of online users allowed for each virtual system, and therefore, although one server equipment configures a plurality of virtual systems, only one License file needs to be imported for the server equipment, the method is flexible and convenient, the workload of the equipment administrator can be effectively reduced, and unified management is easy.
Based on the above, in the embodiment of the present application, the number of online users allowed by the SSLVPN of each virtual system may be controlled, and the number of online users of the SSLVPNs of all virtual systems in one server device may be dynamically controlled. Through the simplified configuration process, the device administrator can be effectively helped to control the number of online users allowed by the SSLVPN of all virtual systems.
Referring to fig. 3, a schematic composition diagram of a user quantity control apparatus provided in an embodiment of the present application, the apparatus is applied to a target server, and the target server is configured with at least two virtual systems, and the apparatus includes:
a file importing unit 301, configured to, after an import request triggered by a device administrator is detected, import a License file requested to be imported into the target server;
the configuration content in the License file includes the maximum number of online users allowed for the SSLVPN under each virtual system on the target server, where the SSLVPN is a virtual private network technology that establishes a remote secure access channel based on a secure socket layer protocol.
In an implementation manner of the embodiment of the present application, the method further includes:
when a first user requests to log in a target virtual system, determining the number of online users of the target virtual system and the number of occupied user login names in an online user number pool of the target server, wherein the target virtual system is one of at least two virtual systems configured by the target server;
and judging whether the first user is allowed to log in the target virtual system or not according to the number of the online users of the target virtual system and the number of the occupied user login names in the online user number pool.
In an implementation manner of the embodiment of the present application, the determining whether to allow the first user to log in the target virtual system according to the number of online users of the target virtual system and the number of occupied user login names in the online user number pool includes:
comparing the number of online users of the target virtual system with the maximum number of online users allowed by SSLVPN under the target virtual system;
comparing the occupied user login name amount in the online user number pool with the total user login name amount in the online user number pool;
and judging whether the first user is allowed to log in the target virtual system or not according to the comparison result.
In an implementation manner of the embodiment of the present application, the determining whether to allow the first user to log in the target virtual system according to the comparison result includes:
and if the number of the online users of the target virtual system is equal to the maximum number of the online users allowed by the SSLVPN under the target virtual system, or the number of the occupied user login names in the online user number pool is equal to the total number of the user login names in the online user number pool, not allowing the first user to log in the target virtual system.
In an implementation manner of the embodiment of the present application, the method further includes:
and if the first user is allowed to log in the target virtual system, allocating a user login name for the first user from the online user number pool.
In an implementation manner of the embodiment of the present application, the configuration content in the License file is configured by the device administrator under a public system of the target server.
In an implementation manner of the embodiment of the present application, the maximum number of online users allowed by the SSLVPN in each virtual system on the target server is configured based on the historical usage of the SSLVPN in each virtual system.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
An embodiment of the present application further provides an electronic device, a schematic structural diagram of the electronic device is shown in fig. 4, where the electronic device 4000 includes at least one processor 4001, a memory 4002, and a bus 4003, and the at least one processor 4001 is electrically connected to the memory 4002; the memory 4002 is configured to store at least one computer-executable instruction, and the processor 4001 is configured to execute the at least one computer-executable instruction, thereby performing the steps of any of the user quantity control methods as provided by any of the embodiments or any alternative implementations of the present application.
Further, the processor 4001 may be an FPGA (Field-Programmable Gate Array) or other devices with logic processing capability, such as an MCU (micro controller Unit) and a CPU (Central processing Unit).
By applying the embodiment of the application, the device administrator can configure the number of online users allowed by the SSLVPN for each virtual system of the target server in one License file to control the number of the online users allowed for each virtual system, so that although one server device is configured with a plurality of virtual systems, only one License file needs to be introduced into the server device, the method is flexible and convenient, the workload of the device administrator can be effectively reduced, and unified management is easy.
The embodiments of the present application further provide another computer-readable storage medium, which stores a computer program, where the computer program is used for implementing, when executed by a processor, the steps of any one of the user quantity control methods provided in any one of the embodiments or any one of the optional implementation manners of the present application.
The computer-readable storage medium provided by the embodiments of the present application includes, but is not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magneto-optical disks, ROMs (Read-Only memories), RAMs (Random Access memories), EPROMs (Erasable Programmable Read-Only memories), EEPROMs (Electrically Erasable Programmable Read-Only memories), flash memories, magnetic cards, or optical cards. That is, a readable storage medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer).
By applying the embodiment of the application, the device administrator can configure the number of online users allowed by the SSLVPN for each virtual system of the target server in one License file to control the number of the online users allowed for each virtual system, so that although one server device is configured with a plurality of virtual systems, only one License file needs to be introduced into the server device, the method is flexible and convenient, the workload of the device administrator can be effectively reduced, and unified management is easy.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.

Claims (10)

1. A user quantity control method is applied to a target server, wherein the target server is provided with at least two virtual systems, and the method comprises the following steps:
when an import request triggered by a device administrator is detected, importing a License file requested to be imported into the target server;
the configuration content in the License file includes the maximum number of online users allowed for the SSLVPN under each virtual system on the target server, where the SSLVPN is a virtual private network technology that establishes a remote secure access channel based on a secure socket layer protocol.
2. The method of claim 1, further comprising:
when a first user requests to log in a target virtual system, determining the number of online users of the target virtual system and the number of occupied user login names in an online user number pool of the target server, wherein the target virtual system is one of at least two virtual systems configured by the target server;
and judging whether the first user is allowed to log in the target virtual system or not according to the number of the online users of the target virtual system and the number of the occupied user login names in the online user number pool.
3. The method of claim 2, wherein determining whether to allow the first user to log into the target virtual system according to the number of online users of the target virtual system and the number of occupied user login names in the online user number pool comprises:
comparing the number of online users of the target virtual system with the maximum number of online users allowed by SSLVPN under the target virtual system;
comparing the occupied user login name amount in the online user number pool with the total user login name amount in the online user number pool;
and judging whether the first user is allowed to log in the target virtual system or not according to the comparison result.
4. The method of claim 3, wherein determining whether to allow the first user to log into the target virtual system based on the comparison comprises:
and if the number of the online users of the target virtual system is equal to the maximum number of the online users allowed by the SSLVPN under the target virtual system, or the number of the occupied user login names in the online user number pool is equal to the total number of the user login names in the online user number pool, not allowing the first user to log in the target virtual system.
5. The method according to any one of claims 2-4, further comprising:
and if the first user is allowed to log in the target virtual system, allocating a user login name for the first user from the online user number pool.
6. The method of any of claims 1-4, wherein the configuration content in the License file is configured by the device administrator under a common system of the target server.
7. The method according to any one of claims 1-4, wherein the maximum number of online users allowed by the SSLVPN per virtual system on the target server is configured based on the historical usage of the SSLVPN per virtual system.
8. An apparatus for controlling the number of users, the apparatus being applied to a target server, the target server being configured with at least two virtual systems, the apparatus comprising:
the file importing unit is used for importing the License file requested to be imported into the target server after an importing request triggered by a device administrator is detected;
the configuration content in the License file includes the maximum number of online users allowed for the SSLVPN under each virtual system on the target server, where the SSLVPN is a virtual private network technology that establishes a remote secure access channel based on a secure socket layer protocol.
9. An electronic device, comprising: a processor, a memory;
the memory for storing a computer program;
the processor is configured to execute the user quantity control method according to any one of claims 1 to 7 by calling the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the method for controlling the number of users of any one of claims 1 to 7.
CN202011212071.XA 2020-11-03 2020-11-03 User quantity control method, device, equipment and computer readable storage medium Active CN112511399B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011212071.XA CN112511399B (en) 2020-11-03 2020-11-03 User quantity control method, device, equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011212071.XA CN112511399B (en) 2020-11-03 2020-11-03 User quantity control method, device, equipment and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN112511399A CN112511399A (en) 2021-03-16
CN112511399B true CN112511399B (en) 2021-12-24

Family

ID=74955245

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011212071.XA Active CN112511399B (en) 2020-11-03 2020-11-03 User quantity control method, device, equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN112511399B (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101141460A (en) * 2007-08-20 2008-03-12 中兴通讯股份有限公司 Permission control method and system of service function in cluster system
CN101316182A (en) * 2007-05-30 2008-12-03 杭州华三通信技术有限公司 Authorization number control method and equipment of user terminal
CN101964800A (en) * 2010-10-21 2011-02-02 神州数码网络(北京)有限公司 Method for authenticating digital certificate user in SSL VPN
CN103258151A (en) * 2012-10-30 2013-08-21 中国科学院沈阳自动化研究所 Real-time authorization software License control method
CN107679371A (en) * 2017-09-25 2018-02-09 用友网络科技股份有限公司 Software license control method, device, computer equipment and readable storage medium storing program for executing
CN107766699A (en) * 2016-08-16 2018-03-06 新华三技术有限公司 A kind of authorized appropriation method and apparatus
CN108092984A (en) * 2017-12-25 2018-05-29 新华三技术有限公司 A kind of authorization method of applications client, device and equipment
CN109063423A (en) * 2018-07-16 2018-12-21 北京知道创宇信息技术有限公司 application software authorization method and system
CN109547435A (en) * 2018-11-23 2019-03-29 新华三信息安全技术有限公司 A kind of authorization and authentication method and device
CN110798466A (en) * 2019-10-29 2020-02-14 西安雷风电子科技有限公司 Verification method and system for software license in virtual machine scene

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9055064B2 (en) * 2009-12-28 2015-06-09 Citrix Systems, Inc. Systems and methods for a VPN ICA proxy on a multi-core system

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101316182A (en) * 2007-05-30 2008-12-03 杭州华三通信技术有限公司 Authorization number control method and equipment of user terminal
CN101141460A (en) * 2007-08-20 2008-03-12 中兴通讯股份有限公司 Permission control method and system of service function in cluster system
CN101964800A (en) * 2010-10-21 2011-02-02 神州数码网络(北京)有限公司 Method for authenticating digital certificate user in SSL VPN
CN103258151A (en) * 2012-10-30 2013-08-21 中国科学院沈阳自动化研究所 Real-time authorization software License control method
CN107766699A (en) * 2016-08-16 2018-03-06 新华三技术有限公司 A kind of authorized appropriation method and apparatus
CN107679371A (en) * 2017-09-25 2018-02-09 用友网络科技股份有限公司 Software license control method, device, computer equipment and readable storage medium storing program for executing
CN108092984A (en) * 2017-12-25 2018-05-29 新华三技术有限公司 A kind of authorization method of applications client, device and equipment
CN109063423A (en) * 2018-07-16 2018-12-21 北京知道创宇信息技术有限公司 application software authorization method and system
CN109547435A (en) * 2018-11-23 2019-03-29 新华三信息安全技术有限公司 A kind of authorization and authentication method and device
CN110798466A (en) * 2019-10-29 2020-02-14 西安雷风电子科技有限公司 Verification method and system for software license in virtual machine scene

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
SSL VPN在远程访问图书馆数字资源中的应用研究;徐贲;《科技信息》;20090615(第17期);全文 *
一种针对虚拟机的应用软件License认证方法;weixin_30662539;《blog.csdn.net/weixin_30662539/article/details/98699673》;20150312;全文 *
使用GPU配置Horizon虚拟桌面;王春海;《网络安全和信息化》;20200605(第06期);全文 *

Also Published As

Publication number Publication date
CN112511399A (en) 2021-03-16

Similar Documents

Publication Publication Date Title
CN108062248B (en) Resource management method, system, equipment and storage medium of heterogeneous virtualization platform
US10833949B2 (en) Extension resource groups of provider network services
WO2017143975A1 (en) Access control method and platform
CA2811041C (en) Methods and systems for dynamically managing requests for computing capacity
CN103384237B (en) Method for sharing IaaS cloud account, shared platform and network device
CN101771689B (en) Method and system for enterprise network single-sign-on by a manageability engine
CN108259422B (en) Multi-tenant access control method and device
US20120290455A1 (en) System and Method for Providing Computer Services
US12106132B2 (en) Provider network service extensions
CN110113369A (en) A kind of method for authenticating of based role permission control
CN106844111B (en) Access method of cloud storage network file system
WO2015179406A1 (en) Restricted accounts on a mobile platform
KR20090106541A (en) Time based permissioning
US11949737B1 (en) Allocation of server resources in remote-access computing environments
US20190190846A1 (en) Dynamic management of computing platform resources
CN108462752B (en) Method and system for accessing shared network, VPC management equipment and readable storage medium
CN112019543A (en) Multi-tenant permission system based on BRAC model
US9590997B2 (en) System and method for accessing a service
CN115865502A (en) Authority management and control method, device, equipment and storage medium
CN105991624A (en) Safety management method and device of server
EP2725513B1 (en) Managing permission settings applied to applications
US10140443B2 (en) Authentication source selection
US20220382590A1 (en) Cloud provider account mappings
CN112511399B (en) User quantity control method, device, equipment and computer readable storage medium
CN105282145A (en) Multi-data center user access control method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant