CN112751811A - Website authentication method and device, storage medium and electronic equipment - Google Patents

Website authentication method and device, storage medium and electronic equipment Download PDF

Info

Publication number
CN112751811A
CN112751811A CN201911053027.6A CN201911053027A CN112751811A CN 112751811 A CN112751811 A CN 112751811A CN 201911053027 A CN201911053027 A CN 201911053027A CN 112751811 A CN112751811 A CN 112751811A
Authority
CN
China
Prior art keywords
target
authentication
website
plug
route
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911053027.6A
Other languages
Chinese (zh)
Other versions
CN112751811B (en
Inventor
张星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Gridsum Technology Co Ltd
Original Assignee
Beijing Gridsum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Gridsum Technology Co Ltd filed Critical Beijing Gridsum Technology Co Ltd
Priority to CN201911053027.6A priority Critical patent/CN112751811B/en
Publication of CN112751811A publication Critical patent/CN112751811A/en
Application granted granted Critical
Publication of CN112751811B publication Critical patent/CN112751811B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Abstract

The invention discloses an authentication method and device for a website, a storage medium and electronic equipment. The method can comprise the following steps: acquiring a target plug-in, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in. By the method and the device, the technical effect of improving the website authentication efficiency is achieved.

Description

Website authentication method and device, storage medium and electronic equipment
Technical Field
The invention relates to the field of internet, in particular to an authentication method and device for a website, a storage medium and electronic equipment.
Background
At present, basically all websites need to be authenticated, but a plurality of websites in a set of product lines often have the same authentication mode although the functions are different and the parameters during authentication are different.
Although the method can realize the authentication of the websites, each website only relies on the authentication system to authenticate the website, and the authentication system needs to be docked once, so that the workload is increased, the labor cost is wasted, and if the authentication system is changed, all websites need to be docked again, so that the technical problem of low website authentication efficiency exists.
Aiming at the problem of low authentication efficiency of websites in the prior art, no effective solution is provided at present.
Disclosure of Invention
The invention mainly aims to provide a website authentication method, a website authentication device, a storage medium and electronic equipment, so as to at least solve the technical problem of low website authentication efficiency.
In order to achieve the above object, according to one aspect of the present invention, there is provided an authentication method of a website. Acquiring a target plug-in, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in.
Optionally, the method further comprises: under the condition that the target website is connected with the authentication system, if the authentication logic for authenticating the target route by the authentication system needs to be modified into a second authentication logic from the first authentication logic, the authentication information included by the target plug-in is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included by the target plug-in.
Optionally, the authentication information is preconfigured in the target plugin and is used to authenticate a plurality of routes, including the target route.
Optionally, obtaining the target plug-in comprises: and acquiring a target plug-in configured by a gateway of the target website.
Optionally, the obtaining of the target plug-in configured by the gateway of the target website includes: acquiring first configuration information for configuring a target route by a gateway of a target website; and determining at least the first configuration information as authentication information to obtain the target plug-in.
Optionally, the method further comprises: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
Optionally, after authenticating the configured target route according to the authentication information included in the target plugin, the method further includes: and forwarding the interface information of the authenticated target route through the gateway of the target website according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
In order to achieve the above object, according to another aspect of the present invention, there is also provided an authentication apparatus for a website. The device includes: the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a target plug-in, and the target plug-in comprises authentication information used for authenticating a target route of a target website; the configuration unit is used for configuring the target plug-in unit to the target route; and the authentication unit is used for authenticating the configured target route according to the authentication information included by the target plug-in.
According to the invention, the target plug-in is obtained, wherein the target plug-in comprises authentication information for authenticating the target route of the target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in. That is, the invention authenticates the target route of the target website through the plug-in, the authentication scheme is uniformly developed and maintained by the target plug-in, and the goal that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, that is, the authentication logic is transferred to the target plug-in from the original authentication system to be realized, thereby avoiding the problem that the website only depends on the authentication system to authenticate the website, and the authentication system needs to be docked once, which results in the increase of workload and the waste of labor cost, thereby solving the technical problem of low website authentication efficiency and achieving the technical effect of improving the website authentication efficiency.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the invention and, together with the description, serve to explain the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of an authentication method of a website according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a system for enabling authentication of a web site according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating an authentication apparatus of a website according to an embodiment of the present invention; and
fig. 4 is a schematic diagram of an electronic device according to an embodiment of the invention.
Detailed Description
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged under appropriate circumstances such that embodiments of the application described herein may be used. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
The embodiment of the invention provides an authentication method for a website.
Fig. 1 is a flowchart of an authentication method of a website according to an embodiment of the present invention. As shown in fig. 1, the method may include the steps of:
step S102, a target plug-in is obtained, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website.
In the technical solution provided in the above step S102 of the present invention, the target plug-in is a program that follows a certain specification and is written according to an application program interface, and may be an authentication plug-in that is externally hung on a target route of the target website, and is used for indicating an authentication scheme for authenticating the target route of the target website, where the authentication scheme includes authentication information for authenticating the target route of the target website. The target route is a route of a target website that needs to be authenticated, the target website may be a product of a docking authentication system, for example, any product of a plurality of products in a set of product lines, each product may have a plurality of routes, the routes of all products that need to be docked with the authentication system may be externally hung with the target plugin, the authentication information of the target plugin for different products may be different, the authentication information may be used to indicate an authentication logic, the authentication logic may be a logic that determines whether a cache (Cookie) includes a certain value, a logic that queries whether information of a current user exists in a database, and the like, and no limitation is made here. The authentication system is another set of system for authenticating the route independent from the target plug-in, and may be a unified account system of a company, for example, when the route is authenticated, the user account is determined to be legal under the condition that the user account exists, and the user account is determined to be invalid under the condition that the user account does not exist, and the authentication logic corresponding to the authentication information in the target plug-in may be to check the ID of the user, and if the ID of the user exists, the user account is determined to be legal, and the user account is determined to be invalid under the condition that the ID of the user does not exist.
And step S104, configuring the target plug-in to the target route.
In the technical solution provided in the above step S104 of the present invention, after the target plug-in is obtained, the target plug-in is configured to the target route, and a program corresponding to the target plug-in may be written into the target route, that is, the target plug-in is added to the target route, and the target plug-in is supported to be pluggable, that is, if the target route needs to be authenticated, the target plug-in is configured, and if the target route does not need to be authenticated, the target plug-in does not need to be configured, for example, the route a needs to be processed in the target plug-in, the route a is determined to be the target route, and the target plug-in is configured to the route a, and for example, the route B does not need to be processed in the target plug-in, and the target plug-in is not configured to the.
And step S106, authenticating the configured target route according to the authentication information included by the target plug-in.
In the technical solution provided in step S106 of the present invention, after configuring the target plugin to the target route, authenticating the configured target route according to the authentication information included in the target plugin, optionally, in this embodiment, before forwarding Application Programming Interface (API) information of the target route through a gateway of the target website, the configured target route needs to be authenticated according to the authentication information included in the target plugin, and a processing manner indicated by the authentication information in the target plugin may be performed on the target route, for example, a processing manner of adding information in the target plugin before forwarding Interface information, or a processing manner of allocating a Token (Token) to a login user, and then invoking an Interface to determine whether the Token is valid or not, and whether the Token is expired or not, and no limitation is made here.
Alternatively, if the implementation does not configure any plug-in for the target route, the target route only needs to forward simple interface information.
As an alternative example, the target plug-in of this embodiment may be multiple and each target plug-in may include different authentication information for authenticating the target route of the target website. Optionally, when the target route is authenticated by a plurality of target plug-ins, the priority order of the plurality of target plug-ins may be set, so that the target route is authenticated by each target plug-in turn according to the priority order. The priority order can be flexibly set according to the importance degree, the requirement and the like of the target plug-in for authenticating the target route.
Through the steps S202 to S206 of the present application, a target plug-in is obtained, where the target plug-in includes authentication information for authenticating a target route of a target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in. That is, the invention authenticates the target route of the target website through the target plug-in, the authentication scheme is uniformly developed and maintained by the target plug-in, that is, the authentication logic is transferred to the target plug-in from the original authentication system to be realized, and the goal that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, thereby avoiding the problem that the workload is increased and the labor cost is wasted because the website is authenticated only by the authentication system and the authentication system needs to be docked once, further solving the technical problem of low website authentication efficiency and achieving the technical effect of improving the website authentication efficiency.
The steps of the above-described method of this embodiment are further described below.
As an optional implementation manner, in the case that the target website is docked with the authentication system, if the authentication logic for authenticating the target route by the authentication system needs to be modified from the first authentication logic to the second authentication logic, the authentication information included in the target plug-in is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included by the target plug-in.
In this embodiment, the target website may only interface with the authentication system once, and the authentication of the target route by the authentication system may be performed by the target plug-in. Optionally, it is detected whether the first authentication logic for authenticating the target route by the authentication system is modified. If it is detected that the first authentication logic of the authentication system needs to be modified into the second authentication logic, the authentication information included in the target plug-in can be modified only according to the second authentication logic, that is, if the authentication logic of the authentication system is modified, only the target plug-in needs to be modified, for example, the original authentication logic of the authentication system is the logic which determines the successful authentication if the Cookie contains a certain value, and needs to be modified into the logic which inquires whether the information of the current user exists in the database, only the logic of the target plug-in needs to be modified according to the modified logic, the target website does not need to be modified, so that the problem that the website is authenticated only depending on the authentication system and needs to be docked once is avoided, if the authentication system is modified, all websites docked with the authentication system also need to be modified and the authentication system is docked again is avoided, the problems of high maintenance cost and low working efficiency are caused, so that the maintenance cost is greatly reduced, and the working efficiency is improved.
As another alternative, different authentication parameters are configured to the preset template to generate the authentication information, so that when the authentication information included in the target plugin is modified according to the second authentication logic, the parameters of the template may be modified according to the second authentication logic, so as to obtain the modified authentication information.
As another optional example, the target website may interface with multiple authentication systems at a time, each authentication system authenticates the target route in the target website through a corresponding target plugin, so that multiple target plugins corresponding to multiple authentication systems are required to authenticate the target route, and the priority order of the multiple target plugins may be set, so that the target route is authenticated sequentially through each target plugin according to the priority order. The priority order can be flexibly set according to the importance degree, the requirement and the like of the target plug-in for authenticating the target route.
As an optional implementation, the authentication information is pre-configured in the target plug-in and is used to authenticate a plurality of routes, including the target route.
In this embodiment, the target plug-in includes authentication information, which is configured in advance in the target plug-in, and is developed and maintained in a unified manner, and the authentication information may be used to authenticate multiple routes in the target website, that is, may authenticate any route in the target website that needs to be authenticated, and may be configured to the target plug-in only once in advance through a gateway of the target website, thereby greatly reducing labor waste, and further achieving a technical effect of improving website authentication efficiency.
As another optional example, if the authentication information in the target plugin needs to be modified, that is, the corresponding authentication logic needs to be modified, the modified whole authentication information or part of the authentication information that needs to be modified may be issued in a unified manner through the gateway of the target website, each route that has been configured with the target plugin may automatically replace the original authentication information of the target plugin with the modified authentication information in a unified manner according to the modified whole authentication information, or modify the original corresponding part of the authentication information of the target plugin according to the part of the authentication information that needs to be modified, to obtain the modified authentication information, that is, once the authentication information in the target plugin needs to be modified, the plurality of routes that have been configured with the target plugin may also update the original authentication information to the modified authentication information in a linkage manner, so as to achieve the purpose of modifying the authentication information of the target plugin in a unified manner, the method and the device avoid the problems of high maintenance cost and low working efficiency caused by the fact that the website authentication only depends on the authentication system, the authentication system needs to be docked once, if the authentication system is modified, all websites docked with the authentication system need to be modified, and the authentication system is docked again, so that the maintenance cost is greatly reduced, and the working efficiency is improved.
As an optional implementation manner, in step S102, acquiring the target plug-in includes: and acquiring a target plug-in configured by a gateway of the target website.
In this embodiment, the gateway of the target website involved in the above method may be configured to forward the request of the target website to the target address, so as to implement network interconnection on the transport layer, and as a most complex network interconnection device, may be configured to interconnect two different networks of a higher-layer protocol. The gateway of the embodiment can be used for customizing the target plug-in, releasing the target plug-in to the route needing to be configured with the target plug-in, and adding pluggable configuration to the route of the target website needing to be configured with the target plug-in, so that the plug-in is realized.
As an alternative embodiment, obtaining the target plug-in configured by the gateway of the target website includes: acquiring first configuration information for configuring a target route by a gateway of a target website; and determining at least the first configuration information as authentication information to obtain the target plug-in.
In this embodiment, the gateway of the destination website may also support the configuration of any route to uniformly process different routes before forwarding the interface information. The embodiment may obtain first configuration information that the gateway configures the target route, and may be request information, for example, an API request, a static Resource request, a front-end Uniform Resource Locator (URL) request, and the like, which is not limited herein. After obtaining the first configuration information configuring the target route by the gateway of the target website, the first configuration information may be determined as the authentication information of the target plugin.
As an optional implementation, the method further comprises: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
The embodiment may further respond to a target operation instruction input by the user to obtain second configuration information of the target website, where the second configuration information is a configuration parameter meeting the requirement of the target plugin and is used to characterize a difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites, so that the second configuration information of each website may represent a difference between websites during authentication, for example, a website a and a website B may respectively define the second configuration parameter input by the user for the website a and the website B, and the second configuration parameter may represent a difference between websites a and B during authentication. The authentication information corresponding to the target website is the route which comprises at least one target plug-in unit needing to be configured in the target website, and the authentication information for authenticating the corresponding route is pre-configured in the target plug-in unit; the authentication information corresponding to other websites is a route which comprises at least one plugin needing to be configured in other websites, and the plugin is pre-configured with the authentication information for authenticating the corresponding route.
As an optional implementation manner, in step S106, after authenticating the configured target route according to the authentication information included in the target plugin, the method further includes: and forwarding the interface information of the authenticated target route through the gateway of the target website according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
In this embodiment, forwarding of interface information of the route may be implemented by means of a gateway. The embodiment may configure a forwarding rule on the gateway, where the forwarding rule is used to indicate a manner of forwarding interface information of the target route, and may include route configuration information of the target route, a forwarding path, and the like, and the gateway may forward the interface information of the target route beginning with the route configuration information from the target website to a website of a corresponding target website according to the forwarding path, where the route configuration information may be "/api/google/. and the forwarding path may be" http:// www.test.com ", that is, the gateway forwards the interface information beginning with"/api/google/"from the target website to an address of the target website of" http:// www.test.com ".
In this embodiment, if the target router is successfully configured with the target plugin, the target router may be processed in the target plugin before forwarding the interface information of the authenticated target router according to the target forwarding rule, so as to authenticate the target router, and then the interface information of the authenticated target router is forwarded according to the target forwarding rule, for example, before forwarding the interface information of the authenticated target router according to the target forwarding rule, the authentication information required in authentication is added in the target plugin to authenticate the target router.
For example, a user may input a website address of a website to be accessed on a client, or directly call out the website address of the website to be accessed from a favorite folder of the client, and display an access page corresponding to the website address on the client, at this time, the user may fill an account and a password on the access page, request at least one authentication system docked with the website to authenticate a route corresponding to the account and the password of the user in the website, if the route is configured with plug-ins corresponding to each authentication system (the plug-ins include authentication information configured by a gateway of the website), before the gateway forwards interface information of the route, the route may be processed according to the authentication information in the plug-ins, and then the gateway forwards the interface information of the authenticated route to another website according to a set forwarding rule, where the authentication information in the plug-ins may be an ID for checking the account of the user, and if the ID of the user account exists, determining that the user account is legal, and determining that the user account is invalid under the condition that the ID of the user account does not exist. Optionally, if the route is not configured with a plug-in, the gateway only needs to forward simple interface information of the route.
In this embodiment, each authentication system interfaces the website once, authenticates the route in the website through the corresponding plug-in, if the butted authentication system is modified later, only the plug-in needs to be modified, for example, the original authentication information of the authentication system is successful if the Cookie contains a certain value, the original authentication information is modified to be required to be inquired in a database to determine whether the current user exists, and the like, if the modification is carried out, only the authentication information in the plug-in needs to be modified, then the gateway issues the plug-in after modifying the authentication information, and the route updates the originally configured plug-in according to the issued plug-in after modifying the authentication information, so that the website does not need to modify any, thereby avoiding the need of docking the authentication system once only relying on the authentication system to authenticate the website, when the authentication system is modified, all websites interfaced with the authentication system must be modified.
Optionally, there may be a plurality of plug-ins configured to the route in this embodiment, and each plug-in may include different authentication information for authenticating the route. Alternatively, when the route is authenticated by a plurality of plugins, the priority order of the plurality of plugins can be set, so that the route is authenticated by each plugin in turn according to the priority order. The priority order may be flexibly set according to the importance, requirement, and the like of the target plugin authenticating the target route, for example, when one plugin authenticates the route successfully, another plugin is executed, or when one plugin fails to authenticate the route, another plugin is executed, which is not limited herein.
In the embodiment, the target route of the target website is authenticated in a plug-in mode, the authentication scheme is uniformly developed and maintained by the target plug-in, and then the gateway is used, so that the purpose that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, and any modification related to the authentication logic only needs to be done once, so that the target plug-in can be applied to each website, namely, the authentication logic is transferred to the target plug-in from the original authentication system to be realized, the problem that the website is authenticated only by relying on the authentication system, and the authentication system needs to be connected once is avoided, so that the workload is increased, the labor cost is wasted, the technical problem of the website authentication efficiency is solved, and the technical effect of improving the website authentication efficiency is achieved.
It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowcharts, in some cases, the steps illustrated or described may be performed in an order different than presented herein.
Example 2
The authentication method according to the embodiment of the present invention is illustrated below with reference to preferred embodiments.
In the related art, basically all websites require authentication, but a plurality of websites (products) in a set of product lines often have different functions and different parameters during authentication, but the authentication modes are completely consistent. For example, Token is first assigned to the login user, and then the interface is called to determine whether Token is valid and expired. However, the current practice is to dock one website with one authentication system, which increases the workload and wastes labor cost, and if the authentication system is changed, all websites must dock the authentication system again.
In order to solve the above problem, the following describes an authentication method of the website according to this embodiment.
Fig. 2 is a schematic diagram of a system for implementing authentication of a website according to an embodiment of the present invention. As shown in fig. 2, the system includes an authentication system 20, a set of product lines 21, a router 22, a gateway 23, and a web site 24 for a destination address. The product line 21 includes a website 211 (product), a website 212 (product), and the like, and the route 22 provided in the website 221 includes a route 221, a route 222, and the like.
In this embodiment, the gateway 23 implements forwarding of interface information of the route by means of the gateway 23, where the gateway 23 implements network interconnection on a transport layer, which is the most complex network interconnection device, and is only used for two network interconnections with different higher-layer protocols, and a forwarding rule may be configured on the gateway 23, for example, the route 221 is configured as "/API/google/. and a destination address of a forwarding path is configured as" http:// www.test.com ", that is, information of an API starting with"/API/google/"is forwarded to the website 24 with the destination address" http:// www.test.com ". The gateway 23 of this embodiment may support configuration of any route, in order to perform uniform processing on different routes before forwarding interface information, for example, an API request, a static resource request, a front-end URL request, and the like may be configured.
The embodiment also writes the authentication scheme as plug-in, wherein if no plug-in is configured for the route, only simple forwarding of interface information needs to be implemented, for example, no plug-in is configured for the route 222; if the plug-in is configured, before forwarding the interface information, processing in the plug-in is performed first, and then forwarding is performed, for example, the router 221 configures the plug-in 2211, and before forwarding the interface information, information that needs to be authenticated may be added to the plug-in 2211. The plug-in 2211 in this embodiment is a plug-in customized for the gateway 23, and the plug-in 2211 can be arbitrarily added to a route to be used, for example, the route 221 needs to be processed in the plug-in 2211, but the route 222 does not need, the route 221 only needs to configure the plug-in 2211, and the route 222 does not need to configure the plug-in 2211. All products needing to connect the authentication system 20 can be externally hung with a plug-in for authentication.
The authentication system 20 connects the website 211 once, authenticates the route 221 through the plug-in 2211, optionally, if the connected authentication system 20 is modified later, only the plug-in 2211 needs to be modified, for example, if the authentication process of the original authentication system 20 is successful if the Cookie contains a certain value, the authentication process is modified to the state that whether the current user exists in the database or not is inquired, and if the modification occurs, only the authentication logic in the plug-in 2211 needs to be modified, and the website 211 connected with the authentication system does not need to be modified.
It should be noted that the website 211 of this embodiment may interface with multiple authentication systems 20 at a time, each authentication system 20 may authenticate the route 221 in the website 211 through the corresponding plug-in 2211, so that multiple plug-ins 2211 corresponding to multiple authentication systems 20 are required to authenticate the route 221, and the priority order of the multiple plug-ins 2211 may be set, so that the route 221 is authenticated sequentially through each plug-in 2211 according to the priority order. The priority order may be flexibly set according to the importance, requirement, and the like of the plug-in 2211 for authenticating the route 221.
The plug-in 2211 of this embodiment may be externally hung on any route that needs to be authenticated, and the gateway 23 may set configuration parameters meeting the requirements of the plug-in 2211, where the configuration parameters represent differences in authentication of each product (website) in a set of product lines 21, for example, if the plug-in 2211 may have different authentication logics for the website 211 and the website 212, the gateway 23 may define some configuration parameters into the plug-in to represent differences in authentication of the website 211 and the website 212.
It should be noted that the system for implementing authentication of a website shown in fig. 2 in this embodiment is only an example of the embodiment of the present invention, and does not represent that the system for implementing authentication of a website in the embodiment of the present invention is only the above-mentioned system, any method that can authenticate a target route of a target website by plug-in, the authentication scheme is uniformly developed and maintained by the target plug-in, and then the gateway is used, any modification related to the authentication logic is only needed to be done once, and a method that can be applied to each website is within the scope of this embodiment, for example, each route may be configured with a plurality of plug-in plugs, the plurality of plug-in plugs have priorities when implementing authentication of the route, each website may also be connected to a plurality of authentication systems, and the like, and there is no longer any one by.
According to the authentication method of the website, the authentication scheme can be uniformly developed and maintained in a unified way by means of plug-in and the use of the gateway, and all work is only done once, namely, the purpose that products with the same authentication scheme only need to be developed once is achieved, so that labor waste is greatly reduced. The authentication scheme of the embodiment is uniformly maintained, and any modification related to authentication is only needed to be done once, so that the method can be applied to each website, the maintenance cost is greatly reduced, the working efficiency is improved, the technical problem of low website authentication efficiency is solved, and the technical effect of improving the website authentication efficiency is achieved.
Example 3
The embodiment of the invention also provides an authentication device of the website. It should be noted that the authentication device of the website of this embodiment can be used to execute the authentication method of the website of this embodiment of the present invention.
Fig. 3 is a schematic diagram of an authentication apparatus of a website according to an embodiment of the invention. As shown in fig. 3, the authentication device 30 of the website may include: an acquisition unit 31, a configuration unit 32 and an authentication unit 33.
The obtaining unit 31 is configured to obtain a target plug-in, where the target plug-in includes authentication information for authenticating a target route of a target website.
A configuration unit 32, configured to configure the target plug-in to the target route.
And an authentication unit 33, configured to authenticate the configured target route according to the authentication information included in the target plugin.
Optionally, the apparatus further comprises: the modification unit is used for modifying the authentication information included by the target plug-in according to the second authentication logic if the authentication logic for authenticating the target route by the authentication system needs to be modified from the first authentication logic to the second authentication logic under the condition that the target website is connected with the authentication system; and the first authentication unit is used for authenticating the target route according to the modified authentication information included by the target plug-in.
Optionally, the authentication information is preset in the target plugin and is used for authenticating a plurality of routes, where the plurality of routes includes the target route.
Alternatively, the acquisition unit 31 includes: and the acquisition module is used for acquiring the target plug-in configured by the gateway of the target website.
Optionally, the obtaining module includes: the acquisition submodule is used for acquiring first configuration information for configuring a target route by a gateway of a target website; and the determining submodule is used for determining at least the first configuration information as authentication information to obtain the target plug-in.
Optionally, the device is further configured to respond to a target operation instruction input by a user to obtain second configuration information of the target website, where the second configuration information is used to represent a difference between authentication information corresponding to the target website and authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
Optionally, the apparatus further comprises: and the forwarding unit is used for forwarding the interface information of the authenticated target route through the gateway of the target website according to a target forwarding rule after authenticating the configured target route according to the authentication information included by the target plug-in, wherein the target forwarding rule is configured by the gateway of the target website.
In this embodiment, the obtaining unit 31 obtains the target plug-in, where the target plug-in includes authentication information for authenticating a target route of the target website; configuring the target plug-in to the target route through a configuration unit 32; and authenticating the configured target route through the authentication unit 33 according to the authentication information included by the target plug-in. That is, the invention authenticates the target route of the target website through the plug-in, the authentication scheme is uniformly developed and maintained by the target plug-in, and the goal that the website with the same authentication scheme only needs to develop the target plug-in once is achieved, thereby avoiding the problems that the work load is increased and the labor cost is wasted because the website is authenticated only by the authentication system and the authentication system needs to be docked once, further solving the technical problem of low website authentication efficiency and achieving the technical effect of improving the website authentication efficiency.
Example 4
In this embodiment, the authentication device of the website includes a processor and a memory, the acquiring unit 31, the configuring unit 32, and the authentication unit 33 are all stored in the memory as program units, and the processor executes the program units stored in the memory to implement corresponding functions.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be set to be one or more than one, and the technical effect of improving the website authentication efficiency is achieved by adjusting kernel parameters.
Example 5
An embodiment of the present invention provides a storage medium having a program stored thereon, where the program, when executed by a processor, implements an authentication method for a website.
Example 6
Fig. 4 is a schematic diagram of an electronic device according to an embodiment of the invention. As shown in fig. 4, the electronic device 40 includes at least one processor 401, and at least one memory 402 connected to the processor 401, a bus 403; the processor 401 and the memory 402 complete communication with each other through the bus 403; the processor 401 is used for calling the program instructions in the memory 402 to execute the above-mentioned authentication method of the website. The electronic device 40 herein may be a server, a PC, a PAD, a cell phone, etc.
Example 7
The present application further provides a computer program product adapted to perform a program for initializing the following method steps when executed on a data processing device: acquiring a target plug-in, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website; configuring a target plug-in to a target route; and authenticating the configured target route according to the authentication information included by the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: under the condition that the target website is connected with the authentication system, if the authentication logic for authenticating the target route by the authentication system needs to be modified into a second authentication logic from the first authentication logic, the authentication information included by the target plug-in is modified according to the second authentication logic; and authenticating the target route according to the modified authentication information included by the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: the authentication information is preset in the target plug-in and is used for authenticating a plurality of routes, and the plurality of routes comprise the target route.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: and acquiring a target plug-in configured by a gateway of the target website.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: acquiring first configuration information for configuring a target route by a gateway of a target website; and determining at least the first configuration information as authentication information to obtain the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites; determining at least the first configuration information as authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as authentication information to obtain the target plug-in.
When executed on a data processing device, is further adapted to perform a procedure for initializing the following method steps: after the target route is authenticated according to the target plug-in, the gateway of the target website forwards the interface information of the authenticated target route according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and they may alternatively be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, or fabricated separately as individual integrated circuit modules, or fabricated as a single integrated circuit module from multiple modules or steps. Thus, the present invention is not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. An authentication method for a website, comprising:
acquiring a target plug-in, wherein the target plug-in comprises authentication information used for authenticating a target route of a target website;
configuring the target plug-in to the target route;
and authenticating the configured target route according to the authentication information included by the target plug-in.
2. The method of claim 1, further comprising:
under the condition that the target website is connected with an authentication system, if the authentication logic of the authentication system for authenticating the target route needs to be modified into a second authentication logic from a first authentication logic, modifying the authentication information included by the target plug-in according to the second authentication logic;
and authenticating the target route according to the modified authentication information included by the target plug-in.
3. The method of claim 1, wherein the authentication information is preconfigured in the target plug-in and is used to authenticate a plurality of routes, the plurality of routes including the target route.
4. The method of claim 1, wherein obtaining the target plug-in comprises:
and acquiring the target plug-in configured by the gateway of the target website.
5. The method of claim 4, wherein obtaining the target plug-in configured by the gateway of the target website comprises:
acquiring first configuration information for configuring the target route by a gateway of the target website;
and at least determining the first configuration information as the authentication information to obtain the target plug-in.
6. The method of claim 5,
the method further comprises the following steps: responding to a target operation instruction input by a user to obtain second configuration information of the target website, wherein the second configuration information is used for representing the difference between the authentication information corresponding to the target website and the authentication information corresponding to other websites;
determining at least the first configuration information as the authentication information, and obtaining the target plug-in includes: and determining the first configuration information and the second configuration information as the authentication information to obtain the target plug-in.
7. The method of any of claims 1 to 6, wherein after authenticating the target route according to the target plug-in, the method further comprises:
and forwarding the authenticated interface information of the target route through the gateway of the target website according to a target forwarding rule, wherein the target forwarding rule is configured by the gateway of the target website.
8. An authentication apparatus for a website, comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a target plug-in, and the target plug-in comprises authentication information used for authenticating a target route of a target website;
a configuration unit, configured to configure the target plug-in to the target route;
and the authentication unit is used for authenticating the configured target route according to the authentication information included by the target plug-in.
9. A storage medium, comprising a stored program, wherein the program, when executed, controls an apparatus in which the storage medium is located to perform the method of any one of claims 1 to 7.
10. An electronic device comprising to a processor, and at least one memory, bus connected to the processor;
the processor and the memory complete mutual communication through the bus;
the processor is configured to invoke program instructions in the memory to perform the method of any of claims 1 to 7.
CN201911053027.6A 2019-10-31 2019-10-31 Website authentication method and device, storage medium and electronic equipment Active CN112751811B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911053027.6A CN112751811B (en) 2019-10-31 2019-10-31 Website authentication method and device, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911053027.6A CN112751811B (en) 2019-10-31 2019-10-31 Website authentication method and device, storage medium and electronic equipment

Publications (2)

Publication Number Publication Date
CN112751811A true CN112751811A (en) 2021-05-04
CN112751811B CN112751811B (en) 2023-04-18

Family

ID=75644626

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911053027.6A Active CN112751811B (en) 2019-10-31 2019-10-31 Website authentication method and device, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN112751811B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9294479B1 (en) * 2010-12-01 2016-03-22 Google Inc. Client-side authentication
CN107172057A (en) * 2017-06-01 2017-09-15 浙江数链科技有限公司 Authentication implementing method and device
CN110213290A (en) * 2019-06-14 2019-09-06 无锡华云数据技术服务有限公司 Data capture method, API gateway and storage medium
CN110225039A (en) * 2019-06-14 2019-09-10 无锡华云数据技术服务有限公司 Authority models acquisition, method for authenticating, gateway, server and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9294479B1 (en) * 2010-12-01 2016-03-22 Google Inc. Client-side authentication
CN107172057A (en) * 2017-06-01 2017-09-15 浙江数链科技有限公司 Authentication implementing method and device
CN110213290A (en) * 2019-06-14 2019-09-06 无锡华云数据技术服务有限公司 Data capture method, API gateway and storage medium
CN110225039A (en) * 2019-06-14 2019-09-10 无锡华云数据技术服务有限公司 Authority models acquisition, method for authenticating, gateway, server and storage medium

Also Published As

Publication number Publication date
CN112751811B (en) 2023-04-18

Similar Documents

Publication Publication Date Title
CN109218368B (en) Method, device, electronic equipment and readable medium for realizing Http reverse proxy
CN103916378B (en) System and method for automatically deploying application system in cloud resource pool
CN105979009A (en) Method for automatically balancing increased load of cloud application container
CN110191063A (en) Processing method, device, equipment and the storage medium of service request
CN109150904A (en) Interface service call method and terminal device
US20220131852A1 (en) Dynamically unifying disparate user interface applications in a cloud native environment
US20150379030A1 (en) Platform integrating method and system for adapting third-party web page in application
CN110958237A (en) Authority verification method and device
CN108958949B (en) Calling method and system of application program
US20150195128A1 (en) Apparatus and method for supporting configuration management of virtual machine, and apparatus and method for brokering cloud service using the configuration management supporting apparatus
CN109660504A (en) System and method for controlling the access to enterprise network
CN114189525B (en) Service request method and device and electronic equipment
CN114398176A (en) Service access method, device, electronic equipment and storage medium
CN111818158A (en) Gateway control method, device, electronic equipment and storage medium
CN104580211A (en) SOA architecture-based intrusive system
CN111447273B (en) Cloud processing system and data processing method based on cloud processing system
CN106161075A (en) Method for processing business, Apparatus and system
CN112751811B (en) Website authentication method and device, storage medium and electronic equipment
CN113992446B (en) Cross-domain browser user authentication method, system and computer storage medium
CN111506846B (en) Web page generation method and device, electronic equipment and storage medium
CN108228280A (en) The configuration method and device of browser parameters, storage medium, electronic equipment
CN116034361A (en) Cross-domain authorization processing method and cross-domain calling processing method
CN107508760B (en) Method for load distribution based on line source IP
CN111064675A (en) Access flow control method, device, network equipment and storage medium
CN114500089B (en) Authorization login method and system based on OAuth2.0 protocol and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant