CN112580013A - Multi-system information interaction method and device - Google Patents
Multi-system information interaction method and device Download PDFInfo
- Publication number
- CN112580013A CN112580013A CN201910944626.0A CN201910944626A CN112580013A CN 112580013 A CN112580013 A CN 112580013A CN 201910944626 A CN201910944626 A CN 201910944626A CN 112580013 A CN112580013 A CN 112580013A
- Authority
- CN
- China
- Prior art keywords
- service
- information
- user information
- portal
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 72
- 230000003993 interaction Effects 0.000 title claims description 38
- 210000004258 portal system Anatomy 0.000 claims abstract description 163
- 238000004140 cleaning Methods 0.000 claims abstract description 31
- 238000012545 processing Methods 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 abstract description 17
- 238000005516 engineering process Methods 0.000 abstract description 13
- 238000010586 diagram Methods 0.000 description 15
- 230000006870 function Effects 0.000 description 12
- 230000000694 effects Effects 0.000 description 10
- 238000011161 development Methods 0.000 description 7
- 238000004590 computer program Methods 0.000 description 6
- 238000013475 authorization Methods 0.000 description 5
- 230000010354 integration Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000006243 chemical reaction Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 210000001503 joint Anatomy 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000009827 uniform distribution Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000007474 system interaction Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/41—User authentication where a single sign-on provides access to a plurality of computers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
- G06F16/215—Improving data quality; Data cleansing, e.g. de-duplication, removing invalid entries or correcting typographical errors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/546—Message passing systems or structures, e.g. queues
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Quality & Reliability (AREA)
- Data Mining & Analysis (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a method and a device for interacting multi-system information. Wherein, the method comprises the following steps: receiving user information, wherein the user information is used for requesting a service system to provide services; and sending the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple. The invention solves the technical problems of low efficiency and complex process when the user performs multi-system authentication in the related technology.
Description
Technical Field
The invention relates to the field of system interaction, in particular to a method and a device for interacting multi-system information.
Background
The multi-system user integration is very important for the multi-system integration, and the unified management of single sign-on, single sign-off, real-time synchronization and the like of users and the unified management of refinement, classification and the like of each user authority are involved. The method can effectively avoid disorder of users and authorities and improve the use experience of the clients on the multiple systems.
In the related technology, an oauth unified authentication center is usually adopted, and all systems log in according to an oauth protocol, wherein each system can access the oauth service, so that the development work is increased, and the expansibility of multiple systems is not facilitated; rights assignment is uniformly assigned to the certificate authority, but in most cases only relatively coarse-grained rights can be assigned, such as: login authority, etc., and if fine-grained authority needs to be allocated, for example: the internal authorities of each system, such as the roles of each user in each system, need to be counted and uniformly configured in the oauth authentication center, if the authorities are modified once, the authorities need to be configured again, a large amount of human resources and time cost are consumed in the process, and the maintenance is difficult along with the operation of projects.
In view of the above problems, no effective solution has been proposed.
Disclosure of Invention
The embodiment of the invention provides a multi-system information interaction method and device, which are used for at least solving the technical problems of low efficiency and complex process when a user performs multi-system authentication in the related art.
According to an aspect of an embodiment of the present invention, a method for interacting multiple system information is provided, including: receiving user information, wherein the user information is used for requesting a service system to provide services; and sending the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple.
Optionally, sending the user information to a portal system having a first authentication protocol includes: establishing a first authentication protocol with the portal system; authenticating the portal system through the first authentication protocol; and under the condition that the portal system passes the authentication, sending the user information to the portal system in a message queue mode.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by the portal system, wherein the service information is sent to the portal system by the service system under the condition that the information in the service system is changed, and then is forwarded outwards by the portal system; and updating the role information according to the service information, wherein the service information comprises a functional service and role information corresponding to the functional service.
According to another aspect of the embodiments of the present invention, there is also provided a method for multi-system information interaction, including: receiving user information sent by a global authentication center with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information received by the global authentication center, and the number of the service systems is multiple; cleaning the user information according to the information format requirement of a service system; and sending the cleaned user information to the service system, wherein the service system has a second authentication protocol.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by the service system, wherein the service information is sent to the service information by the service system, and the service information is sent under the condition that the information of the service system is updated or modified; and sending the service information to the global authentication center, wherein the global authentication center updates the role information according to the service information, and the service information comprises a functional service and role information corresponding to the functional service.
According to another aspect of the embodiments of the present invention, there is also provided a multi-system information interaction system, including: the system comprises a global authentication center, a portal system and a plurality of service systems; the system comprises a global authentication center, a service system and a central processing unit, wherein the global authentication center is used for receiving user information, and the user information is used for requesting the service system to provide services; sending the user information to a portal system with a first authentication protocol; the portal system is used for receiving the user information sent by the global authentication center and cleaning the user information; sending the cleaned user information to a service system, wherein the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple; and the service system is used for receiving the user information sent by the portal system and providing corresponding services for the account corresponding to the user information.
According to another aspect of the embodiments of the present invention, there is also provided a storage medium, where the storage medium includes a stored program, and when the program runs, a device in which the storage medium is located is controlled to execute any one of the above methods.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including at least one processor, and at least one memory and a bus connected to the processor; the processor and the memory complete mutual communication through the bus; the processor is used for calling the program instructions in the memory so as to execute the multi-system information interaction method.
In the embodiment of the invention, the user information is received, wherein the user information is used for requesting a service system to provide services; the method comprises the steps of sending user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of a service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, the number of the service systems is multiple, the portal system collects multiple systems, and only the authentication protocol needs to be established with the portal system, so that the aim of performing authentication interaction with the service system through the portal system fast and efficiently is fulfilled, the technical effect of improving the authentication interaction efficiency with the multiple systems is achieved, and the technical problems of low efficiency and complex process of the user in the related technology under the condition of performing multi-system authentication are solved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the application and, together with the description, serve to explain the application and are not intended to limit the application. In the drawings:
FIG. 1 is a flow chart of a method for interacting multi-system information according to an embodiment of the present invention;
FIG. 2 is a flow chart of another method of interacting multi-system information, according to an embodiment of the invention;
FIG. 3 is a schematic diagram of multi-system authentication system data interaction according to an embodiment of the invention;
FIG. 4 is a schematic diagram of a multi-system information interaction system according to an embodiment of the invention;
fig. 5 is a schematic diagram of an apparatus according to an embodiment of the invention.
Detailed Description
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged under appropriate circumstances such that embodiments of the application described herein may be used. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For convenience of description, some terms or expressions referred to in the embodiments of the present application are explained below:
CAS is an abbreviation of Central Authentication Service, a Central Authentication Service, and an independent open command protocol, which is used as a multi-user integrated transit Authentication Service in the present scheme.
oauth: the OAUTH is an open protocol, a simple and standard mode is provided for desktop, mobile phone or web application to access API service requiring user authorization, in the scheme, the OAUTH service is used as a global authentication center, and multiple systems perform login authentication according to the OAUTH protocol.
In accordance with an embodiment of the present invention, there is provided a method embodiment of a method of interacting between systems information, it being noted that the steps illustrated in the flowchart of the drawings may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowchart, in some cases the steps illustrated or described may be performed in an order different than presented herein.
Fig. 1 is a flowchart of a method for interacting multi-system information according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
step S102, receiving user information, wherein the user information is used for requesting a service system to provide services;
and step S104, sending the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple.
Through the steps, receiving user information, wherein the user information is used for requesting a service system to provide services; the method comprises the steps of sending user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of a service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, the number of the service systems is multiple, the portal system collects multiple systems, and only the authentication protocol needs to be established with the portal system, so that the aim of performing authentication interaction with the service system through the portal system fast and efficiently is fulfilled, the technical effect of improving the authentication interaction efficiency with the multiple systems is achieved, and the technical problems of low efficiency and complex process of the user in the related technology under the condition of performing multi-system authentication are solved.
The execution main body of the above steps may be a global authentication center, which is an authentication center of a third party requesting a service system, in the related art, the global authentication center authenticates a plurality of service systems by an open authorization protocol oauth, the plurality of service systems are connected to the global authentication center, the open authorization protocol is established, and a communication connection is established, each service system and the global authentication center have respective authority authentication to perform data interaction, however, when the authority of one service system changes, the authority of the global authentication center and the plurality of service systems needs to be reconfigured, which is time-consuming, labor-consuming, and low in efficiency.
The embodiment provides an interaction method for multi-system information, the global authentication center sends user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information, the portal system sends the cleaned user information to a service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple. The first authentication protocol may be the open authorization protocol, and the second authentication protocol may be an independent open command protocol, such as cas. The global authentication center indirectly performs data interaction with a plurality of service systems through the portal system, and the portal system can not only integrate the similar systems, but also clean the data from and to the outside to eliminate useless data and improve the data transmission speed.
The portal system may be configured for the plurality of service systems, specifically, the plurality of service systems are classified first, each class includes a plurality of systems, the service systems of the same class are connected to the same portal system, and interact with the global authentication center through the portal system. The portal system is provided with a cas authentication module, a cas protocol and api are exposed to each back-end system, namely, each back-end system only needs to be connected with the cas authentication of the portal cas, each original system manages users and authorities respectively, programming is processed in a cas mode by the portal system in a unified mode, and multiple development of the same function is prevented. Therefore, the portal system and the service system communicate with each other through the cas protocol.
Under the condition that the global authentication center requests the service system to provide the service through the portal system, the user information sent by the global authentication center also comprises a service identifier for identifying the service system, and the portal system can determine the service system corresponding to the user information through the service identifier and send the user information to the service system.
It should be noted that, before the global certificate authority sends the user information, the user information needs to be received, where the user information is used to request the service system to provide the service. Specifically, the third party includes a user interaction device, and the device performs a task to the global authentication center, and the global authentication center receives feedback from the service system and transmits the feedback to the user interaction device for display.
Optionally, the sending the user information to the portal system having the first authentication protocol includes: establishing a first authentication protocol with a portal system; authenticating the portal system through a first authentication protocol; and under the condition that the portal system passes the authentication, sending the user information to the portal system in a message queue mode.
The two parties of the first authentication protocol, namely the global authentication center and the portal system, can authenticate each other, the portal system authenticates the user information through the first authentication protocol, and the portal system receives the user information under the condition that the user information authentication is passed.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Specifically, the user information includes a user account and role information corresponding to the user account, for example, the user account with the mobile phone number of 123456789 and the usage role of the user using the software a may indicate that the user opens the software, enters the role state, and needs the corresponding service system to provide the corresponding service. In addition, different services in the service system correspond to different roles, and the service data returned by the service system can also include role information for verification by the global authentication center.
The data of the service requested by the global authentication center is information sent from the global authentication center to the service system through the portal system, and in addition, the information can also be sent from the service system to the global authentication center, for example, the service information sent by the portal system is received, wherein the service information is sent to the portal system by the service system under the condition that the information in the service system is changed, and then is forwarded outwards through the portal system; and updating the role information according to the service information, wherein the service information comprises the function service and the role information corresponding to the function service.
Fig. 2 is a flowchart of another method for interacting multisystem information according to an embodiment of the present invention, and as shown in fig. 2, according to another aspect of the embodiment of the present invention, there is also provided a method for interacting multisystem information, including:
step S202, receiving user information sent by a global authentication center with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information received by the global authentication center, and the number of the service systems is multiple;
step S204, cleaning the user information according to the information format requirement of the service system;
step S206, cleaning user information; and sending the cleaned user information to a service system, wherein the service system has a second authentication protocol.
The executing body of the above steps can be a portal system, and through the above steps, receiving user information is adopted, wherein the user information is used for requesting a service system to provide services; the user information is sent to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information, the portal system sends the cleaned user information to a service system, the service system and the portal system have a second authentication protocol, the number of the service systems is in a plurality of modes, the multiple systems are gathered through the portal system, the authentication protocol only needs to be established with the portal system, the purpose of performing authentication interaction with the service system through the portal system fast and efficiently is achieved, the technical effect of improving the authentication interaction efficiency with the multiple systems is achieved, and the technical problems of low efficiency and complex process of the user in the related technology under the condition of performing the multiple system authentication are solved.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by a service system, wherein the service information is the service information sent by the service system, and sending the service information under the condition of updating or modifying the information of the service system; and sending the service information to a global authentication center, wherein the global authentication center updates role information according to the service information, and the service information comprises the functional service and the role information corresponding to the functional service.
According to another aspect of the embodiments of the present invention, there is also provided a method for multi-system information interaction, including:
receiving user information sent by a portal system with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information sent by a global authentication center which is received and cleaned by the portal system, and the portal system and the global authentication center have a second authentication protocol;
and providing corresponding service for the account corresponding to the user information.
The executing body of the above steps can be a service system, and through the above steps, receiving user information is adopted, wherein the user information is used for requesting the service system to provide services; the user information is sent to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information, the portal system sends the cleaned user information to a service system, the service system and the portal system have a second authentication protocol, the number of the service systems is in a plurality of modes, the multiple systems are gathered through the portal system, the authentication protocol only needs to be established with the portal system, the purpose of performing authentication interaction with the service system through the portal system fast and efficiently is achieved, the technical effect of improving the authentication interaction efficiency with the multiple systems is achieved, and the technical problems of low efficiency and complex process of the user in the related technology under the condition of performing the multiple system authentication are solved.
It should be noted that this embodiment also provides an alternative implementation, which is described in detail below.
In the embodiment, multi-system user integration is very important for multi-system integration, and the unified management of single sign-on, single sign-off, real-time synchronization and the like of users and the unified management of refinement, classification and the like of each user authority are involved. The method can effectively avoid disorder of users and authorities and improve the use experience of the clients on the multiple systems.
In the related technology, an oauth unified authentication center is adopted, all systems log in according to an oauth protocol, and each system can access the oauth service, so that the development work is increased, and the expansibility of multiple systems is not facilitated; the authority is distributed to the authentication center for uniform distribution, but in most cases, only relatively coarse-grained authority (login authority and the like) can be distributed, if fine-grained authority (such as the role of each user in each system and the like) needs to be distributed, statistics needs to be carried out for uniform distribution in the oauth authentication center, if the authority is modified, the authority needs to be reconfigured again, a large amount of human resources and time cost are consumed in the process, and the maintenance is difficult along with the operation of the project. The new access system needs to adapt the oauth protocol, which is not favorable for the system expansibility; it is difficult to assign fine-grained permissions.
The implementation mode is solved through system classification and portal system design, the systems are classified firstly, each system comprises a plurality of systems, the systems of the same type only need to be connected with the portal system, the portal system interacts with an oauth authentication center, the portal system serves as an adapter, and meanwhile, the portal supports a plurality of authentication modes (shiro, LDAP and the like). The main problem solved by the patent is how to design a portal system supporting multiple protocols and share and synchronize information of users, roles, organizations and the like among the systems.
Fig. 3 is a schematic diagram of data interaction of a multi-system authentication system according to an embodiment of the present invention, and as shown in fig. 3, a portal system in this scheme mainly uses a cas authentication center as a core and coordinates resources such as users, roles, and organizations between systems. The idea is as follows:
1: the cas authentication module of the portal system exposes a cas protocol and api to each back-end system, namely, each back-end system only needs to be docked with the cas authentication of the portal cas, and each original system manages users and authorities respectively, so that the existing system can process the cas uniformly, and multiple development of the same function is prevented.
2: the same type of system is connected with a portal, which requires that the portal system has good compatibility, for example, oauth, when the system needs to be integrated into a project taking an oauth (Open Authorization) protocol as an authentication condition, only the portal needs to support the oauth protocol, the portal is communicated with an oauth authentication center, and then the control right is handed over to the oauth authentication center.
3: after the user logs in and the authority authentication is given to oauth for control, the synchronization and the refinement of the user and the authority are involved, and the synchronization is carried out in an mq mode in the scheme, and a type identifier is appointed to each system for distinguishing which system the user and the role belong to:
3.1: users and roles generated by each service system are firstly pushed to a portal client in an mq (Message queue) mode;
3.2: the portal terminal receives data from each service system in a subscription mode, the data is cleaned (unnecessary information is removed, conversion between related information and a data format is added and the like) at the portal terminal, and after the data is cleaned, the data is pushed to a global authentication center through mq by the portal system;
3.3: the authentication center receives the cleaned data (which conforms to the data format defined by the authentication center) from the portal end in a subscription mode, and the data is kept by the authentication center for page display.
4: the authentication center end is connected to each service system end, if the authentication center end needs to add a user and endows the user with related authority, the authentication center end also adopts the following steps that:
4.1: user and role data generated by the authentication center are pushed to a portal terminal in an mq mode;
4.2: the portal terminal receives data from the authentication center in a subscription mode, the data is cleaned at the portal terminal (unnecessary information is removed, conversion between related information and a data format is added, and the like), and after the data is cleaned, the data is respectively pushed to each business system by the portal system through mq according to different data types;
4.3, each business system receives the cleaned data from the portal end in a subscription mode (the data format conforms to the definition of each business system), and each business system keeps the received data for the display of the relevant page of each business system.
Configuring a portal system authentication address: configuring the authentication address of the portal system in each business system to complete the butt joint with the portal system;
configuring a global authentication center: configuring an address of a global authentication center in a portal system, selecting an authentication mode of oauth (supporting shiro, LDAP and the like), and adding an oauth protocol default client ID and a secret key (used for accessing a general service system);
address of configuration mq: the mq address is used for a channel for pushing user information, needs to be configured in several places of each service system, a portal system and a global authentication center, and needs to define different message subscription modes for distinguishing the types of user messages, and needs to configure a data receiving channel and a data sending channel.
Subsequent product systems in the same group do not need to be only in butt joint with corresponding portal systems, and the portal systems are used for customized modification, such as replacement of a global authentication center and data structures of users and roles, and the like, so that the working efficiency can be effectively improved. The key technology is that under the condition of multi-system integration, service systems of the same category are integrated, users and authority parts in the service systems are abstracted and extracted, a portal system is used for cleaning data and supporting multiple authentication modes, the previous service systems are respectively connected with a global authentication center, and the prior service systems are changed into the prior service systems which only need to be connected with the portal system and then directly connected with the global authentication center through the portal system, so that even if the authentication protocol of the global authentication center is changed, only the authentication mode of the portal system needs to be modified, the service systems do not need to do extra development work, the development amount of the service systems is reduced, the reusability of the service systems is increased, and the development efficiency of the service systems is improved.
According to another aspect of the embodiments of the present invention, there is also provided a device for multi-system information interaction, including: a first receiving module and a first sending module, which are described in detail below.
The first receiving module is used for receiving user information, wherein the user information is used for requesting a service system to provide services; and the first sending module is connected with the first receiving module and used for sending the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple.
By the device, the first receiving module is adopted to receive the user information, wherein the user information is used for requesting the service system to provide the service; the first sending module sends the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, the number of the service systems has a plurality of modes, the portal system collects the multiple systems, and only the authentication protocol needs to be established with the portal system, so that the aim of performing authentication interaction with the service system through the portal system quickly and efficiently is fulfilled, the technical effect of improving the authentication interaction efficiency with the multiple systems is achieved, and the technical problems of low efficiency and complex process of the user in the condition of performing multi-system authentication in the related technology are solved.
The data processing device comprises a processor and a memory, wherein the first receiving module and the first sending module are stored in the memory as program module units, and the processor executes the program module units stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and the Wien diagram and the keywords are displayed simultaneously by adjusting the kernel parameters, so that the use effect is improved.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
According to another aspect of the embodiments of the present invention, there is also provided a device for multi-system information interaction, including: a second receiving module, a cleaning module and a second sending module, which are described in detail below.
The second receiving module is used for receiving user information sent by a global authentication center with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information received by the global authentication center, and the number of the service systems is multiple; the cleaning module is connected with the second receiving module and is used for cleaning the user information according to the information format requirement of the service system; and the second sending module is connected with the cleaning module and used for sending the cleaned user information to the service system, wherein the service system has a second authentication protocol.
By the device, a second receiving module is adopted to receive user information sent by a global authentication center with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information received by the global authentication center, and the number of the service systems is multiple; the cleaning module cleans the user information according to the information format requirement of the service system; the second sending module sends the cleaned user information to the service system, wherein the service system has a second authentication protocol mode, the multiple systems are gathered through the portal system, and only the authentication protocol needs to be established with the portal system, so that the aim of performing authentication interaction with the service system through the portal system quickly and efficiently is fulfilled, the technical effect of improving the authentication interaction efficiency with the multiple systems is achieved, and the technical problems of low efficiency and complex process of the user in the related technology under the condition of performing multi-system authentication are solved.
The data processing device comprises a processor and a memory, the second receiving module, the cleaning module and the second sending module are stored in the memory as program module units, and the processor executes the program module units stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and the Wien diagram and the keywords are displayed simultaneously by adjusting the kernel parameters, so that the use effect is improved.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by a service system, wherein the service information is the service information sent by the service system, and sending the service information under the condition of updating or modifying the information of the service system; and sending the service information to a global authentication center, wherein the global authentication center updates role information according to the service information, and the service information comprises the functional service and the role information corresponding to the functional service.
According to another aspect of the embodiments of the present invention, there is also provided a device for multi-system information interaction, including: a third receiving module and a service module, which are described in detail below.
The third receiving module is used for receiving user information sent by a portal system with a first authentication protocol, wherein the user information is used for requesting the service system to provide services, the user information is used for receiving and cleaning the user information sent by the global authentication center by the portal system, and the portal system and the global authentication center have a second authentication protocol; and the service module is connected with the third receiving module and used for providing corresponding services for the account corresponding to the user information.
By the device, a third receiving module is adopted to receive user information sent by a portal system with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is used for receiving and cleaning the user information sent by a global authentication center by the portal system, and the portal system and the global authentication center have a second authentication protocol; the service module provides a corresponding service mode for the account corresponding to the user information, the multi-system is collected through the portal system, and only an authentication protocol needs to be established with the portal system, so that the aim of performing authentication interaction with the service system through the portal system quickly and efficiently is fulfilled, the technical effect of improving the authentication interaction efficiency with the multi-system is achieved, and the technical problems of low efficiency and complex process of the user in the related technology under the condition of performing multi-system authentication are solved.
The data processing device comprises a processor and a memory, the third receiving module and the service module are stored in the memory as program module units, and the processor executes the program module units stored in the memory to realize corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and the Wien diagram and the keywords are displayed simultaneously by adjusting the kernel parameters, so that the use effect is improved.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
Fig. 4 is a schematic diagram of a multisystem information interaction system according to an embodiment of the present invention, and as shown in fig. 4, according to another aspect of the embodiment of the present invention, there is further provided a multisystem information interaction system, including:
a global authentication center 42, a portal system 44, and a plurality of business systems 46; a global authentication center 42, configured to receive user information, where the user information is used to request a service system to provide a service; sending the user information to a portal system with a first authentication protocol; the portal system 44 is used for receiving the user information sent by the global authentication center and cleaning the user information; sending the cleaned user information to a service system, wherein the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple; and the service system 46 is configured to receive the user information sent by the portal system, and provide a corresponding service for an account corresponding to the user information.
According to another aspect of the embodiments of the present invention, there is also provided a storage medium including a stored program, wherein when the program runs, a device in which the storage medium is located is controlled to execute the method of any one of the above.
According to another aspect of the embodiments of the present invention, there is also provided a processor, configured to execute a program, where the program executes to perform the method of any one of the above.
According to another aspect of the embodiments of the present invention, there is also provided an electronic device, including at least one processor, and at least one memory and a bus connected to the processor; the processor and the memory complete mutual communication through a bus; the processor is used for calling the program instructions in the memory so as to execute the method for interacting the multi-system information.
An apparatus is provided in an embodiment of the present invention, the apparatus includes a processor, a memory, and the apparatus is stored on the memory and can be provided in an embodiment of the present invention, fig. 5 is a schematic structural diagram of an apparatus according to an embodiment of the present invention, as shown in fig. 5, an apparatus 500 includes at least one processor 501, and at least one memory 502 and a bus 503 connected to the processor 501; the processor 501 and the memory 502 complete communication with each other through the bus 503; the processor 501 is used to call program instructions in the memory 502 to execute the above-described method of web embedded application interaction. The device herein may be a server, a PC, a PAD, a mobile phone, etc.
A program running on a processor, the processor implementing the following steps when executing the program: receiving user information, wherein the user information is used for requesting a service system to provide services; and sending the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple.
Optionally, the sending the user information to the portal system having the first authentication protocol includes: establishing a first authentication protocol with a portal system; authenticating the portal system through a first authentication protocol; and under the condition that the portal system passes the authentication, sending the user information to the portal system in a message queue mode.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by a portal system, wherein the service information is sent to the portal system by the service system under the condition that the information in the service system is changed, and then is forwarded outwards by the portal system; and updating the role information according to the service information, wherein the service information comprises the function service and the role information corresponding to the function service.
The processor may also implement the following steps when executing the program: receiving user information sent by a global authentication center with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information received by the global authentication center, and the number of the service systems is multiple; cleaning user information according to the information format requirement of the service system; and sending the cleaned user information to a service system, wherein the service system has a second authentication protocol.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by a service system, wherein the service information is the service information sent by the service system, and sending the service information under the condition of updating or modifying the information of the service system; and sending the service information to a global authentication center, wherein the global authentication center updates role information according to the service information, and the service information comprises the functional service and the role information corresponding to the functional service.
The device in the application can be a server, a PC, a PAD, a mobile phone and the like.
The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device: receiving user information, wherein the user information is used for requesting a service system to provide services; and sending the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple.
Optionally, the sending the user information to the portal system having the first authentication protocol includes: establishing a first authentication protocol with a portal system; authenticating the portal system through a first authentication protocol; and under the condition that the portal system passes the authentication, sending the user information to the portal system in a message queue mode.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by a portal system, wherein the service information is sent to the portal system by the service system under the condition that the information in the service system is changed, and then is forwarded outwards by the portal system; and updating the role information according to the service information, wherein the service information comprises the function service and the role information corresponding to the function service.
It is also possible to execute a program which initializes the following method steps: receiving user information sent by a global authentication center with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information received by the global authentication center, and the number of the service systems is multiple; cleaning user information according to the information format requirement of the service system; and sending the cleaned user information to a service system, wherein the service system has a second authentication protocol.
Optionally, the user information includes a user account and role information corresponding to the user account, where the role information is used for being referred by the service system to provide a service corresponding to the role information.
Optionally, the method further includes: receiving service information sent by a service system, wherein the service information is the service information sent by the service system, and sending the service information under the condition of updating or modifying the information of the service system; and sending the service information to a global authentication center, wherein the global authentication center updates role information according to the service information, and the service information comprises the functional service and the role information corresponding to the functional service.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a device includes one or more processors (CPUs), memory, and a bus. The device may also include input/output interfaces, network interfaces, and the like.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip. The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined in this embodiment, the computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A multi-system information interaction method is characterized by comprising the following steps:
receiving user information, wherein the user information is used for requesting a service system to provide services;
and sending the user information to a portal system with a first authentication protocol, wherein the portal system is used for cleaning the user information according to the information format requirement of the service system and sending the cleaned user information to the service system, the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple.
2. The method of claim 1, wherein sending the user information to a portal system having a first authentication protocol comprises:
establishing a first authentication protocol with the portal system;
authenticating the portal system through the first authentication protocol;
and under the condition that the portal system passes the authentication, sending the user information to the portal system in a message queue mode.
3. The method according to claim 2, wherein the user information includes a user account and role information corresponding to the user account, and wherein the role information is used for being referred by the service system to provide a service corresponding to the role information.
4. The method of claim 3, further comprising:
receiving service information sent by the portal system, wherein the service information is sent to the portal system by the service system under the condition that the information in the service system is changed, and then is forwarded outwards by the portal system;
and updating the role information according to the service information, wherein the service information comprises a functional service and role information corresponding to the functional service.
5. A method for multi-system information interaction is characterized by comprising the following steps:
receiving user information sent by a global authentication center with a first authentication protocol, wherein the user information is used for requesting a service system to provide services, the user information is the user information received by the global authentication center, and the number of the service systems is multiple;
cleaning the user information according to the information format requirement of a service system;
and sending the cleaned user information to the service system, wherein the service system has a second authentication protocol.
6. The method according to claim 5, wherein the user information includes a user account and role information corresponding to the user account, and wherein the role information is used for being referred by the service system to provide a service corresponding to the role information.
7. The method of claim 6, further comprising:
receiving service information sent by the service system, wherein the service information is sent to the service information by the service system, and the service information is sent under the condition that the information of the service system is updated or modified;
and sending the service information to the global authentication center, wherein the global authentication center updates the role information according to the service information, and the service information comprises a functional service and role information corresponding to the functional service.
8. A multi-system information interaction system is characterized by comprising: the system comprises a global authentication center, a portal system and a plurality of service systems;
the system comprises a global authentication center, a service system and a central processing unit, wherein the global authentication center is used for receiving user information, and the user information is used for requesting the service system to provide services; sending the user information to a portal system with a first authentication protocol;
the portal system is used for receiving the user information sent by the global authentication center and cleaning the user information; sending the cleaned user information to a service system, wherein the service system and the portal system have a second authentication protocol, and the number of the service systems is multiple;
and the service system is used for receiving the user information sent by the portal system and providing corresponding services for the account corresponding to the user information.
9. A storage medium, comprising a stored program, wherein the program, when executed, controls an apparatus in which the storage medium is located to perform the method of any one of claims 1 to 7.
10. An electronic device comprising at least one processor, and at least one memory, bus connected to the processor; the processor and the memory complete mutual communication through the bus; the processor is used for calling program instructions in the memory to execute the method for interacting the multi-system information according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910944626.0A CN112580013A (en) | 2019-09-30 | 2019-09-30 | Multi-system information interaction method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910944626.0A CN112580013A (en) | 2019-09-30 | 2019-09-30 | Multi-system information interaction method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112580013A true CN112580013A (en) | 2021-03-30 |
Family
ID=75117241
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910944626.0A Pending CN112580013A (en) | 2019-09-30 | 2019-09-30 | Multi-system information interaction method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112580013A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020069081A1 (en) * | 2000-10-31 | 2002-06-06 | Ingram Aubrey Lee | Methods and systems for providing employment management services over a network |
| CN101227470A (en) * | 2008-01-30 | 2008-07-23 | 中兴通讯股份有限公司 | System and method of business management |
| CN101478416A (en) * | 2009-02-02 | 2009-07-08 | 中国网络通信集团公司 | Service processing method, synthetic service platform and service processing system |
| CN101860521A (en) * | 2009-04-13 | 2010-10-13 | 中国联合网络通信集团有限公司 | Authentication treatment method and system |
| CN105162779A (en) * | 2015-08-20 | 2015-12-16 | 南威软件股份有限公司 | Method for using uniform user authentication in multiple systems |
| CN108243183A (en) * | 2017-12-20 | 2018-07-03 | 北京车和家信息技术有限公司 | Integrated control method, system and the computer equipment of gate system |
| CN109495468A (en) * | 2018-11-09 | 2019-03-19 | 南京医渡云医学技术有限公司 | Authentication method, device, electronic equipment and storage medium |
-
2019
- 2019-09-30 CN CN201910944626.0A patent/CN112580013A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020069081A1 (en) * | 2000-10-31 | 2002-06-06 | Ingram Aubrey Lee | Methods and systems for providing employment management services over a network |
| CN101227470A (en) * | 2008-01-30 | 2008-07-23 | 中兴通讯股份有限公司 | System and method of business management |
| CN101478416A (en) * | 2009-02-02 | 2009-07-08 | 中国网络通信集团公司 | Service processing method, synthetic service platform and service processing system |
| CN101860521A (en) * | 2009-04-13 | 2010-10-13 | 中国联合网络通信集团有限公司 | Authentication treatment method and system |
| CN105162779A (en) * | 2015-08-20 | 2015-12-16 | 南威软件股份有限公司 | Method for using uniform user authentication in multiple systems |
| CN108243183A (en) * | 2017-12-20 | 2018-07-03 | 北京车和家信息技术有限公司 | Integrated control method, system and the computer equipment of gate system |
| CN109495468A (en) * | 2018-11-09 | 2019-03-19 | 南京医渡云医学技术有限公司 | Authentication method, device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110191031B (en) | Network resource access method and device and electronic equipment | |
| CN102202289B (en) | Method and system for remote calling software and hardware resources through mobile terminal | |
| CN102035849B (en) | Method, equipment and system for realizing resource management in cloud computing | |
| CN103384237A (en) | Method for sharing IaaS cloud account, shared platform and network device | |
| US9753786B2 (en) | Client server communication system | |
| CN112925647A (en) | Cloud edge coordination system, and control method and device of cluster resources | |
| EP2838243B1 (en) | Capability aggregation and exposure method and system | |
| CN102196035A (en) | Unified web service discovery | |
| WO2017041562A1 (en) | Method and device for identifying user identity of terminal device | |
| CN108053088A (en) | A kind of Subscriber Management System, method and apparatus | |
| US10360057B1 (en) | Network-accessible volume creation and leasing | |
| WO2009094890A1 (en) | A service scheduling method and the system, apparatus for scheduling services | |
| WO2016095524A1 (en) | Resource allocation method and apparatus | |
| CN103813329A (en) | Capability calling method and capability opening system | |
| CN115567251A (en) | Multi-service isolation method and system for micro-service cluster | |
| WO2024169595A1 (en) | Service invocation method in hybrid cloud environment, and electronic device and system | |
| CN113361913A (en) | Communication service arranging method, device, computer equipment and storage medium | |
| CN110691042A (en) | Resource allocation method and device | |
| CN114465791B (en) | Method and device for establishing white list in network management equipment, storage medium and processor | |
| CN114221959A (en) | Service sharing method, device and system | |
| US9760412B2 (en) | Client server communication system | |
| US11595871B2 (en) | Systems and methods for securely sharing context between MEC clusters | |
| CN103379148A (en) | Cloud calculator and method for processing files through cloud calculator | |
| CN112580013A (en) | Multi-system information interaction method and device | |
| CN116781764A (en) | Long-connection task execution method and device and related equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |